PHP form validation tips: How to use the filter_input function to verify user input

PHP form validation skills: How to use the filter_input function to verify user input

Introduction:
When developing web applications, forms are an important tool for interacting with users. Correctly validating user input is one of the key steps to ensure data integrity and security. PHP provides the filter_input function, which can easily verify and filter user input. This article will introduce how to use the filter_input function to verify user input and provide relevant code examples.

1. Basic usage of filter_input function
The filter_input function is a very powerful function used to filter and verify user input. It accepts three parameters: input type (input source), input name and filter type. Here is a basic example:

$input = filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL);
if ($input) {
    echo '有效的邮箱地址。';
} else {
    echo '请输入一个有效的邮箱地址。';
}

In the above example, we used the filter_input function to validate the email field submitted by the user through the POST method. The FILTER_VALIDATE_EMAIL filter type is used to verify the validity of email addresses. If the email address is valid, output "valid email address", otherwise output "please enter a valid email address".

2. Commonly used filter types
The filter_input function supports multiple filter types for validating different types of user input. Here are a few commonly used filter types:

1. FILTER_VALIDATE_EMAIL: Verify the validity of an email address.

$email = filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL);
if (!$email) {
    echo '请输入一个有效的邮箱地址。';
}

2. FILTER_VALIDATE_INT: Verify the validity of the integer.

$age = filter_input(INPUT_POST, 'age', FILTER_VALIDATE_INT);
if (!$age) {
    echo '请输入一个有效的年龄。';
}

3. FILTER_VALIDATE_URL: Verify the validity of the URL.

$url = filter_input(INPUT_POST, 'url', FILTER_VALIDATE_URL);
if (!$url) {
    echo '请输入一个有效的URL地址。';
}

4. FILTER_SANITIZE_STRING: Remove tags and special characters from user input.

$name = filter_input(INPUT_POST, 'name', FILTER_SANITIZE_STRING);
if (!$name) {
    echo '请输入一个有效的姓名。';
}

3. Custom filter function
In addition to the built-in filter types, we can also customize filter functions to verify user input. The custom filter function should accept one parameter (the value to be verified) and return a verification result (true or false). The following is an example of a custom filter function:

function validate_username($username) {
    // 用户名必须以字母开头，只能包含字母、数字和下划线
    return preg_match('/^[a-zA-Z][a-zA-Z0-9_]*$/', $username);
}

$username = filter_input(INPUT_POST, 'username', FILTER_CALLBACK, array('options' => 'validate_username'));
if (!$username) {
    echo '请输入一个有效的用户名。';
}

In the above example, we define a validate_username function to verify the validity of the username. This function checks if the username starts with a letter and contains only letters, numbers, and underscores by using a regular expression. We then call that custom function using the FILTER_CALLBACK filter type and an array containing options to validate the user input.

Summary:
In this article, we introduced how to use PHP's filter_input function to validate user input. We learned the basic usage of the filter_input function and provided examples of commonly used filter types and custom filter functions. Properly validating user input is critical to ensuring data integrity and security. Hopefully these tips will help you validate user input effectively and improve the quality and user experience of your web applications.

Reference materials:

1. PHP filter_input function documentation: https://www.php.net/filter_input
2. PHP filter type documentation: https:// www.php.net/manual/en/filter.filters.php

The above is the detailed content of PHP form validation tips: How to use the filter_input function to verify user input. For more information, please follow other related articles on the PHP Chinese website!