From 7160bbaa9d7da3e34b2212b03c6f8193611ba70e Mon Sep 17 00:00:00 2001 From: Philip Olson Date: Thu, 12 Mar 2009 21:09:00 +0000 Subject: [PATCH] Moved filter information into filters.xml and: - Separated VALIDATE from SANITIZE (and MISC) - Sorted lists alphabetically (by constant name) - Removed constant intro, am rewriting a new one (will add soon to filters.xml) git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@277059 c90b9560-bf6c-de11-be94-00142212c4b1 --- reference/filter/book.xml | 232 +-------------------------- reference/filter/filters.xml | 297 +++++++++++++++++++++++++++++++++++ 2 files changed, 299 insertions(+), 230 deletions(-) create mode 100644 reference/filter/filters.xml diff --git a/reference/filter/book.xml b/reference/filter/book.xml index 11743ad226..a20c9265cf 100644 --- a/reference/filter/book.xml +++ b/reference/filter/book.xml @@ -1,5 +1,5 @@ - + @@ -12,238 +12,10 @@ This extension serves to validate and filter data coming from some insecure source, such as user input. - - The following filters currently exist; be sure to read the - Filter Constants section - for information that describes the behavior of each constant: - - Existing filters - - - - ID - Name - Options - Flags - Description - - - - - FILTER_VALIDATE_INT - "int" - - min_range, - max_range - - - FILTER_FLAG_ALLOW_OCTAL, - FILTER_FLAG_ALLOW_HEX - - Validates value as integer, optionally from the specified range. - - - FILTER_VALIDATE_BOOLEAN - "boolean" - - - FILTER_NULL_ON_FAILURE - - - - Returns &true; for "1", "true", "on" and "yes". - Returns &false; otherwise. - - - If FILTER_NULL_ON_FAILURE is set, &false; is - returned only for "0", "false", "off", "no", and "", and - &null; is returned for all non-boolean values. - - - - - FILTER_VALIDATE_FLOAT - "float" - - decimal - - - FILTER_FLAG_ALLOW_THOUSAND - - Validates value as float. - - - - FILTER_VALIDATE_REGEXP - "validate_regexp" - - regexp - - - - Validates value against regexp, a - Perl-compatible regular expression. - - - - FILTER_VALIDATE_URL - "validate_url" - - - FILTER_FLAG_PATH_REQUIRED, - FILTER_FLAG_QUERY_REQUIRED - - Validates value as URL, optionally with required components. - - - FILTER_VALIDATE_EMAIL - "validate_email" - - - Validates value as e-mail. - - - FILTER_VALIDATE_IP - "validate_ip" - - - FILTER_FLAG_IPV4, - FILTER_FLAG_IPV6, - FILTER_FLAG_NO_PRIV_RANGE, - FILTER_FLAG_NO_RES_RANGE - - - Validates value as IP address, optionally only IPv4 or IPv6 or not - from private or reserved ranges. - - - - - FILTER_SANITIZE_STRING - "string" - - - FILTER_FLAG_NO_ENCODE_QUOTES, - FILTER_FLAG_STRIP_LOW, - FILTER_FLAG_STRIP_HIGH, - FILTER_FLAG_ENCODE_LOW, - FILTER_FLAG_ENCODE_HIGH, - FILTER_FLAG_ENCODE_AMP - - Strip tags, optionally strip or encode special characters. - - - FILTER_SANITIZE_STRIPPED - "stripped" - - - Alias of "string" filter. - - - FILTER_SANITIZE_ENCODED - "encoded" - - - FILTER_FLAG_STRIP_LOW, - FILTER_FLAG_STRIP_HIGH, - FILTER_FLAG_ENCODE_LOW, - FILTER_FLAG_ENCODE_HIGH - - URL-encode string, optionally strip or encode special characters. - - - FILTER_SANITIZE_SPECIAL_CHARS - "special_chars" - - - FILTER_FLAG_STRIP_LOW, - FILTER_FLAG_STRIP_HIGH, - FILTER_FLAG_ENCODE_HIGH - - - HTML-escape '"<>& and characters with - ASCII value less than 32, optionally strip or encode other special - characters. - - - - FILTER_UNSAFE_RAW - "unsafe_raw" - - - FILTER_FLAG_STRIP_LOW, - FILTER_FLAG_STRIP_HIGH, - FILTER_FLAG_ENCODE_LOW, - FILTER_FLAG_ENCODE_HIGH, - FILTER_FLAG_ENCODE_AMP - - Do nothing, optionally strip or encode special characters. - - - FILTER_SANITIZE_EMAIL - "email" - - - - Remove all characters except letters, digits and - !#$%&'*+-/=?^_`{|}~@.[]. - - - - FILTER_SANITIZE_URL - "url" - - - - Remove all characters except letters, digits and - $-_.+!*'(),{}|\\^~[]`<>#%";/?:@&=. - - - - FILTER_SANITIZE_NUMBER_INT - "number_int" - - - - Remove all characters except digits, plus and minus sign. - - - - FILTER_SANITIZE_NUMBER_FLOAT - "number_float" - - - FILTER_FLAG_ALLOW_FRACTION, - FILTER_FLAG_ALLOW_THOUSAND, - FILTER_FLAG_ALLOW_SCIENTIFIC - - - Remove all characters except digits, +- and - optionally .,eE. - - - - FILTER_SANITIZE_MAGIC_QUOTES - "magic_quotes" - - - Apply addslashes. - - - - FILTER_CALLBACK - "callback" - callback function or method - - Call user-defined function to filter data. - - - -
- &reference.filter.setup; + &reference.filter.filters; &reference.filter.constants; &reference.filter.reference; diff --git a/reference/filter/filters.xml b/reference/filter/filters.xml new file mode 100644 index 0000000000..953635dadf --- /dev/null +++ b/reference/filter/filters.xml @@ -0,0 +1,297 @@ + + + + Types of filters + +
+ Validate filters + + + Listing of filters for validation + + + + ID + Name + Options + Flags + Description + + + + + FILTER_VALIDATE_BOOLEAN + "boolean" + + + FILTER_NULL_ON_FAILURE + + + + Returns &true; for "1", "true", "on" and "yes". + Returns &false; otherwise. + + + If FILTER_NULL_ON_FAILURE is set, &false; is + returned only for "0", "false", "off", "no", and "", and + &null; is returned for all non-boolean values. + + + + + FILTER_VALIDATE_EMAIL + "validate_email" + + + Validates value as e-mail. + + + FILTER_VALIDATE_FLOAT + "float" + + decimal + + + FILTER_FLAG_ALLOW_THOUSAND + + Validates value as float. + + + FILTER_VALIDATE_INT + "int" + + min_range, + max_range + + + FILTER_FLAG_ALLOW_OCTAL, + FILTER_FLAG_ALLOW_HEX + + Validates value as integer, optionally from the specified range. + + + FILTER_VALIDATE_IP + "validate_ip" + + + FILTER_FLAG_IPV4, + FILTER_FLAG_IPV6, + FILTER_FLAG_NO_PRIV_RANGE, + FILTER_FLAG_NO_RES_RANGE + + + Validates value as IP address, optionally only IPv4 or IPv6 or not + from private or reserved ranges. + + + + FILTER_VALIDATE_REGEXP + "validate_regexp" + + regexp + + + + Validates value against regexp, a + Perl-compatible regular expression. + + + + FILTER_VALIDATE_URL + "validate_url" + + + FILTER_FLAG_PATH_REQUIRED, + FILTER_FLAG_QUERY_REQUIRED + + Validates value as URL, optionally with required components. + + + +
+ +
+ +
+ Sanitize filters + + + List of filters for sanitization + + + + ID + Name + Options + Flags + Description + + + + + FILTER_SANITIZE_EMAIL + "email" + + + + Remove all characters except letters, digits and + !#$%&'*+-/=?^_`{|}~@.[]. + + + + FILTER_SANITIZE_ENCODED + "encoded" + + + FILTER_FLAG_STRIP_LOW, + FILTER_FLAG_STRIP_HIGH, + FILTER_FLAG_ENCODE_LOW, + FILTER_FLAG_ENCODE_HIGH + + URL-encode string, optionally strip or encode special characters. + + + FILTER_SANITIZE_MAGIC_QUOTES + "magic_quotes" + + + Apply addslashes. + + + FILTER_SANITIZE_NUMBER_FLOAT + "number_float" + + + FILTER_FLAG_ALLOW_FRACTION, + FILTER_FLAG_ALLOW_THOUSAND, + FILTER_FLAG_ALLOW_SCIENTIFIC + + + Remove all characters except digits, +- and + optionally .,eE. + + + + FILTER_SANITIZE_NUMBER_INT + "number_int" + + + + Remove all characters except digits, plus and minus sign. + + + + FILTER_SANITIZE_SPECIAL_CHARS + "special_chars" + + + FILTER_FLAG_STRIP_LOW, + FILTER_FLAG_STRIP_HIGH, + FILTER_FLAG_ENCODE_HIGH + + + HTML-escape '"<>& and characters with + ASCII value less than 32, optionally strip or encode other special + characters. + + + + FILTER_SANITIZE_STRING + "string" + + + FILTER_FLAG_NO_ENCODE_QUOTES, + FILTER_FLAG_STRIP_LOW, + FILTER_FLAG_STRIP_HIGH, + FILTER_FLAG_ENCODE_LOW, + FILTER_FLAG_ENCODE_HIGH, + FILTER_FLAG_ENCODE_AMP + + Strip tags, optionally strip or encode special characters. + + + FILTER_SANITIZE_STRIPPED + "stripped" + + + Alias of "string" filter. + + + FILTER_SANITIZE_URL + "url" + + + + Remove all characters except letters, digits and + $-_.+!*'(),{}|\\^~[]`<>#%";/?:@&=. + + + + FILTER_UNSAFE_RAW + "unsafe_raw" + + + FILTER_FLAG_STRIP_LOW, + FILTER_FLAG_STRIP_HIGH, + FILTER_FLAG_ENCODE_LOW, + FILTER_FLAG_ENCODE_HIGH, + FILTER_FLAG_ENCODE_AMP + + Do nothing, optionally strip or encode special characters. + + + +
+ +
+ +
+ Other filters + + + List of miscellaneous filters + + + + ID + Name + Options + Flags + Description + + + + + FILTER_CALLBACK + "callback" + callback function or method + + Call user-defined function to filter data. + + + +
+ +
+ + +