filter_var() - 使用特定的过滤器过滤一个变量 - php 过滤函数
filter_var()
(PHP 5 >= 5.2.0, PHP 7)
使用特定的过滤器过滤一个变量
说明
filter_var(mixed $variable[,int $filter= FILTER_DEFAULT[,mixed $options]]): mixed参数
$variable待过滤的变量。注意:标量的值在过滤前,会被转换成字符串。
$filterThe ID of the filter to apply.TheTypes of filtersmanual page lists the available filters.
If omitted,FILTER_DEFAULT
will be used, which is equivalent toFILTER_UNSAFE_RAW
. This will result in no filtering taking place by default.
一个选项的关联数组,或者按位区分的标示。如果过滤器接受选项,可以通过数组的"flags"位去提供这些标示。对于回调型的过滤器,应该传入callable。这个回调函数必须接受一个参数,即待过滤的值,并且返回一个在过滤/净化后的值。
返回值
Returns the filtered data,orFALSE
if the filter fails.
范例
一个filter_var()的例子
以上例程会输出:
string(15) "bob@example.com" bool(false)
参见
filter_var_array()
获取多个变量并且过滤它们filter_input()
通过名称获取特定的外部变量,并且可以通过过滤器处理它filter_input_array()
获取一系列外部变量,并且可以通过过滤器处理它们- Types of filters
- callback类型的信息
Pay attention that the function will not validate "not latin" domains. if (filter_var('уникум@из.рф', FILTER_VALIDATE_EMAIL)) { echo 'VALID'; } else { echo 'NOT VALID'; }
I found some addresses that FILTER_VALIDATE_EMAIL rejects, but RFC5321 permits:
Here is how to use multiple flags (for those who learn better by example, like me):
While getting familiar with filter_var( $var, FILTER_VALIDATE_INT ), I found interesting that 0 will be filtered out and therefore wont be considered as an int. Hope that helps someone not to be stuck ;) N.B.: if you need to accept 0's, you could use is_int()
It might be wise to trim or sanitize (FILTER_SANITIZE_EMAIL) your email variable before validating to remove spaces: filter_var(trim($email), FILTER_VALIDATE_EMAIL)
Here's a simple test using filter_var with FILTER_VALIDATE_URL. (If you're using file_get_contents after this you will run into a problem, I was using: PHP 5.5.12 (cli)) The result is: Valid URL string(14) "a://google.com"
Some boolean conversions:
I managed to get this to work with PHP 5.1.6 on CentOS 5 with minor difficulty. 1) Download the PECL filter package 2) Extract the tarball 3) phpize the directory 4) ./configure 5) make 6) filter-0.11.0/logical_filters.c:25:31: error: ext/pcre/php_pcre.h: No such file or directory 7) find / -name php_pcre.h 8) Make sure php-devel is installed 9) Edit filter-0.11.0/logical_filters.c and replace "ext/pcre/php_pcre.h" with the absolute path of php_pcre.h 10) make 11) make install 12) add "extension=filter.so" to php.ini 13) Restart Apache
"(comment)localpart@example.com" is an invalid E-Mail address per RFC5322 (Appendix A.6.3): "Also, the comments and white space throughout addresses, dates, and message identifiers are all part of the obsolete syntax."
One key thing to remember about filtering integers is that the value for the option max_range must be less than or equal to the value of PHP_INT_MAX. filter_var($someVariable, FILTER_VALIDATE_INT, array('options' => array('min_range' => 1, 'max_range' => SOME_VALUE_GREATER_THAN_PHP_INT_MAX))); This will fail even if $someVariable is a valid integer in the expected range. This can show up when you are attempting to validate a potential key for an unsigned MySQL INT type (whose maximum value is 4294967295) on a 32-bit system, where the value of PHP_INT_MAX is 2147483647.
FILTER_VALIDATE_URL validates a url like http://www.
Note that only using FILTER_VALIDATE_URL to validate url's input may result in XSS: $url = 'javascript://%0Aalert(document.cookie)'; if (filter_var($url, FILTER_VALIDATE_URL, FILTER_FLAG_SCHEME_REQUIRED)) { echo 'click'; } You should at least additionally check the actually used scheme.
Note: filter_var with filter=FILTER_VALIDATE_URL used parse_url function
FILTER_SANITIZE_EMAIL header injection test. ||%0A|%0D|bcc|to|cc|Content-Type|Mime-Type|
Many people, myself included, have found that the FILTER_VALIDATE_EMAIL does not actually properly work. Below is a wrapper that I believe validates every legal routable address.
鹏仔微信 15129739599 鹏仔QQ344225443 鹏仔前端 pjxi.com 共享博客 sharedbk.com
免责声明:我们致力于保护作者版权,注重分享,当前被刊用文章因无法核实真实出处,未能及时与作者取得联系,或有版权异议的,请联系管理员,我们会立即处理! 部分文章是来自自研大数据AI进行生成,内容摘自(百度百科,百度知道,头条百科,中国民法典,刑法,牛津词典,新华词典,汉语词典,国家院校,科普平台)等数据,内容仅供学习参考,不准确地方联系删除处理!邮箱:344225443@qq.com)
图片声明:本站部分配图来自网络。本站只作为美观性配图使用,无任何非法侵犯第三方意图,一切解释权归图片著作权方,本站不承担任何责任。如有恶意碰瓷者,必当奉陪到底严惩不贷!
内容声明:本文中引用的各种信息及资料(包括但不限于文字、数据、图表及超链接等)均来源于该信息及资料的相关主体(包括但不限于公司、媒体、协会等机构)的官方网站或公开发表的信息。部分内容参考包括:(百度百科,百度知道,头条百科,中国民法典,刑法,牛津词典,新华词典,汉语词典,国家院校,科普平台)等数据,内容仅供参考使用,不准确地方联系删除处理!本站为非盈利性质站点,本着为中国教育事业出一份力,发布内容不收取任何费用也不接任何广告!)