INDIRA GANDHI ENGINEERING COLLEGE SAGAR (M.P.)
PRESENTATION ON IDT
TOPIC
PHP FILTERS
GUIDED BY:
MRS. POONAM VINODE
MISS MANEESHA PALIWAL
SUBMITTED BY:
SUBMITTED TO:
MR. R.S.S. RAWAT
(Head of Department
Information Technology)
UNIVERSAL INFORMATICS
Universal Informatics is an ISO 9001:2008 Certified, process driven IT Services Company, offering a
wide range of end-to-end services in the IT. Our Services range from Designing, Development,
Training, and Customize Corporate Solutions.
Universal Informatics is a recognized leader in Training and Software Development industry. With a
vision of creating a competitive advantage with Software and becoming the most valued partner of
our clients, we deliver high quality Business Management Solutions.
Universal Informatics, Pioneer in IT Enabled Services provide a wide arena of services ranging from
Training, Testing, Development to Telecom Solutions . A trusted business partner and adviser to our
customers, Universal Informatics leverages a powerful blend of the best industry-proven practices
and leading standards, refined business acumen and deep market understanding, profound
technical skills and extensive hands-on experience to meet the toughest challenges that our clients
face, help them compete successfully in the dynamically changing IT marketplace and achieve the
maximum return on investment.
FILTERS
TABLE OF CONTENT
•
•
•
•
•
•
•
•
•
•
Brief intro
PHP Filter Extension
Why use filters?
Sanitize a string
Validate an integer
Validate an IP Address
Sanitize and validate an Email Address
Sanitize and validate a URL
Advance Filters
Array() Filters
A BRIEF INTRO OF FILTERS
• Filters are used for two purposes
• Validating data
• Sanitizing data
• Useful when data source contain foreign data
Validation = check if the data meets certain qualifications
Sanitization = Remove any illegal character from the data
PHP Filter Extension
• PHP filter extension has many functions
• It is designed to make
 Data validation easier
 Quicker
• PHP filter extension offers:
EXAMPLE<table>
<tr>
<td>Filter Name</td>
<td>Filter ID</td>
</tr>
<?php
foreach (filter_list() as $id =>$filter) {
echo '<tr><td>' . $filter . '</td><td>' .
filter_id($filter) . '</td></tr>';
}
?>
</table>
List of filters which we can access using
Filter_list() FUNCTION
WHY USE FILTERS?
Many web applications receive external input. External input/data
can be:
• User input from a form
• Cookies
• Web services data
• Server variables
• Database query results
WE SHOULD ALWAYS VALIDATE EXTERNAL DATA!
Invalid input data can break our web page
USING PHP FILTERS YOU
CAN BE SURE YOUR
APPLICATION GETS THE
CORRECT INPUT!
SANITIZE A STRING
VALIDATE DATA
FILTERS A SINGLE VARIABLE
PHP FILTER_VAR()
FUNCTION
SANITIZE DATA
TAKES TWO PIECE OF DATA
•The variable we want to check
•The type of check to use
EXAMPLE
<!DOCTYPE html>
<html>
<body>
<?php
$str = "<h1>Hello World!</h1>";
$newstr = filter_var($str, FILTER_SANITIZE_STRING);
echo $newstr;
?>
</body>
</html
THIS CODE WILL REMOVE ALL
THE HTML TAGS FROM A STRING
VALIDATE AN INTEGER
Parameter used
FILTER_VALIDATE_INT
EXAMPLE
<?php
$int = 100;
if (!filter_var($int, FILTER_VALIDATE_INT) === false) {
echo("Integer is valid");
} else {
echo("Integer is not valid");
}
?>
Function used – FILTER_VAR()
Validate an IP Address
Parameter used
FILTER_VALIDATE_IP
EXAMPLE
<?php
$ip = "127.0.0.1";
if (!filter_var($ip, FILTER_VALIDATE_IP) === false) {
echo("$ip is a valid IP address");
} else {
echo("$ip is not a valid IP address");
}
?>
Function used – FILTER_VAR()
Sanitize and Validate an Email Address
EXAMPLE
Parameter used
<?php
$email = "jatinmourya7@gmail.com";
// Remove all illegal characters from email
$email = filter_var($email, FILTER_SANITIZE_EMAIL);
// Validate e-mail
if (!filter_var($email, FILTER_VALIDATE_EMAIL) === false) {
echo("$email is a valid email address");
} else {
echo("$email is not a valid email address");
}
?>
FILTER_SANITIZE_EMAIL
FILTER_VALIDATE_EMAIL
Function used – FILTER_VAR()
Sanitize and Validate a URL
EXAMPLE
Parameter used
<?php
$url = "https://www.w3schools.com";
// Remove all illegal characters from a url
$url = filter_var($url, FILTER_SANITIZE_URL);
// Validate url
if (!filter_var($url, FILTER_VALIDATE_URL) === false) {
echo("$url is a valid URL");
} else {
echo("$url is not a valid URL");
}
?>
FILTER_SANITIZE_URL
FILTER_VALIDATE_URL
Function used – FILTER_VAR()
ADVANCE FILTERS
Validate an Integer Within a Range
EXAMPLE
Parameter used
<?php
$int = 122;
$min = 1;
$max = 200;
if (filter_var($int, FILTER_VALIDATE_INT, array("options" =>
array("min_range"=>$min, "max_range"=>$max))) === false) {
echo("Variable value is not within the legal range");
} else {
echo("Variable value is within the legal range");
}
?>
FILTER_VALIDATE_INT
Function used – FILTER_VAR()
Validate IPv6 Address
EXAMPLE
Parameter used
<?php
$ip = "2001:0db8:85a3:08d3:1319:8a2e:0370:7334";
if (!filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) ===
false) {
echo("$ip is a valid IPv6 address");
FILTER_FLAG_IPV6
} else {
echo("$ip is not a valid IPv6 address");
}
?>
FILTER_VALIDATE_IP
Function used – FILTER_VAR()
Validate URL - Must Contain QueryString
EXAMPLE
Parameter used
<?php
$url = "https://www.w3schools.com";
if (!filter_var($url, FILTER_VALIDATE_URL,
FILTER_FLAG_QUERY_REQUIRED) === false) {
echo("$url is a valid URL");
} else {
echo("$url is not a valid URL");
}
?>
FILTER_VALIDATE_URL
FILTER_FLAG_QUERY_REQUIRED
Function used – FILTER_VAR()
Remove Characters With ASCII Value > 127
Parameter used
EXAMPLE
<?php
$str = "<h1>Hello WorldÆØÅ!</h1>";
$newstr = filter_var($str, FILTER_SANITIZE_STRING,
FILTER_FLAG_STRIP_HIGH);
echo $newstr;
?>
FILTER_SANITIZE_STRING
FILTER_FLAG_STRIP_HIGH
Function used – FILTER_VAR()
Array_Filter() Function
Syntax:
array array_filter($array, $callback_function, $flag)
<?php
function Even($array)
{
if($array%2==0)
return TRUE;
$ARRAY (MANDATORY)
EXAMPLE
PARAMETER USED
else
return FAL;
}
$array = array(12, 0, 0, 18, 27, 0, 46);
print_r(array_filter($array, "Even"));
?>
$CALLBACK_FUNCTION
$FLAG
FILTER_CALLBACK Filter
• The FILTER_CALLBACK filter calls a user defined function to filter the value.
• This filter gives us full control over the data filtering
• The specified functions must be in an associative array with the name
"options”.
Name: "callback"
ID-number: 1024