Sanitize filters - PHP articles, tutorials and screencasts - PHP 5, MySQL, PostgreSQL, AJAX, Web 2.0

Follow phpriot on Twitter

Daniweb PHP Discussion Community

Daniweb PHP Discussion Community

Sponsored Link

Become Zend Certified

Prepare for the ZCE exam using our quizzes (web or iPad/iPhone). More info...

When you're ready get 7.5% off your exam voucher using voucher CJQNOV23 at the Zend Store

Reference Material

Latest Articles

Translating Text Using the Google Translate API and PHP, JSON and cURL
6 May 2011
Reducing a Map Path Using Douglas-Peucker Algorithm
27 April 2011
Shortening URLs for goo.gl with Google's URL Shortener API
12 January 2011
PHP A to ZCE: Functions
14 December 2010
PHP A to ZCE: Error Handling
24 November 2010

Home » Manuals » PHP Manual » Sanitize filters

Sanitize filters

**List of filters for sanitization**
ID	Name	Options	Flags	Description
`FILTER_SANITIZE_EMAIL`	"email"			Remove all characters except letters, digits and !#$%&'+-/=?^_`{\|}~@.[]*.
`FILTER_SANITIZE_ENCODED`	"encoded"		`FILTER_FLAG_STRIP_LOW`, `FILTER_FLAG_STRIP_HIGH`, `FILTER_FLAG_ENCODE_LOW`, `FILTER_FLAG_ENCODE_HIGH`	URL-encode string, optionally strip or encode special characters.
`FILTER_SANITIZE_MAGIC_QUOTES`	"magic_quotes"			Apply addslashes().
`FILTER_SANITIZE_NUMBER_FLOAT`	"number_float"		`FILTER_FLAG_ALLOW_FRACTION`, `FILTER_FLAG_ALLOW_THOUSAND`, `FILTER_FLAG_ALLOW_SCIENTIFIC`	Remove all characters except digits, +- and optionally .,eE.
`FILTER_SANITIZE_NUMBER_INT`	"number_int"			Remove all characters except digits, plus and minus sign.
`FILTER_SANITIZE_SPECIAL_CHARS`	"special_chars"		`FILTER_FLAG_STRIP_LOW`, `FILTER_FLAG_STRIP_HIGH`, `FILTER_FLAG_ENCODE_HIGH`	HTML-escape '"<>& and characters with ASCII value less than 32, optionally strip or encode other special characters.
`FILTER_SANITIZE_FULL_SPECIAL_CHARS`	"full_special_chars"		`FILTER_FLAG_NO_ENCODE_QUOTES`,	Equivalent to calling htmlspecialchars() with `ENT_QUOTES` set. Encoding quotes can be disabled by setting `FILTER_FLAG_NO_ENCODE_QUOTES`. Like htmlspecialchars(), this filter is aware of the default_charset and if a sequence of bytes is detected that makes up an invalid character in the current character set then the entire string is rejected resulting in a 0-length string.
`FILTER_SANITIZE_STRING`	"string"		`FILTER_FLAG_NO_ENCODE_QUOTES`, `FILTER_FLAG_STRIP_LOW`, `FILTER_FLAG_STRIP_HIGH`, `FILTER_FLAG_ENCODE_LOW`, `FILTER_FLAG_ENCODE_HIGH`, `FILTER_FLAG_ENCODE_AMP`	Strip tags, optionally strip or encode special characters.
`FILTER_SANITIZE_STRIPPED`	"stripped"			Alias of "string" filter.
`FILTER_SANITIZE_URL`	"url"			Remove all characters except letters, digits and $-_.+!'(),{}\|\\^~[]`<>#%";/?:@&=*.
`FILTER_UNSAFE_RAW`	"unsafe_raw"		`FILTER_FLAG_STRIP_LOW`, `FILTER_FLAG_STRIP_HIGH`, `FILTER_FLAG_ENCODE_LOW`, `FILTER_FLAG_ENCODE_HIGH`, `FILTER_FLAG_ENCODE_AMP`	Do nothing, optionally strip or encode special characters.

PHP Manual

Function Reference

Variable and Type Related Extensions

Types of filters: