EDUCBA

EDUCBA

MENUMENU
  • Free Tutorials
  • Free Courses
  • Certification Courses
  • 600+ Courses All in One Bundle
  • Login

PHP Filters

Home » Software Development » Software Development Tutorials » PHP Tutorial » PHP Filters

PHP Filters

Introduction to PHP Filters

There are very few languages that have filter features. Filters are one of the value-added features of programming languages. This helps us to filter the data or the string before processing. This is the call of the time to use this to prevent some vulnerability issues in the system. PHP filters can be used for the purpose of validating or the sanitizing of the external inputs. Basically, the PHP filter is an extension that comes up with its various functions and the features we can use while coding. For example, we are taking client input from a form as email id, we should validate or sanitize before database related operation. We as a coder or the developer should use these filters in PHP as per our business needs and the requirements.

Syntax

Start Your Free Software Development Course

Web development, programming languages, Software testing & others

Sanitizing and the filters are the most common operations in the web application environment. Here is the basic syntax:

filter_var(variable, filter, options)

This function filter_var takes 3 parameters. The last 2 parameters, filter, and the options are optional. The first one is a variable or the identifiers itself. This is the one, we want to filter, the second is what we want to do (in this basically we pass the ID of the available options in PHP), and the last one is the filter related options. Let’s understand the same with a quiz example:

<?php
$int_val = 200;
if(filter_var($int_val, FILTER_VALIDATE_INT)){
echo "The <b>$int_val</b> is a valid one."; // valid
} else{
echo "The <b>$int_val</b> not a valid input as an integer"; // invalid
}
?>

In the above example, we are using a filter and check whether we have an integer value in variable $int_val or not. So, here is the output for the same.

Output:

1

Why we use Filter in PHP?

Many PHP web applications receive external input from the client-side. The idea behind using this is to clean the user input before processing, as we can’t expect from the user to put all the data correctly.  Any external user or system input or data can lead to a critical security issue.

We can filter here to sanitize the data entered from the various external sources like:

Popular Course in this category
PHP Training (5 Courses, 3 Project)5 Online Courses | 3 Hands-on Project | 28+ Hours | Verifiable Certificate of Completion | Lifetime Access
4.5 (5,731 ratings)
Course Price

View Course

Related Courses
Java Servlet Training (6 Courses, 12 Projects)All in One Software Development Bundle (600+ Courses, 50+ projects)
  • Direct client user input from the form
  • Data of Cookies
  • Data from the Web services
  • Data of the server variables
  • Database query results

PHP filters and the sanitizers together enable the ability we can get whether an input is valid or not. If not a valid input, in this case, we can sanitize that to make a valid one. In the coming example section, we will various examples related to this.

Example of Filter

There are various types of filters available in PHP. We can check that list using the filter_list() function. Basically, these filter functions can be used to filter the URL, String, number, IP address, etc.

Example #1

In this section, we will see the various filter example programs one by one.

Sanitize a String

To check whether a string is valid or not

<?php
$comment = "Hello word";
if(filter_var($comment, FILTER_SANITIZE_STRING)){
echo "The <b>$comment</b> is a valid one."; // valid
} else{
echo "The <b>$comment</b> not a valid input"; // invalid
}
?>

In the above example, we can see a valid string that’s why it gives the valid one.

Output:

php2

Get the sanitized string as an output

<?php
$comment = "<i>Hello word</i>";
echo "Before sanitizing: ". $comment;
$comment = filter_var($comment, FILTER_SANITIZE_STRING);
echo "<br>"; // for new line
echo "After sanitizing: ". $comment;
?>

We can see we have two different outputs. We can see the output before sanitizing and the after sanitizing is different. After sanitizing, HTML tags have been removed by the PHP filter function.

Output:

php3

Example #2

Validate an IP Address

PHP filter function can do this job for us. Let’s see the example.

<?php
$ip_address = "172.16.254.1:40";
if(filter_var($ip_address, FILTER_VALIDATE_IP)){
echo "The <b>$ip_address</b> is a valid one."; // valid
} else{
echo "The <b>$ip_address</b> is not a valid input"; // invalid
}
?>

Output:

php 4

Example #3

Sanitizing and validating an email address

<?php
$email_address = "someone@@testmail.com";
code>
echo "Before Sanitizing: " . $email_address ."<br>";
if(filter_var($email_address, FILTER_VALIDATE_EMAIL)){
echo "The <b>$email_address</b> is a valid one."; // valid
} else{
echo "The <b>$email_address</b> not a valid input"; // invalid
}
echo "<br>";
echo "After Sanitizing: " .  filter_var($email_address, FILTER_SANITIZE_EMAIL);
?>

In the above example, we have an invalid value for the email id as we are getting this output by using the filter function.  But the moment we sanitize it gives the correct email.

Output:

php 5

<?php
$email_address = "someone@testmail.com";
if(filter_var($email_address, FILTER_VALIDATE_EMAIL)){
echo "The <b>$email_address</b> is a valid one."; // valid
} else{
echo "The <b>$email_address</b> not a valid input"; // invalid
}
?>

In the above example PHP code, we are checking whether the email is valid or not.

Output:

php 6

Example #4

Sanitize and Validate URL

In this example, we will see whether an input URL is valid or not? If not a valid URL then it will sanitize that to make it correct.

<?php
$URL = "https://www.educba.com/��courses�";
echo "Before Sanitizing: " . $URL ."<br>";
if(filter_var($URL, FILTER_VALIDATE_URL)){
echo "The <b>$URL</b> is a valid one."; // valid
} else{
echo "The <b>$URL</b> is not a valid input"; // invalid
}
echo "<br>";
echo "After Sanitizing: " . filter_var($URL, FILTER_SANITIZE_URL);
?>

Output:

php7

Conclusion

We should use the PHP filter to validate or sanitize the user input. This way, we can restrict the vulnerable user input. We can use the various PHP filter function for validating the user inputs and the value. We can also go for sanitizing as well to clean the value (either the user input or the directly assigned). We should always use the PHP sanitizer before using any cookies data for the data processing.

Recommended Articles

This has been a guide to PHP Filters. Here we also discuss the syntax, why we use a filter in PHP and examples. You may also have a look at the following articles to learn more–

  1. PHP Frameworks
  2. PHP Encryption
  3. PHP Array Search
  4. PHP Split Array

PHP Training (5 Courses, 3 Project)

5 Online Courses

3 Hands-on Project

28+ Hours

Verifiable Certificate of Completion

Lifetime Access

Learn More

0 Shares
Share
Tweet
Share
Primary Sidebar
PHP Tutorial
  • Advanced
    • Overloading in PHP
    • Overriding in PHP
    • Method Overloading in PHP
    • Inheritance in PHP
    • Multiple Inheritance in PHP
    • PHP Interface
    • Encapsulation in PHP
    • PHP Constants
    • PHP Magic Constants
    • PHP Regular Expressions
    • PHP GET Method
    • PHP Annotations
    • PHP Encryption
    • PHP file Functions
    • PHP readfile
    • PHP?Write File
    • PHP Append File
    • PHP Type Hinting
    • PHP Filters
    • PHP Float
    • PHP Form
    • PHP Form Validation
    • Sorting in PHP
    • PHP usort()
    • PHP Stack Trace
    • PHP Stack Overflow
    • PHP Pagination
    • PHP implode
    • Polymorphism in PHP
    • Abstract Class in PHP
    • PHP Final Class
    • PHP Custom Exception
    • error_reporting() in PHP
    • PHP Log Errors
    • Access Modifiers in PHP
    • PHP Change Date Format
    • Static Method in PHP
    • PHP File Handling
    • PHP Output Buffering
    • Get IP Address in PHP
    • Upload a File in PHP
    • String in PHP
    • Public Function in PHP
    • Private in PHP
    • Protected in PHP
    • basename in PHP
    • Validation in PHP
    • PHP mail()
    • PHP Email Form
    • PHP Directory
    • PHP Create Session
    • PHP include_once
    • PHP json_decode
    • PHP XMLWriter
    • PHP XML Reader
    • PHP XML Parser
    • PHP XML into Array
    • Phalcon Framework
  • PHP Basic
    • Introduction To PHP
    • What is PHP
    • PHP Keywords
    • Advantages of PHP
    • Career In PHP
    • Comments in PHP
    • PHP Commands
    • PHP Frameworks
    • PHP Compiler
    • Variables in PHP
    • PHP Superglobal Variables
    • PHP Versions
    • Object in PHP
    • What is Drupal
    • Top PHP Frameworks
    • WebStorm IDE
    • What is phpMyAdmin?
    • PhpStorm
    • Install phpMyAdmin
    • Phalcon Model
  • Data Types
    • PHP Data Types
    • PHP Integer
    • PHP Booleans
  • Operators
    • PHP Operators
    • Arithmetic Operators in PHP
    • Comparison Operators in PHP
    • Logical Operators in PHP
    • Bitwise Operators in PHP
    • Ternary Operator in PHP
    • PHP String Operators
  • Control Statements
    • Control Statement in PHP
    • PHP if Statement
    • if else Statement in PHP
    • elseif in PHP
    • PHP Switch Statement
    • Continue in PHP
    • Break in PHP
  • Loops
    • PHP Loops
    • For Loop in PHP
    • PHP Do While Loop
    • PHP While Loop
    • While Loop in PHP
    • Foreach Loop in PHP
  • Constructor
    • Constructor in PHP
    • Destructor in PHP
  • State Management
    • Cookie in PHP
    • Sessions in PHP
  • Array
    • What is PHP Array
    • Arrays in PHP
    • 2D Arrays in PHP
    • Associative Array in PHP 
    • Multidimensional Array in PHP
    • Indexed Array in PHP
    • PHP Array Functions
    • PHP unset Array
    • PHP Append Array
    • PHP Array Search
    • PHP Split Array
    • PHP array_push()
    • PHP array_pop()
  • Functions
    • Functions in PHP
    • PHP Math Functions
    • PHP Recursive Function
    • PHP String Functions
    • Hashing Function in PHP
    • Date Function in PHP
    • PHP Anonymous Function
    • Calendar in PHP
    • PHP Call Function
    • PHP Pass by Reference
    • PHP ucfirst()
    • PHP ucwords()
    • trim() in PHP
    • isset() Function in PHP
    • PHP replace
    • PHP fpm
    • PHP strpos
    • preg_match in PHP
    • PHP preg_replace()
    • PHP ob_start()
    • PHP Reflection
    • PHP Split String
    • PHP URL
    • PHP preg_match_all
    • PHP strtoupper()
    • PHP preg_split()
    • PHP substr_replace()
    • PHP setlocale()
    • PHP substr_count()
    • PHP Serialize
    • PHP strlen()
    • PHP async
    • PHP Date Time Functions
    • PHP timezone
    • PHP Data Object
    • print_r() in PHP
    • PHP header()
    • PHP strip_tags()
    • PHP chop()
    • PHP MD5()
    • PHP unset()
    • PHP crypt()
    • PHP wordwrap()
    • PHP is_null()
    • PHP strtok()
    • PHP bin2hex()
    • PHP parse_str()
    • PHP levenshtein()
    • PHP addslashes()
    • PHP strtotime
    • PHP sha1()
    • PHP explode()
    • PHP sscanf()
    • PHP require_once
    • PHP Zip Files
    • PHP $_SERVER
    • PHP $_POST
    • PHP Include and Require
    • PHP POST Method
  • Programs
    • Patterns in PHP
    • Star Patterns in PHP
    • Swapping in PHP
    • Fibonacci Series PHP
    • Factorial in PHP
    • Reverse String in PHP
    • Square Root in PHP
    • Random Number Generator in PHP
    • Palindrome in PHP
    • Prime Numbers in PHP
    • Armstrong Number in PHP
    • Socket Programming in PHP
    • Login Page in PHP
    • PHP Login Template
    • PHP Object to String
  • Database
    • PHP Database Connection
    • How to Connect Database to PHP
  • Interview Questions
    • PHP Interview Questions
    • PHP OOP Interview Questions
    • CakePHP Interview Questions
    • Core PHP Interview Questions

Related Courses

PHP Training Course

Java Servlet Training

Software Development Course Training

Footer
About Us
  • Blog
  • Who is EDUCBA?
  • Sign Up
  • Corporate Training
  • Certificate from Top Institutions
  • Contact Us
  • Verifiable Certificate
  • Reviews
  • Terms and Conditions
  • Privacy Policy
  •  
Apps
  • iPhone & iPad
  • Android
Resources
  • Free Courses
  • Java Tutorials
  • Python Tutorials
  • All Tutorials
Certification Courses
  • All Courses
  • Software Development Course - All in One Bundle
  • Become a Python Developer
  • Java Course
  • Become a Selenium Automation Tester
  • Become an IoT Developer
  • ASP.NET Course
  • VB.NET Course
  • PHP Course

© 2020 - EDUCBA. ALL RIGHTS RESERVED. THE CERTIFICATION NAMES ARE THE TRADEMARKS OF THEIR RESPECTIVE OWNERS.

EDUCBA
Free Software Development Course

Web development, programming languages, Software testing & others

*Please provide your correct email id. Login details for this Free course will be emailed to you
Book Your One Instructor : One Learner Free Class

Let’s Get Started

This website or its third-party tools use cookies, which are necessary to its functioning and required to achieve the purposes illustrated in the cookie policy. By closing this banner, scrolling this page, clicking a link or continuing to browse otherwise, you agree to our Privacy Policy

EDUCBA

*Please provide your correct email id. Login details for this Free course will be emailed to you
EDUCBA Login

Forgot Password?

EDUCBA
Free Software Development Course

Web development, programming languages, Software testing & others

*Please provide your correct email id. Login details for this Free course will be emailed to you

Special Offer - PHP Training (5 Courses, 3 Project) Learn More