PHP Types of filters Sanitize filters

PHP Manual
Types of filters
Sanitize filters

Sanitize filters

**List of filters for sanitization**
ID	Name	Flags	Description
`FILTER_SANITIZE_EMAIL`	"email"		Remove all characters except letters, digits and !#$%&'+-=?^_`{\|}~@.[]*.
`FILTER_SANITIZE_ENCODED`	"encoded"	`FILTER_FLAG_STRIP_LOW`, `FILTER_FLAG_STRIP_HIGH`, `FILTER_FLAG_STRIP_BACKTICK`, `FILTER_FLAG_ENCODE_LOW`, `FILTER_FLAG_ENCODE_HIGH`	URL-encode string, optionally strip or encode special characters.
`FILTER_SANITIZE_MAGIC_QUOTES`	"magic_quotes"		Apply addslashes().
`FILTER_SANITIZE_NUMBER_FLOAT`	"number_float"	`FILTER_FLAG_ALLOW_FRACTION`, `FILTER_FLAG_ALLOW_THOUSAND`, `FILTER_FLAG_ALLOW_SCIENTIFIC`	Remove all characters except digits, +- and optionally .,eE.
`FILTER_SANITIZE_NUMBER_INT`	"number_int"		Remove all characters except digits, plus and minus sign.
`FILTER_SANITIZE_SPECIAL_CHARS`	"special_chars"	`FILTER_FLAG_STRIP_LOW`, `FILTER_FLAG_STRIP_HIGH`, `FILTER_FLAG_STRIP_BACKTICK`, `FILTER_FLAG_ENCODE_HIGH`	HTML-escape '"<>& and characters with ASCII value less than 32, optionally strip or encode other special characters.
`FILTER_SANITIZE_FULL_SPECIAL_CHARS`	"full_special_chars"	`FILTER_FLAG_NO_ENCODE_QUOTES`,	Equivalent to calling htmlspecialchars() with `ENT_QUOTES` set. Encoding quotes can be disabled by setting `FILTER_FLAG_NO_ENCODE_QUOTES`. Like htmlspecialchars(), this filter is aware of the default_charset and if a sequence of bytes is detected that makes up an invalid character in the current character set then the entire string is rejected resulting in a 0-length string. When using this filter as a default filter, see the warning below about setting the default flags to 0.
`FILTER_SANITIZE_STRING`	"string"	`FILTER_FLAG_NO_ENCODE_QUOTES`, `FILTER_FLAG_STRIP_LOW`, `FILTER_FLAG_STRIP_HIGH`, `FILTER_FLAG_STRIP_BACKTICK`, `FILTER_FLAG_ENCODE_LOW`, `FILTER_FLAG_ENCODE_HIGH`, `FILTER_FLAG_ENCODE_AMP`	Strip tags, optionally strip or encode special characters.
`FILTER_SANITIZE_STRIPPED`	"stripped"		Alias of "string" filter.
`FILTER_SANITIZE_URL`	"url"		Remove all characters except letters, digits and $-_.+!'(),{}\|\\^~[]`<>#%";/?:@&=*.
`FILTER_UNSAFE_RAW`	"unsafe_raw"	`FILTER_FLAG_STRIP_LOW`, `FILTER_FLAG_STRIP_HIGH`, `FILTER_FLAG_STRIP_BACKTICK`, `FILTER_FLAG_ENCODE_LOW`, `FILTER_FLAG_ENCODE_HIGH`, `FILTER_FLAG_ENCODE_AMP`	Do nothing, optionally strip or encode special characters. This filter is also aliased to `FILTER_DEFAULT`.

Warning

When using one of these filters as a default filter either through your ini file or through your web server's configuration, the default flags is set to FILTER_FLAG_NO_ENCODE_QUOTES. You need to explicitly set filter.default_flags to 0 to have quotes encoded by default. Like this:

Example #1 Configuring the default filter to act like htmlspecialchars

 filter.default = full_special_chars
filter.default_flags = 0

更新日志

版本	说明
5.2.11/5.3.1	Slashes (/) are removed by `FILTER_SANITIZE_EMAIL`. Prior they were retained.

php types mongodbref 类 php types mongoregex 类 php types mongotimestamp 类 php spl types the splfloat class php spl types the splint class php types of filters filter flags php types of filters other filters php filter types of filters php types of filters sanitize filters php types of filters validate filters php odbc 函数 retrieves information about data types supported by the data source php sqlite 函数 return an array of column types from a particular table php mongo types php 4d pdo sql types with pdo 4d and php php phar return array of supported signature types php 预定义常量 radius attribute types php 预定义常量 radius packet types php sphinxclient clear all filters php spl types 安装／配置 php svmmodel get the sigma value for regression types