filter_var sanitation filters

Subject:

IDNameFlagsDescription

FILTER_SANITIZE_EMAIL"email" Remove all characters except letters, digits and !#$%&'*+-=?^_`{|}~@.[].

FILTER_SANITIZE_ENCODED"encoded"FILTER_FLAG_STRIP_LOW,FILTER_FLAG_STRIP_HIGH,FILTER_FLAG_ENCODE_LOW,FILTER_FLAG_ENCODE_HIGHURL-encode string, optionally strip or encode special characters.

FILTER_SANITIZE_MAGIC_QUOTES"magic_quotes" Apply addslashes().

FILTER_SANITIZE_NUMBER_FLOAT"number_float"FILTER_FLAG_ALLOW_FRACTION,FILTER_FLAG_ALLOW_THOUSAND,FILTER_FLAG_ALLOW_SCIENTIFICRemove all characters except digits, +- and optionally .,eE.

FILTER_SANITIZE_NUMBER_INT"number_int" Remove all characters except digits, plus and minus sign.

FILTER_SANITIZE_SPECIAL_CHARS"special_chars"FILTER_FLAG_STRIP_LOW,FILTER_FLAG_STRIP_HIGH,FILTER_FLAG_ENCODE_HIGHHTML-escape '"<>& and characters with ASCII value less than 32, optionally strip or encode other special characters.

FILTER_SANITIZE_FULL_SPECIAL_CHARS"full_special_chars"FILTER_FLAG_NO_ENCODE_QUOTES,Equivalent to callinghtmlspecialchars() withENT_QUOTES set. Encoding quotes can be disabled by settingFILTER_FLAG_NO_ENCODE_QUOTES. Like htmlspecialchars(), this filter is aware of thedefault_charset and if a sequence of bytes is detected that makes up an invalid character in the current character set then the entire string is rejected resulting in a 0-length string. When using this filter as a default filter, see the warning below about setting the default flags to 0.

FILTER_SANITIZE_STRING"string"FILTER_FLAG_NO_ENCODE_QUOTES,FILTER_FLAG_STRIP_LOW,FILTER_FLAG_STRIP_HIGH,FILTER_FLAG_ENCODE_LOW,FILTER_FLAG_ENCODE_HIGH,FILTER_FLAG_ENCODE_AMPStrip tags, optionally strip or encode special characters.

FILTER_SANITIZE_STRIPPED"stripped" Alias of "string" filter.

FILTER_SANITIZE_URL"url" Remove all characters except letters, digits and $-_.+!*'(),{}|\\^~[]`<>#%";/?:@&=.

FILTER_UNSAFE_RAW"unsafe_raw"FILTER_FLAG_STRIP_LOW,FILTER_FLAG_STRIP_HIGH,FILTER_FLAG_ENCODE_LOW,FILTER_FLAG_ENCODE_HIGH,FILTER_FLAG_ENCODE_AMPDo nothing, optionally strip or encode special characters. This filter is also aliased toFILTER_DEFAULT.

2015-09-23 13:44:35gstlouis