Home arrow PHP arrow Page 2 - Sanitizing Strings with Filters in PHP 5

Review: the FILTER_VALIDATE_IP filter - PHP

Welcome to the eighth part of a nine-part series on using filters in PHP 5. In this part, I discuss how to use the filter extension for sanitizing strings in all sorts of clever manners. I'll show you how to encode quotes, low and high ASCII characters in literals, and remove them in the same easy manner. Doing this can help prevent SQL injections and XSS attacks when developing PHP applications.

TABLE OF CONTENTS:
  1. Sanitizing Strings with Filters in PHP 5
  2. Review: the FILTER_VALIDATE_IP filter
  3. Sanitizing strings with the filter library
  4. Sanitizing email addresses, integers and float numbers
By: Alejandro Gervasio
Rating: starstarstarstarstar / 2
September 02, 2009

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement

I know that you're curious about the functionality provided by the filter PHP 5 extension to sanitize strings. Before I proceed to discuss that particular topic, though, Iíd like to reintroduce the examples built in the previous article. They demonstrated how to work with the FILTER_VALIDATE_IP filter to validate several ranges and types of IP addresses.

Given that, hereís how these examples looked originally. Here they are:

(example on validating IP address using the FILTER_FLAG_IPV4 argument)

 

$ip = '192.168.37';

if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) === FALSE) // displays IP is not valid

{

echo 'IP is not valid.';

}

else

{

echo 'IP is valid.';

}

 

 

(example on validating IP address using the FILTER_FLAG_IPV6 argument)

 

$ip = '2001:0cb8:25a3:04c1:1324:8a2b:0471:8221';

if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === FALSE) // displays IP is valid

{

echo 'IP is not valid.';

}

else

{

echo 'IP is valid.';

}

 

 

(example on validating IP address using the FILTER_FLAG_NO_PRIV_RANGE argument)

 

$ip = '192.168.37.1';

if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE) === FALSE) // displays IP is not valid

{

echo 'IP is not valid.';

}

else

{

echo 'IP is valid.';

}

 

 

(example on validating IP address using the FILTER_FLAG_NO_RES_RANGE argument)

$ip = '255.255.255.255';

if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE) === FALSE) // displays IP is not valid

{

echo 'IP is not valid.';

}

else

{

echo 'IP is valid.';

}

As shown previously, the above group of code snippets represent different cases where the FILTER_VALIDATE_IP filter is utilized along with the ďfilter_var()Ē function to validate several IP addresses. More specifically speaking, the first two examples show how to work with the filter to check IP addresses that stick to the IPv4 and IPv6 protocols respectively, while the remaining ones demonstrate how simple it is to determine if a given IP belongs to a reserved and private range. That was quite easy to grasp, right?

Well, now that you hopefully recalled how to utilize the filter extension to validate distinct types of IP addresses, itís time to explore some additional filters. Thus, as I stated in the beginning of this article, in the next few lines Iím going to discuss the utilization of a brand new PHP constant called FILTER_SANITIZE_STRING. As its name implies, it comes in handy for sanitizing strings in all sorts of smart ways.

This topic will be treated in depth in the course of the section to come. So, to learn more on it, please click on the link that appears below and keep reading.



 
 
>>> More PHP Articles          >>> More By Alejandro Gervasio
 

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort
   

PHP ARTICLES

- Hackers Compromise PHP Sites to Launch Attac...
- Red Hat, Zend Form OpenShift PaaS Alliance
- PHP IDE News
- BCD, Zend Extend PHP Partnership
- PHP FAQ Highlight
- PHP Creator Didn't Set Out to Create a Langu...
- PHP Trends Revealed in Zend Study
- PHP: Best Methods for Running Scheduled Jobs
- PHP Array Functions: array_change_key_case
- PHP array_combine Function
- PHP array_chunk Function
- PHP Closures as View Helpers: Lazy-Loading F...
- Using PHP Closures as View Helpers
- PHP File and Operating System Program Execut...
- PHP: Effects of Wrapping Code in Class Const...

Developer Shed Affiliates

 


Dev Shed Tutorial Topics: