Validating IP Addresses with Filters in PHP 5

If you’re a PHP developer who wishes to learn how to take advantage of the solid functionality provided by the filter extension that comes with PHP 5, then look no further, because you’ve come to the right place. Welcome to the seventh part of a nine-part series that gets you started using the most useful validation filters included with this PHP library.

And now that you know what to expect from this group of articles, it’s time to review the concepts discussed in the last installment. In that article I explained how to use the filter extension for validating URLs in a truly painless fashion.

Indeed, the combination of the “filter_var()” function and the FILTER_VALIDATE_URL filter allowed us to easily determine if certain portions of a given URL, such as its host, paths and query strings, were valid. You can surely appreciate this functionality when developing modules, classes, plug-ins, etc. that must perform some kind of strong validation on incoming data.

The filter extension comes armed with another handy filter, though, that permits you to check some common things, such as the IP addresses of client machines. Thus, assuming that you’re interested in learning how to accomplish this task without suffering premature hair loss, in the next few lines I’m going to discuss in depth the use of the FILTER_VALIDATE_IP filter. As you’ll see in a moment, it is quite easy to master.

Now, let’s get rid of the preliminaries and start seeing how to get the most of this powerful PHP 5 filter. Let’s jump in!

{mospagebreak title=Review: the FILTER_VALIDATE_URL filter}

Before I proceed to explain how to take advantage of the functionality provided by the filter extension to validate IP addresses, I’d like to reintroduce the group of code samples developed in the preceding tutorial. They demonstrated how easy it is to check different sections of a URL using the FILTER_VALIDATE_URL filter and its set of additional arguments.

That being said, here’s how these examples looked originally. Pay close attention to them:

(example on validating URL’s using the FILTER_FLAG_SCHEME_REQUIRED argument)

$url = ‘index.php';

// validate URL

if(filter_var($url, FILTER_VALIDATE_URL, FILTER_FLAG_SCHEME_REQUIRED) === FALSE) // displays The URL provided is not valid.

{

echo ‘The URL provided is not valid.';

}

else

{

echo ‘The URL provided is valid.';

}

(example on validating URL’s using the FILTER_FLAG_ SCHEME_REQUIRED argument)

$url = ‘http://devshed';

// validate URL

if(filter_var($url, FILTER_VALIDATE_URL, FILTER_FLAG_SCHEME_REQUIRED) === FALSE) // displays The URL provided is valid.

{

echo ‘The URL provided is not valid.';

}

else

{

echo ‘The URL provided is valid.';

}

(example on validating URL’s using the FILTER_FLAG_HOST_REQUIRED argument)

$url = ‘http://devshed.com';

// validate URL

if(filter_var($url, FILTER_VALIDATE_URL, FILTER_FLAG_HOST_REQUIRED) === FALSE) // displays The URL provided is valid.

{

echo ‘The URL provided is not valid.';

}

else

{

echo ‘The URL provided is valid.';

}

// example on validating URL’s using the FILTER_FLAG_HOST_REQUIRED argument

$url = ‘http://';

// validate URL

if(filter_var($url, FILTER_VALIDATE_URL, FILTER_FLAG_HOST_REQUIRED) === FALSE) // displays The URL provided is not valid.

{

echo ‘The URL provided is not valid.';

}

else

{

echo ‘The URL provided is valid.';

}

(example on validating URL’s using the FILTER_FLAG_PATH_REQUIRED argument)

$url = ‘http://devshed.com/path/to/images/';

// validate URL

if(filter_var($url, FILTER_VALIDATE_URL, FILTER_FLAG_PATH_REQUIRED) === FALSE) // displays The URL provided is valid.

{

echo ‘The URL provided is not valid.';

}

else

{

echo ‘The URL provided is valid.';

}

 

 

(example on validating URL’s using the FILTER_FLAG_QUERY_REQUIRED argument)

$url = ‘http://devshed.com/?id=1′;

// validate URL

if(filter_var($url, FILTER_VALIDATE_URL, FILTER_FLAG_QUERY_REQUIRED) === FALSE) // displays The URL provided is valid.

{

echo ‘The URL provided is not valid.';

}

else

{

echo ‘The URL provided is valid.';

}

From the code samples shown above, it’s clear to see how easy it is to check if the different sections that compose a URL are valid, thanks to the assistance of the FILTER_VALIDATE_URL filter and its additional arguments. The first case shows how to check for the URL’s schema, while the second and the third ones validate the host and path portions. Finally, the last example checks to see if the given URL contains a query string. It’s all short and effective.

Well, now that you hopefully are pretty familiar with using the FILTER_VALIDATE_URL filter, it’s time to explore a few more validation capabilities offered by the filter extension. With that idea in mind, in the following section I’m going to explain how to use it for validating IP addresses. You’ll find this process very useful, trust me.

This topic will be discussed in detail in the next segment. Thus, to learn more about it, please click on the link below and keep reading.

{mospagebreak title=Introducing the FILTER_VALIDATE_IP filter}

In reality, checking for well-formatted IP addresses with the filter extension is a process reduced to using a brand new filter, not surprisingly called FILTER_VALIDATE_IP. As you’ll see in a moment, it allows you to not only determine if a specified IP address is valid, but permits you to perform this process utilizing both IPv4 and IPv6 protocols.

But first, let me show you how to do a basic validation on a badly-formatted IP address by means of the aforementioned filter. Take a look at the following example, please:

 

// example on validating IP address

$ip = ‘192.168.37’;

if(filter_var($ip, FILTER_VALIDATE_IP) === FALSE) // displays IP is valid.

{

echo ‘IP is not valid.';

}

else

{

echo ‘IP is valid.';

}

That was pretty simple to grasp, wasn’t it? As shown above, the “filter_var()” function has been used in conjunction with the FILTER_VALIDATE_IP filter to validate an incorrect IP address. The example itself is rather trivial, but it shows in a nutshell how to accomplish this task very quickly.

Moving forward, imagine for a moment that you need to determine if an IP address sticks to the IPv4 protocol. In that case, it’s time to use an additional argument called FILTER_FLAG_IPV4, which must be specified in the following way:

// example on validating IP address using the FILTER_FLAG_IPV4 argument

$ip = ‘192.168.37’;

if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) === FALSE) // displays IP is not valid

{

echo ‘IP is not valid.';

}

else

{

echo ‘IP is valid.';

}

 

Again, I decided to keep the above example very simple, so you can understand how the FILTER_FLAG_IPV4 option works. In this case, the supplied IP address has been incorrectly formatted on purpose, but you may want to create more complex scripts that check for IPv4-compliant IP addresses.

All in all, at this stage you hopefully grasped the logic that stands behind validating IPv4 addresses. However, as you know the Internet is running out of available IP addresses due to its tremendous growth.

Therefore, in the last section of this article I’m going to show how to use the FILTER_VALIDATE_IP filter for validating IPv6-compliant and private IP addresses. As usual, to see how this will be done, click on the link below and read the segment to come.

{mospagebreak title=Checking for IPv6-compliant addresses}

The last topic that I’m going to cover in this tutorial will consist of demonstrating how to utilize the FILTER_VALIDATE_IP filter that you learned in the previous section, but this time for validating IPv6 and private addresses. The following example shows how to perform this first task pretty clearly. Here it is:

// example on validating IP address using the FILTER_FLAG_IPV6 argument

$ip = ‘2001:0cb8:25a3:04c1:1324:8a2b:0471:8221′;

if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === FALSE) // displays IP is valid

{

echo ‘IP is not valid.';

}

else

{

echo ‘IP is valid.';

}

There you have it. By specifying the new FILTER_FLAG_IPV6 constant, it’s possible to determine if a given IP address fits the requirements of the IPv6 protocol. In addition, the FILTER_VALIDATE_IP filter allows you to validate private and reserved IP addresses as well, and the following code samples demonstrate how to do that. Look at them:

// example on validating IP address using the FILTER_FLAG_NO_PRIV_RANGE argument

$ip = ‘192.168.37.1’;

if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE) === FALSE) // displays IP is not valid

{

echo ‘IP is not valid.';

}

else

{

echo ‘IP is valid.';

}

// example on validating IP address using the FILTER_FLAG_NO_RES_RANGE argument

$ip = ‘255.255.255.255’;

if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE) === FALSE) // displays IP is not valid

{

echo ‘IP is not valid.';

}

else

{

echo ‘IP is valid.';

}

As you can see above, checking if an IP address belongs to a private or a reserved range is only a matter of using the FILTER_FLAG_NO_PRIV_RANGE and FILTER_FLAG_NO_RES_RANGE constants in the appropriate case. Of course,  taking advantage of the functionality of all of the arguments that you saw before, in conjunction with the “filter_var()” function, will let you build powerful functions and class methods that will perform thorough validation of IP addresses. I will definitely leave this project as homework for you.

Final thoughts

In this seventh episode of the series, you learned how to exploit the functionality offered by the filter extension that comes bundled with PHP 5 for validating both v4 and v6 IP addresses. This process is simple enough that you should not have any major problems incorporating this feature into your own PHP applications.

In the next article, things will get even more interesting, since I’m going to discuss how to use the filter extension to sanitize all sorts of strings. Do you want to see how this will be done? Then don’t miss the upcoming tutorial!

[gp-comments width="770" linklove="off" ]

chat sex hikayeleri Ensest hikaye