This extension serves for validating and filtering data coming usually from some insecure source such as user input.
| Warnung |
Diese Erweiterung ist EXPERIMENTELL. Das Verhalten dieser Erweiterung, einschließlich der Funktionsnamen, und alles Andere was hier dokumentiert ist, kann sich in zukünftigen PHP-Versionen ohne Ankündigung ändern. Seien Sie gewarnt und verwenden Sie diese Erweiterung auf eigenes Risiko. |
Following filters currently exist:
Tabelle 1. Existing filters
| ID | Name | Options | Flags | Description |
|---|---|---|---|---|
| FILTER_VALIDATE_INT | "int" | min_range, max_range | FILTER_FLAG_ALLOW_OCTAL, FILTER_FLAG_ALLOW_HEX | Validates value as integer, optionally from the specified range. |
| FILTER_VALIDATE_BOOLEAN | "boolean" | Returns TRUE for "1", "true", "on" and "yes", FALSE for "0", "false", "off", "no", and "", NULL otherwise. | ||
| FILTER_VALIDATE_FLOAT | "float" | Validates value as float. | ||
| FILTER_VALIDATE_REGEXP | "validate_regexp" | regexp | Validates value against regexp, a Perl-compatible regular expression. | |
| FILTER_VALIDATE_URL | "validate_url" | FILTER_FLAG_SCHEME_REQUIRED, FILTER_FLAG_HOST_REQUIRED, FILTER_FLAG_PATH_REQUIRED, FILTER_FLAG_QUERY_REQUIRED | Validates value as URL, optionally with required components. | |
| FILTER_VALIDATE_EMAIL | "validate_email" | Validates value as e-mail. | ||
| FILTER_VALIDATE_IP | "validate_ip" | FILTER_FLAG_IPV4, FILTER_FLAG_IPV6, FILTER_FLAG_NO_PRIV_RANGE, FILTER_FLAG_NO_RES_RANGE | Validates value as IP address, optionally only IPv4 or IPv6 or not from private or reserved ranges. | |
| FILTER_SANITIZE_STRING | "string" | FILTER_FLAG_NO_ENCODE_QUOTES, FILTER_FLAG_STRIP_LOW, FILTER_FLAG_STRIP_HIGH, FILTER_FLAG_ENCODE_LOW, FILTER_FLAG_ENCODE_HIGH, FILTER_FLAG_ENCODE_AMP | Strip tags, optionally strip or encode special characters. | |
| FILTER_SANITIZE_STRIPPED | "stripped" | Alias of "string" filter. | ||
| FILTER_SANITIZE_ENCODED | "encoded" | FILTER_FLAG_STRIP_LOW, FILTER_FLAG_STRIP_HIGH, FILTER_FLAG_ENCODE_LOW, FILTER_FLAG_ENCODE_HIGH | URL-encode string, optionally strip or encode special characters. | |
| FILTER_SANITIZE_SPECIAL_CHARS | "special_chars" | FILTER_FLAG_STRIP_LOW, FILTER_FLAG_STRIP_HIGH, FILTER_FLAG_ENCODE_HIGH | HTML-escape '"<>& and characters with ASCII value less than 32, optionally strip or encode other special characters. | |
| FILTER_UNSAFE_RAW | "unsafe_raw" | FILTER_FLAG_STRIP_LOW, FILTER_FLAG_STRIP_HIGH, FILTER_FLAG_ENCODE_LOW, FILTER_FLAG_ENCODE_HIGH, FILTER_FLAG_ENCODE_AMP | Do nothing, optionally strip or encode special characters. | |
| FILTER_SANITIZE_EMAIL | "email" | Remove all characters except letters, digits and !#$%&'*+-/=?^_`{|}~@.[]. | ||
| FILTER_SANITIZE_URL | "url" | Remove all characters except letters, digits and $-_.+!*'(),{}|\\^~[]`<>#%";/?:@&=. | ||
| FILTER_SANITIZE_NUMBER_INT | "number_int" | Remove all characters except digits and +-. | ||
| FILTER_SANITIZE_NUMBER_FLOAT | "number_float" | FILTER_FLAG_ALLOW_FRACTION, FILTER_FLAG_ALLOW_THOUSAND, FILTER_FLAG_ALLOW_SCIENTIFIC | Remove all characters except digits, +- and optionally .,eE. | |
| FILTER_SANITIZE_MAGIC_QUOTES | "magic_quotes" | Apply addslashes(). | ||
| FILTER_CALLBACK | "callback" | callback function or method | Call user-defined function to filter data. |
Diese Erweiterung benötigt keine externen Bibliotheken.
Das Verhalten dieser Funktionen wird durch Einstellungen in der php.ini beeinflusst.
Tabelle 2. Filter Configuration Options
| Name | Default | Changeable | Changelog |
|---|---|---|---|
| filter.default | unsafe_raw | PHP_INI_PERDIR | |
| filter.default_flags | PHP_INI_PERDIR |
Hier eine kurze Erklärung der Konfigurationsoptionen:
Filter all $_GET, $_POST, $_COOKIE and $_REQUEST data by this filter. Original data can be accessed through input_get().
Default flags for filter_data().
Diese Erweiterung definiert keine Resource-Typen.
Folgende Konstanten werden von dieser Erweiterung definiert und stehen nur zur Verfügung, wenn die Erweiterung entweder statisch in PHP kompiliert oder dynamisch zur Laufzeit geladen wurde.
POST variables.
GET variables.
COOKIE variables.
ENV variables.
SERVER variables.
SESSION variables.
User-defined set of variables.
No flags.
ID of "int" filter.
ID of "boolean" filter.
ID of "float" filter.
ID of "validate_regexp" filter.
ID of "validate_url" filter.
ID of "validate_email" filter.
ID of "validate_ip" filter.
ID of default ("string") filter.
ID of "unsafe_raw" filter.
ID of "string" filter.
ID of "stripped" filter.
ID of "encoded" filter.
ID of "special_chars" filter.
ID of "email" filter.
ID of "url" filter.
ID of "number_int" filter.
ID of "number_float" filter.
ID of "magic_quotes" filter.
ID of "callback" filter.
Allow scalar types (non-array) only in filter. Currently used by input_get_args().
Only allow array type in filter. Currently used by input_get_args().
Allow octal notation (0[0-7]+) in "int" filter.
Allow hex notation (0x[0-9a-fA-F]+) in "int" filter.
Strip characters with ASCII value less than 32.
Strip characters with ASCII value greater than 127.
Encode characters with ASCII value less than 32.
Encode characters with ASCII value greater than 127.
Encode &.
Don't encode ' and ".
(No use for now.)
Allow fractional part in "number_float" filter.
Allow thousand separator (,) in "number_float" filter.
Allow scientific notation (e, E) in "number_float" filter.
Require scheme in "validate_url" filter.
Require host in "validate_url" filter.
Require path in "validate_url" filter.
Require query in "validate_url" filter.
Allow only IPv4 address in "validate_ip" filter.
Allow only IPv6 address in "validate_ip" filter.
Deny reserved addresses in "validate_ip" filter.
Deny private addresses in "validate_ip" filter.
| Zurück | Zum Anfang | Weiter |
| unlink | Nach oben | filter_data |