PHP has several built-in filter_* functions that can assist with validating and sanitizing email addresses, URLs, strings, integers, float values, etc.

Please note that this these functions only validate the structure of email address or URL strings, they don’t check if the associated domains actually exist. To obtain a list of all available filters on your system, use the results from the filter_list() function:

<?php
 
  foreach (filter_list() as $filter)
  {
    echo $filter . "\n";
  }
 
?>

The code above will result in output similar to:

int
boolean
float
validate_regexp
validate_url
validate_email
validate_ip
string
stripped
encoded
special_chars
unsafe_raw
email
url
number_int
number_float
magic_quotes
callback

PHP’s filter_* functions provide three basic filtering methods:

Validate - Check that data is in the exact format that it should be (e.g. FILTER_VALIDATE_EMAIL).

Sanitize - Clean the data by removing, escaping or encoding invalid characters (e.g. FILTER_SANITIZE_EMAIL).

Flags - Set options for all or specific filters (e.g. FILTER_FLAG_ALLOW_HEX and / or min_range, max_range, etc).

Usage examples:

To validate an email address:

<?php
 
  $email_address = 'willem@geekology..co....za';
 
  (filter_var($email_address, FILTER_VALIDATE_EMAIL)) 
    ? $result = "Valid email address"
    : $result = "Invalid email address";
 
  echo $result;
 
?>

To sanitize an email address:

<?php
 
  $email_address = 'willem@geekology.co. za';
 
  echo filter_var($email_address, FILTER_SANITIZE_EMAIL);
 
?>

To validate a URL:

<?php
 
  $url = 'http://www.geekology..co....za';
 
  (filter_var($url, FILTER_VALIDATE_URL))
    ? $result = "Valid URL"
    : $result = "Invalid URL";
 
  echo $result;
 
?>

To sanitize a URL:

<?php
 
  $url = 'http://www.geekology.co. za';
 
  echo filter_var($url, FILTER_SANITIZE_URL);
 
?>

To sanitize a string:

<?php
 
  $string = "hfgsd" . chr(9) . chr(128) . "535";
 
  echo filter_var($string, FILTER_SANITIZE_STRING);
 
?>

To validate an integer within a specified range:

<?php
 
  $integer = 132;
 
  (filter_var($integer, FILTER_VALIDATE_INT, 
    array('options'=>
      array('min_range'=>1,
            'max_range'=>10)
      )
    ))
    ? $result = "Valid integer"
    : $result = "Invalid integer";
 
  echo $result;
 
?>

To validate an array of values:

<?php
 
  $values = array('name'=>'willem van zyl',
                  'age'=>25,
                  'email'=>'willem@geekology.co. za');
 
  $filters = array('name'=>array('filter'=>FILTER_CALLBACK,
                                 'options'=>'ucwords'),
                   'age'=>array('filter'=>FILTER_VALIDATE_INT,
                                'options'=>array('min_range'=>1, 'max_range'=>120)),
                   'email'=>FILTER_SANITIZE_EMAIL);
 
  print_r(filter_var_array($values, $filters));
 
?>

More information on PHP’s filter_* functions and their filters / flags can be found here.

Share this article: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Twitter
  • GatorPeeps
  • Digg
  • Reddit
  • muti.co.za
  • DZone
  • del.icio.us
  • StumbleUpon
  • Technorati
  • Ma.gnolia
  • Slashdot

Related posts:

  1. Editing, Validating and Querying XML with the XMLStarlet command line utility
  2. Sending emails with attachments using PHP’s mail() function
  3. A simpler way to send Text or HTML emails with attachments in PHP
  4. Using Regular Expressions - Part 2 of 3 - Regex in PHP
  5. Transfer your business emails to Google Apps with Google Email Uploader for Mac