PHP 5 Filter Functions

This PHP filters is used to validate and filter data coming from insecure sources, like user input.As of PHP 5.2.0, the filter functions are enabled by default. There is no installation needed to use these functions.

Runtime Configurations

The behavior of these functions is affected by settings in php.ini : -

NameDescriptionDefaultChangeable
filter.defaultFilter all $_GET, $_POST, $_COOKIE, $_REQUEST and $_SERVER data by this filter. Accepts the name of the filter you like to use by default. See the filter list for the list of the filter names"unsafe_raw"PHP_INI_PERDIR
filter.default_flagsDefault flags to apply when the default filter is set. This is set to FILTER_FLAG_NO_ENCODE_QUOTES by default for backwards compatibility reasonsNULLPHP_INI_PERDIR

PHP 5 Filter Functions

FunctionDescription
filter_has_var()Checks if a variable of a specified input type exist
filter_id()Returns the filter ID of a specified filter name
filter_input()Gets an external variable (e.g. from form input) and optionally filters it
filter_input_array()Gets external variables (e.g. from form input) and optionally filters them
filter_list()Returns a list of all supported filters
filter_var_array()Gets multiple variables and filter them
filter_var()Filters a variable with a specified filter

PHP 5 Predefined Filter Constants

ConstantIDDescription
FILTER_VALIDATE_BOOLEAN258Validates a boolean
FILTER_VALIDATE_EMAIL274Validates an e-mail address
FILTER_VALIDATE_FLOAT259Validates a float
FILTER_VALIDATE_INT257Validates an integer
FILTER_VALIDATE_IP275Validates an IP address
FILTER_VALIDATE_REGEXP272Validates a regular expression
FILTER_VALIDATE_URL273Validates a URL
FILTER_SANITIZE_EMAIL517Removes all illegal characters from an e-mail address
FILTER_SANITIZE_ENCODED514Removes/Encodes special characters
FILTER_SANITIZE_MAGIC_QUOTES521Apply addslashes()
FILTER_SANITIZE_NUMBER_FLOAT520Remove all characters, except digits, +- and optionally .,eE
FILTER_SANITIZE_NUMBER_INT519Removes all characters except digits and + -
FILTER_SANITIZE_SPECIAL_CHARS515Removes special characters
FILTER_SANITIZE_FULL_SPECIAL_CHARS
FILTER_SANITIZE_STRING513Removes tags/special characters from a string
FILTER_SANITIZE_STRIPPED513Alias of FILTER_SANITIZE_STRING
FILTER_SANITIZE_URL518Removes all illegal character from s URL
FILTER_UNSAFE_RAW516Do nothing, optionally strip/encode special characters
FILTER_CALLBACK1024Call a user-defined function to filter data