Home Php PHP Filter
Questions:Ask|Latest


 
 

Share on Google+Share on Google+

PHP Filter

Advertisement
PHP filters are used to validate and filter data coming from insecure sources, like user input.

PHP Filter

     

PHP filters are used to validate and filter data coming from insecure sources, like user input.

PHP Filter is used to filter and validate any data coming from user side which could be insecure sources, this function of PHP makes validation, testing, and filtering easier which are the essential part of web application development.

We must filter all external data comes from user or any other resource like Web Service, cookies, database query results.

Example:

<?php

$var=12;

if(!filter_var($var,FILTER_VALIDATE_INT))

{

echo "Not an integer";

}

else

{

echo "An integer";

}

?>


Output:

An integer

Validating and Sanitizing
Validation is used to validate user inputs and it's specially used in strict format rules like URL and E-Mail validation, it returns true or false as result.

On the other hand sanitization is used for allowing or disallowing any particular word in a string, it returns a string as the result.

Example on Validation:

Validation.html

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">

<title>Insert title here</title>

</head>

<body>

<form name="temp" action="Validation.php" method="get">

Enter an Email address :<input type="text" name="mail"/><BR/>

<input type="submit" value="submit"/>

<input type="reset" value="Reset"/>

</form>

</body>

</html>

Validation.php

<?php

$mail= $_GET["mail"];

if(!filter_has_var(INPUT_GET,"mail"))

{

echo "Input type does not exists";

}

else

{

if(!filter_input(INPUT_GET,"mail",FILTER_VALIDATE_EMAIL ))

{

echo "Email address is not valid";

}

else

{

echo "Email address is valid";

}

}

?>

Output:

Email address is not valid

If we write the mail address as anonymous@any.com output would be as follows:

Email address is valid

Sanitization:

Similarly there is another type of filtering is offered by PHP, called sanitization. This technique is useful for sanitization of any input like if any user inserts any invalid character then it is able to remove all those characters.

Suppose any user type www.$B¿¬µ.com as the url, then output will be www.B$.com, sanitization allows us to use the special characters present on the keyboard.

Example:

Sanitisation.php

<?php

if(!filter_has_var(INPUT_GET,"url"))

{

echo "Input type does not exists";

}

else

{

$url=filter_input(INPUT_GET,"url",FILTER_SANITIZE_URL);

}

echo $url;

?>

Sanitisation.html

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">

<title>Insert title here</title>

</head>

<body>

<form name="temp" action="Sanitisation.php" method="get">

Enter a URL here :<input type="text" name="url"/><BR/>

<input type="submit" value="submit"/>

<input type="reset" value="Reset"/>

</form>

</body>

</html>

Advertisements

Liked it!  Share this Tutorial


Follow us on Twitter, or add us on Facebook or Google Plus to keep you updated with the recent trends of Java and other open source platforms.

Posted on: December 17, 2009

Ask Questions?    Discuss: PHP Filter  

Post your Comment


Your Name (*) :
Your Email :
Subject (*):
Your Comment (*):
  Reload Image
 
 
Comments
DMCA.com