This extension serves to validate and filter data coming from some insecure source, such as user input.
The following filters currently exist; be sure to read the Filter Constants section for information that describes the behavior of each constant:
ID | Name | Options | Flags | Description |
---|---|---|---|---|
FILTER_VALIDATE_INT | "int" | min_range , max_range | FILTER_FLAG_ALLOW_OCTAL, FILTER_FLAG_ALLOW_HEX | Validates value as integer, optionally from the specified range. |
FILTER_VALIDATE_BOOLEAN | "boolean" | FILTER_NULL_ON_FAILURE |
Returns TRUE for "1", "true", "on" and "yes". Returns FALSE otherwise. If FILTER_NULL_ON_FAILURE is set, FALSE is returned only for "0", "false", "off", "no", and "", and NULL is returned for all non-boolean values. |
|
FILTER_VALIDATE_FLOAT | "float" | decimal | FILTER_FLAG_ALLOW_THOUSAND | Validates value as float. |
FILTER_VALIDATE_REGEXP | "validate_regexp" | regexp | Validates value against regexp , a Perl-compatible regular expression. | |
FILTER_VALIDATE_URL | "validate_url" | FILTER_FLAG_PATH_REQUIRED, FILTER_FLAG_QUERY_REQUIRED | Validates value as URL, optionally with required components. | |
FILTER_VALIDATE_EMAIL | "validate_email" | Validates value as e-mail. | ||
FILTER_VALIDATE_IP | "validate_ip" | FILTER_FLAG_IPV4, FILTER_FLAG_IPV6, FILTER_FLAG_NO_PRIV_RANGE, FILTER_FLAG_NO_RES_RANGE | Validates value as IP address, optionally only IPv4 or IPv6 or not from private or reserved ranges. | |
FILTER_SANITIZE_STRING | "string" | FILTER_FLAG_NO_ENCODE_QUOTES, FILTER_FLAG_STRIP_LOW, FILTER_FLAG_STRIP_HIGH, FILTER_FLAG_ENCODE_LOW, FILTER_FLAG_ENCODE_HIGH, FILTER_FLAG_ENCODE_AMP | Strip tags, optionally strip or encode special characters. | |
FILTER_SANITIZE_STRIPPED | "stripped" | Alias of "string" filter. | ||
FILTER_SANITIZE_ENCODED | "encoded" | FILTER_FLAG_STRIP_LOW, FILTER_FLAG_STRIP_HIGH, FILTER_FLAG_ENCODE_LOW, FILTER_FLAG_ENCODE_HIGH | URL-encode string, optionally strip or encode special characters. | |
FILTER_SANITIZE_SPECIAL_CHARS | "special_chars" | FILTER_FLAG_STRIP_LOW, FILTER_FLAG_STRIP_HIGH, FILTER_FLAG_ENCODE_HIGH | HTML-escape '"<>& and characters with ASCII value less than 32, optionally strip or encode other special characters. | |
FILTER_UNSAFE_RAW | "unsafe_raw" | FILTER_FLAG_STRIP_LOW, FILTER_FLAG_STRIP_HIGH, FILTER_FLAG_ENCODE_LOW, FILTER_FLAG_ENCODE_HIGH, FILTER_FLAG_ENCODE_AMP | Do nothing, optionally strip or encode special characters. | |
FILTER_SANITIZE_EMAIL | "email" | Remove all characters except letters, digits and !#$%&'*+-/=?^_`{|}~@.[]. | ||
FILTER_SANITIZE_URL | "url" | Remove all characters except letters, digits and $-_.+!*'(),{}|\\^~[]`<>#%";/?:@&=. | ||
FILTER_SANITIZE_NUMBER_INT | "number_int" | Remove all characters except digits, plus and minus sign. | ||
FILTER_SANITIZE_NUMBER_FLOAT | "number_float" | FILTER_FLAG_ALLOW_FRACTION, FILTER_FLAG_ALLOW_THOUSAND, FILTER_FLAG_ALLOW_SCIENTIFIC | Remove all characters except digits, +- and optionally .,eE. | |
FILTER_SANITIZE_MAGIC_QUOTES | "magic_quotes" | Apply addslashes(). | ||
FILTER_CALLBACK | "callback" | callback function or method | Call user-defined function to filter data. |
要编译本扩展模块无需外部库文件。
A short installation note: just type
$ pecl install filter
这些函数的行为受 php.ini 的影响。
Name | Default | Changeable | Changelog |
---|---|---|---|
filter.default | "unsafe_raw" | PHP_INI_PERDIR | PHP_INI_ALL in filter <= 0.9.4. Available since PHP 5.2.0. |
filter.default_flags | NULL | PHP_INI_PERDIR | PHP_INI_ALL in filter <= 0.9.4. Available since PHP 5.2.0. |
以下是配置选项的简要解释。
Filter all $_GET, $_POST, $_COOKIE and $_REQUEST data by this filter. Original data can be accessed through filter_input().
Accepts the name of the filter you like to use by default. See the existing filter list for the list of the filter names.
Default flags
本扩展模块未定义任何资源类型。
以下常量由本扩展模块定义,因此只有在本扩展模块被编译到 PHP 中,或者在运行时被动态加载后才有效。