Filter Functions

&reftitle.intro; This extension serves to validate and filter data coming from some insecure source, such as user input. The following filters currently exist; be sure to read the Filter Constants section for information that describes the behavior of each constant: Existing filters ID Name Options Flags Description FILTER_VALIDATE_INT "int" min_range, max_range FILTER_FLAG_ALLOW_OCTAL, FILTER_FLAG_ALLOW_HEX Validates value as integer, optionally from the specified range. FILTER_VALIDATE_BOOLEAN "boolean" FILTER_NULL_ON_FAILURE Returns &true; for "1", "true", "on" and "yes". Returns &false; otherwise. If FILTER_NULL_ON_FAILURE is set, &false; is returned only for "0", "false", "off", "no", and "", and &null; is returned for all non-boolean values. FILTER_VALIDATE_FLOAT "float" decimal FILTER_FLAG_ALLOW_THOUSAND Validates value as float. FILTER_VALIDATE_REGEXP "validate_regexp" regexp Validates value against regexp, a Perl-compatible regular expression. FILTER_VALIDATE_URL "validate_url" FILTER_FLAG_PATH_REQUIRED, FILTER_FLAG_QUERY_REQUIRED Validates value as URL, optionally with required components. FILTER_VALIDATE_EMAIL "validate_email" Validates value as e-mail. FILTER_VALIDATE_IP "validate_ip" FILTER_FLAG_IPV4, FILTER_FLAG_IPV6, FILTER_FLAG_NO_PRIV_RANGE, FILTER_FLAG_NO_RES_RANGE Validates value as IP address, optionally only IPv4 or IPv6 or not from private or reserved ranges. FILTER_SANITIZE_STRING "string" FILTER_FLAG_NO_ENCODE_QUOTES, FILTER_FLAG_STRIP_LOW, FILTER_FLAG_STRIP_HIGH, FILTER_FLAG_ENCODE_LOW, FILTER_FLAG_ENCODE_HIGH, FILTER_FLAG_ENCODE_AMP Strip tags, optionally strip or encode special characters. FILTER_SANITIZE_STRIPPED "stripped" Alias of "string" filter. FILTER_SANITIZE_ENCODED "encoded" FILTER_FLAG_STRIP_LOW, FILTER_FLAG_STRIP_HIGH, FILTER_FLAG_ENCODE_LOW, FILTER_FLAG_ENCODE_HIGH URL-encode string, optionally strip or encode special characters. FILTER_SANITIZE_SPECIAL_CHARS "special_chars" FILTER_FLAG_STRIP_LOW, FILTER_FLAG_STRIP_HIGH, FILTER_FLAG_ENCODE_HIGH HTML-escape '"<>& and characters with ASCII value less than 32, optionally strip or encode other special characters. FILTER_UNSAFE_RAW "unsafe_raw" FILTER_FLAG_STRIP_LOW, FILTER_FLAG_STRIP_HIGH, FILTER_FLAG_ENCODE_LOW, FILTER_FLAG_ENCODE_HIGH, FILTER_FLAG_ENCODE_AMP Do nothing, optionally strip or encode special characters. FILTER_SANITIZE_EMAIL "email" Remove all characters except letters, digits and !#$%&'*+-/=?^_`{|}~@.[]. FILTER_SANITIZE_URL "url" Remove all characters except letters, digits and $-_.+!*'(),{}|\\^~[]`<>#%";/?:@&=. FILTER_SANITIZE_NUMBER_INT "number_int" Remove all characters except digits, plus and minus sign. FILTER_SANITIZE_NUMBER_FLOAT "number_float" FILTER_FLAG_ALLOW_FRACTION, FILTER_FLAG_ALLOW_THOUSAND, FILTER_FLAG_ALLOW_SCIENTIFIC Remove all characters except digits, +- and optionally .,eE. FILTER_SANITIZE_MAGIC_QUOTES "magic_quotes" Apply addslashes. FILTER_CALLBACK "callback" callback function or method Call user-defined function to filter data.