Menu
Samaritan's Purse

FILTER_INPUT

Gets a specific external variable by name and optionally filters it

SYNTAX

filter_input ( int $type , string $variable_name [, int $filter = FILTER_DEFAULT [, mixed $options ]] ) : mixed

PARAMETERS

type

One of INPUT_GET, INPUT_POST, INPUT_COOKIE, INPUT_SERVER, or INPUT_ENV.

variable_name

Name of a variable to get.

filter

The ID of the filter to apply.

If omitted, FILTER_DEFAULT will be used, which is equivalent to FILTER_UNSAFE_RAW. This will result in no filtering taking place by default.

ID NAME OPTIONS FLAGS DESCRIPTION
FILTER_VALIDATE_BOOLEAN "boolean" default FILTER_NULL_ON_FAILURE Returns TRUE for "1", "true", "on" and "yes". Returns FALSE otherwise. If FILTER_NULL_ON_FAILURE is set, FALSE is returned only for "0", "false", "off", "no", and "", and NULL is returned for all non-boolean values.
FILTER_VALIDATE_DOMAIN "validate_domain" default FILTER_FLAG_HOSTNAME Validates whether the domain name label lengths are valid. Validates domain names against RFC 1034, RFC 1035, RFC 952, RFC 1123, RFC 2732, RFC 2181, and RFC 1123. Optional flag FILTER_FLAG_HOSTNAME adds ability to specifically validate hostnames (they must start with an alphanumeric character and contain only alphanumerics or hyphens).
FILTER_VALIDATE_EMAIL "validate_email" default FILTER_FLAG_EMAIL_UNICODE Validates whether the value is a valid e-mail address. In general, this validates e-mail addresses against the syntax in RFC 822, with the exceptions that comments and whitespace folding and dotless domain names are not supported.
FILTER_VALIDATE_FLOAT "float" default, decimal, min_range, max_range FILTER_FLAG_ALLOW_THOUSAND Validates value as float, optionally from the specified range, and converts to float on success.
FILTER_VALIDATE_INT "int" default, min_range, max_range FILTER_FLAG_ALLOW_OCTAL, FILTER_FLAG_ALLOW_HEX Validates value as integer, optionally from the specified range, and converts to int on success.
FILTER_VALIDATE_IP "validate_ip" default FILTER_FLAG_IPV4, FILTER_FLAG_IPV6, FILTER_FLAG_NO_PRIV_RANGE, FILTER_FLAG_NO_RES_RANGE Validates value as IP address, optionally only IPv4 or IPv6 or not from private or reserved ranges.
FILTER_VALIDATE_MAC "validate_mac_address" default Validates value as MAC address.
FILTER_VALIDATE_REGEXP "validate_regexp" default, regexp Validates value against regexp, a Perl-compatible regular expression.
FILTER_VALIDATE_URL "validate_url" default FILTER_FLAG_SCHEME_REQUIRED, FILTER_FLAG_HOST_REQUIRED, FILTER_FLAG_PATH_REQUIRED, FILTER_FLAG_QUERY_REQUIRED Validates value as URL (according to http://www.faqs.org/rfcs/rfc2396), optionally with required components. Beware a valid URL may not specify the HTTP protocol http:// so further validation may be required to determine the URL uses an expected protocol, e.g. ssh:// or mailto:. Note that the function will only find ASCII URLs to be valid; internationalized domain names (containing non-ASCII characters) will fail.
ID NAME FLAGS DESCRIPTION
FILTER_SANITIZE_EMAIL "email" Remove all characters except letters, digits and !#$%&'*+-=?^_`{|}~@.[].
FILTER_SANITIZE_ENCODED "encoded" FILTER_FLAG_STRIP_LOW, FILTER_FLAG_STRIP_HIGH, FILTER_FLAG_STRIP_BACKTICK, FILTER_FLAG_ENCODE_LOW, FILTER_FLAG_ENCODE_HIGH URL-encode string, optionally strip or encode special characters.
FILTER_SANITIZE_MAGIC_QUOTES "magic_quotes" Apply addslashes().
FILTER_SANITIZE_NUMBER_FLOAT "number_float" FILTER_FLAG_ALLOW_FRACTION, FILTER_FLAG_ALLOW_THOUSAND, FILTER_FLAG_ALLOW_SCIENTIFIC Remove all characters except digits, +- and optionally .,eE.
FILTER_SANITIZE_NUMBER_INT "number_int" Remove all characters except digits, plus and minus sign.
FILTER_SANITIZE_SPECIAL_CHARS "special_chars" FILTER_FLAG_STRIP_LOW, FILTER_FLAG_STRIP_HIGH, FILTER_FLAG_STRIP_BACKTICK, FILTER_FLAG_ENCODE_HIGH HTML-escape '"<>& and characters with ASCII value less than 32, optionally strip or encode other special characters.
FILTER_SANITIZE_FULL_SPECIAL_CHARS "full_special_chars" FILTER_FLAG_NO_ENCODE_QUOTES, Equivalent to calling htmlspecialchars() with ENT_QUOTES set. Encoding quotes can be disabled by setting FILTER_FLAG_NO_ENCODE_QUOTES. Like htmlspecialchars(), this filter is aware of the default_charset and if a sequence of bytes is detected that makes up an invalid character in the current character set then the entire string is rejected resulting in a 0-length string. When using this filter as a default filter, see the warning below about setting the default flags to 0.
FILTER_SANITIZE_STRING "string" FILTER_FLAG_NO_ENCODE_QUOTES, FILTER_FLAG_STRIP_LOW, FILTER_FLAG_STRIP_HIGH, FILTER_FLAG_STRIP_BACKTICK, FILTER_FLAG_ENCODE_LOW, FILTER_FLAG_ENCODE_HIGH, FILTER_FLAG_ENCODE_AMP Strip tags, optionally strip or encode special characters.
FILTER_SANITIZE_STRIPPED "stripped" Alias of "string" filter.
FILTER_SANITIZE_URL "url" Remove all characters except letters, digits and $-_.+!*'(),{}|\^~[]`<>#%";/?:@&=.
FILTER_UNSAFE_RAW "unsafe_raw" FILTER_FLAG_STRIP_LOW, FILTER_FLAG_STRIP_HIGH, FILTER_FLAG_STRIP_BACKTICK, FILTER_FLAG_ENCODE_LOW, FILTER_FLAG_ENCODE_HIGH, FILTER_FLAG_ENCODE_AMP Do nothing, optionally strip or encode special characters. This filter is also aliased to FILTER_DEFAULT.
ID NAME OPTIONS FLAGS DESCRIPTION
FILTER_CALLBACK "callback" callable function or method All flags are ignored Call user-defined function to filter data.
ID USED WITH DESCRIPTION
FILTER_FLAG_STRIP_LOW FILTER_SANITIZE_ENCODED, FILTER_SANITIZE_SPECIAL_CHARS, FILTER_SANITIZE_STRING, FILTER_UNSAFE_RAW Strips characters that have a numerical value <32.
FILTER_FLAG_STRIP_HIGH FILTER_SANITIZE_ENCODED, FILTER_SANITIZE_SPECIAL_CHARS, FILTER_SANITIZE_STRING, FILTER_UNSAFE_RAW Strips characters that have a numerical value >127.
FILTER_FLAG_STRIP_BACKTICK FILTER_SANITIZE_ENCODED, FILTER_SANITIZE_SPECIAL_CHARS, FILTER_SANITIZE_STRING, FILTER_UNSAFE_RAW Strips backtick characters.
FILTER_FLAG_ALLOW_FRACTION FILTER_SANITIZE_NUMBER_FLOAT Allows a period (.) as a fractional separator in numbers.
FILTER_FLAG_ALLOW_THOUSAND FILTER_SANITIZE_NUMBER_FLOAT, FILTER_VALIDATE_FLOAT Allows a comma (,) as a thousands separator in numbers.
FILTER_FLAG_ALLOW_SCIENTIFIC FILTER_SANITIZE_NUMBER_FLOAT Allows an e or E for scientific notation in numbers.
FILTER_FLAG_NO_ENCODE_QUOTES FILTER_SANITIZE_STRING If this flag is present, single (') and double (") quotes will not be encoded.
FILTER_FLAG_ENCODE_LOW FILTER_SANITIZE_ENCODED, FILTER_SANITIZE_STRING, FILTER_SANITIZE_RAW Encodes all characters with a numerical value <32.
FILTER_FLAG_ENCODE_HIGH FILTER_SANITIZE_ENCODED, FILTER_SANITIZE_SPECIAL_CHARS, FILTER_SANITIZE_STRING, FILTER_SANITIZE_RAW Encodes all characters with a numerical value >127.
FILTER_FLAG_ENCODE_AMP FILTER_SANITIZE_STRING, FILTER_SANITIZE_RAW Encodes ampersands (&).
FILTER_NULL_ON_FAILURE FILTER_VALIDATE_BOOLEAN Returns NULL for unrecognized boolean values.
FILTER_FLAG_ALLOW_OCTAL FILTER_VALIDATE_INT Regards inputs starting with a zero (0) as octal numbers. This only allows the succeeding digits to be 0-7.
FILTER_FLAG_ALLOW_HEX FILTER_VALIDATE_INT Regards inputs starting with 0x or 0X as hexadecimal numbers. This only allows succeeding characters to be a-fA-F0-9.
FILTER_FLAG_EMAIL_UNICODE FILTER_VALIDATE_EMAIL Allows the local part of the email address to contain Unicode characters.
FILTER_FLAG_IPV4 FILTER_VALIDATE_IP Allows the IP address to be in IPv4 format.
FILTER_FLAG_IPV6 FILTER_VALIDATE_IP Allows the IP address to be in IPv6 format.
FILTER_FLAG_NO_PRIV_RANGE FILTER_VALIDATE_IP Fails validation for the following private IPv4 ranges: 10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16. Fails validation for the IPv6 addresses starting with FD or FC.
FILTER_FLAG_NO_RES_RANGE FILTER_VALIDATE_IP Fails validation for the following reserved IPv4 ranges: 0.0.0.0/8, 169.254.0.0/16, 127.0.0.0/8 and 240.0.0.0/4. Fails validation for the following reserved IPv6 ranges: ::1/128, ::/128, ::ffff:0:0/96 and fe80::/10.
FILTER_FLAG_SCHEME_REQUIRED FILTER_VALIDATE_URL Requires the URL to contain a scheme part.
FILTER_FLAG_HOST_REQUIRED FILTER_VALIDATE_URL Requires the URL to contain a host part.
FILTER_FLAG_PATH_REQUIRED FILTER_VALIDATE_URL Requires the URL to contain a path part.
FILTER_FLAG_QUERY_REQUIRED FILTER_VALIDATE_URL Requires the URL to contain a query string.
FILTER_REQUIRE_SCALAR Requires the value to be scalar.
FILTER_REQUIRE_ARRAY Requires the value to be an array.
FILTER_FORCE_ARRAY If the value is a scalar, it is treated as array with the scalar value as only element.
options

Associative array of options or bitwise disjunction of flags. If filter accepts options, flags can be provided in "flags" field of array.

RETURN

Value of the requested variable on success, FALSE if the filter fails, or NULL if the variable_name variable is not set. If the flag FILTER_NULL_ON_FAILURE is used, it returns FALSE if the variable is not set and NULL if the filter fails.

EXAMPLES

TYPE | INPUT_GET

NULL

TYPE | INPUT_POST

NULL

TYPE | INPUT_COOKIE

NULL

TYPE | INPUT_SERVER

NULL

TYPE | INPUT_ENV

NULL

FILTER

NULL

OPTIONS

NULL

PHP