PHP Filters Advanced

Sanitizing and validating user input is one of the most common tasks in a web application. To make this task easier PHP provides native filter extension that you can use to sanitize or validate data such as e-mail addresses, URLs, IP addresses, etc.

This function takes three parameters out of which the last two are optional. The first parameter is the value to be filtered, the second parameter is the ID of the filter to apply, and the third parameter is the array of options related to filter. Let's see how it works.

Sanitize a String

Example -

<?php // Sample user comment $comment = "<h1>Hey there! How are you doing today?</h1>"; // Sanitize and print comment string $sanitizedComment = filter_var($comment, FILTER_SANITIZE_STRING); echo $sanitizedComment; ?>

Run Example

Validate Integer Values

The following example will validate whether the value is a valid integer or not.

Example -

<?php // Sample integer value $int = 20; // Validate sample integer value if(filter_var($int, FILTER_VALIDATE_INT)){ echo "The <b>$int</b> is a valid integer"; } else { echo "The <b>$int</b> is not a valid integer"; } ?>

Run Example

Validate IP Addresses

The following example will validate whether the value is a valid IP address or not.

Example -

<?php // Sample IP address $ip = "172.16.254.1"; // Validate sample IP address if(filter_var($ip, FILTER_VALIDATE_IP)){ echo "The <b>$ip</b> is a valid IP address"; } else { echo "The <b>$ip</b> is not a valid IP address"; } ?>

Run Example

Sanitize and Validate Email Addresses

The following example will show you how to sanitize and validate an e-mail address.

Example -

<?php // Sample email address $email = "someone@@example.com"; // Remove all illegal characters from email $email = filter_var($email, FILTER_SANITIZE_EMAIL); // Validate e-mail address if(filter_var($email, FILTER_VALIDATE_EMAIL)){ echo "The <b>$email</b> is a valid email address"; } else{ echo "The <b>$email</b> is not a valid email address"; } ?>

Run Example

Sanitize and Validate URLs

The following example will show you how to sanitize and validate a url.

Example -

<?php // Sample website url $url = "http:://www.example.com"; // Remove all illegal characters from url $url = filter_var($url, FILTER_SANITIZE_URL); // Validate website url if(filter_var($url, FILTER_VALIDATE_URL)){ echo "The <b>$url</b> is a valid website url"; } else{ echo "The <b>$url</b> is not a valid website url"; } ?>

Run Example

Validate Integers Within a Range

The following example will validate whether the supplied value is an integer or not, as well as whether it lies within the range of 0 to 100 or not.

Example -

<?php // Sample integer value $int = 75; // Validate sample integer value if(filter_var($int, FILTER_VALIDATE_INT, array("options" => array("min_range" => 0,"max_range" => 100)))){ echo "The <b>$int</b> is within the range of 0 to 100"; } else { echo "The <b>$int</b> is not within the range of 0 to 100"; } ?>

Run Example