php filter_input function_PHP tutorial

​

In PHP tutorial 5.2, the filter module is built-in for verification and filtering of variables.

For operations such as filtering variables, please refer to what I mentioned earlier. Here we look at how to directly filter user input.

The filter_input function corresponding to the filter module is very simple to use. For example, if we filter the get parameter named sample input by the user to be an integer, then we can write it like this

filter_input(input_get, "sample", filter_sanitize_number_int);
The parameters of filter_input are the user input type, the corresponding input name, and the filter (validation) constant. Currently filter_input supports the following types of user input

input_get // Corresponds to $_get
input_post // Corresponds to $_post
input_cookie // Corresponds to $_cookie
input_server // Corresponds to $_server
input_env // Corresponds to $_env
With the various built-in verification tags provided, similar "manual work" such as user input filtering can be solved.

Finally, I still need to mention the pitfalls of filter, both big and small

filter_var('abc', filter_validate_boolean); // bool(false)
filter_var('0', filter_validate_boolean); // bool(false)

The filter module is mentioned again on php arch. Indeed, this module can save us a lot of time. Let’s sort it out again.

If user-provided data such as $_get and $_post are used improperly, such as incomplete verification and filtering, it can easily cause security problems. Usually, we will write "a bunch of" regular rules to verify whether the data format is legal.