Filter and PHP 5.2

In response to a lot of griping from the PHP community about a lack of unified cleaning of user supplied data, 5.2 is introducing a new extension included by default, called filter. (It was available for 5.1 through PECL)
The available functions are now in the manual and there is a short tutorial on how to use filter in your code. There were quite a few arguments going on about the right api for the extension on the internals mailing list. We’ll see how the users like it.

One thing that may not seem obvious at first is that filter does two jobs depending on the type of filter you are using – it sanitizes (or literally filters) using any of the filter constants starting with FILTER_SANITIZE and validates using any of the filters that start with FILTER_VALIDATE – why they decided to combine the two is kind of fuzzy but don’t let it confuse you.

You need to understand the difference because validate filters will return false if the validation failed. The sanitize filters will always return a string.

Give it a try and see if you think it’s useful enough to become the standard for variable sanitizing and validating.

Posted in News
One comment on “Filter and PHP 5.2
  1. Shai-Tan says:

    A totally amazing tutorial for the filter extension has been done and can be found at http://phpro.org/tutorials/Filtering-Data-with-PHP.html

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>