Note: FILTER_NULL_ON_FAILURE, FILTER_REQUIRE_SCALAR, FILTER_REQUIRE_ARRAY and FILTER_FORCE_ARRAY dont have prefix "FILTER_FLAG_" but they are FLAGS!
The constants below are defined by this extension, and will only be available when the extension has either been compiled into PHP or dynamically loaded at runtime.
These constants are used by filter_input() and filter_input_array().
INPUT_POST
(int)
INPUT_GET
(int)
INPUT_ENV
(int)
INPUT_SERVER
(int)
INPUT_SESSION
(int)
INPUT_REQUEST
(int)
FILTER_FLAG_NONE
(int)
FILTER_REQUIRE_SCALAR
(int)
FILTER_REQUIRE_ARRAY
(int)
FILTER_FORCE_ARRAY
(int)
FILTER_NULL_ON_FAILURE
(int)
null
instead of false
on failure.
Usable with any validation
FILTER_VALIDATE_*
filter.
FILTER_FLAG_STRIP_LOW
(int)
FILTER_FLAG_STRIP_HIGH
(int)
FILTER_FLAG_STRIP_BACKTICK
(int)
`
) characters.
FILTER_FLAG_ENCODE_LOW
(int)
FILTER_FLAG_ENCODE_HIGH
(int)
FILTER_FLAG_ENCODE_AMP
(int)
&
.
FILTER_FLAG_NO_ENCODE_QUOTES
(int)
'
and "
)
will not be encoded.
FILTER_FLAG_EMPTY_STRING_NULL
(int)
null
FILTER_VALIDATE_BOOL
(int)
true
for "1"
,
"true"
,
"on"
,
and "yes"
.
Returns false
for "0"
,
"false"
,
"off"
,
"no"
, and
""
.
The return value for non-boolean values depends on the
FILTER_NULL_ON_FAILURE
.
If it is set, null
is returned, otherwise false
is returned.
default
FILTER_VALIDATE_BOOLEAN
(int)
FILTER_VALIDATE_BOOL
.
The alias was available prior to the introduction of its canonical
name in PHP 8.0.0.
FILTER_VALIDATE_INT
(int)
Note: String values are trimmed using trim() before validation.
default
min_range
max_range
FILTER_FLAG_ALLOW_OCTAL
(int)
0[0-7]+
).
FILTER_FLAG_ALLOW_HEX
(int)
0x[0-9a-fA-F]+
).
FILTER_VALIDATE_FLOAT
(int)
Note: String values are trimmed using trim() before validation.
default
decimal
min_range
max_range
FILTER_FLAG_ALLOW_THOUSAND
(int)
,
),
which usually represent the thousand separator.
FILTER_VALIDATE_REGEXP
(int)
regexp
option.
default
regexp
FILTER_VALIDATE_URL
(int)
default
FILTER_FLAG_SCHEME_REQUIRED
(int)
FILTER_FLAG_HOST_REQUIRED
(int)
FILTER_FLAG_PATH_REQUIRED
(int)
FILTER_FLAG_QUERY_REQUIRED
(int)
A valid URL may not specify the
HTTP protocol (http://
).
Therefore, further validation may be required to determine if the
URL uses an expected protocol,
e.g. ssh://
or mailto:
.
This filter only works on ASCII URLs. This means that Internationalized Domain Names (IDN) will always be rejected.
FILTER_VALIDATE_DOMAIN
(int)
default
FILTER_FLAG_HOSTNAME
(int)
FILTER_VALIDATE_EMAIL
(int)
addr-spec
syntax in
» RFC 822.
However, comments, whitespace folding, and dotless domain names
are not supported, and thus will be rejected.
default
FILTER_FLAG_EMAIL_UNICODE
(int)
Email validation is complex and the only true way to confirm an email is valid and exists is to send an email to the address.
FILTER_VALIDATE_IP
(int)
Validates value as IP address.
default
FILTER_FLAG_IPV4
(int)
FILTER_FLAG_IPV6
(int)
FILTER_FLAG_NO_RES_RANGE
(int)
Reserved-By-Protocol
in
» RFC 6890.
Which for IPv4 corresponds to the following ranges:
0.0.0.0/8
, 169.254.0.0/16
, 127.0.0.0/8
, 240.0.0.0/4
.
And for IPv6 corresponds to the following ranges:
::1/128
, ::/128
, ::FFFF:0:0/96
, FE80::/10
.
FILTER_FLAG_NO_PRIV_RANGE
(int)
These are IPv4 addresses which are in the following ranges:
10.0.0.0/8
, 172.16.0.0/12
, 192.168.0.0/16
.
FD
or FC
.
FILTER_FLAG_GLOBAL_RANGE
(int)
Global
attribute is True
.
Available as of PHP 8.2.0.
FILTER_VALIDATE_MAC
(int)
default
FILTER_UNSAFE_RAW
(int)
FILTER_DEFAULT
(int)
FILTER_UNSAFE_RAW
.
FILTER_SANITIZE_STRING
(int)
FILTER_SANITIZE_STRIPPED
(int)
FILTER_SANITIZE_STRING
.
(Deprecated as of PHP 8.1.0,
use htmlspecialchars() instead.)
FILTER_SANITIZE_ENCODED
(int)
FILTER_SANITIZE_SPECIAL_CHARS
(int)
FILTER_SANITIZE_FULL_SPECIAL_CHARS
(int)
FILTER_SANITIZE_EMAIL
(int)
[a-zA-Z]
),
digits ([0-9]
),
and the special characters
!#$%&'*+-=?^_`{|}~@.[]
.
FILTER_SANITIZE_URL
(int)
[a-zA-Z]
),
digits ([0-9]
),
and the special characters
$-_.+!*'(),{}|\\^~[]`<>#%";/?:@&=
.
FILTER_SANITIZE_NUMBER_INT
(int)
[0-9]
), plus sign (+
),
and minus sign (-
).
FILTER_SANITIZE_NUMBER_FLOAT
(int)
[0-9]
), plus sign (+
),
and minus sign (-
).
FILTER_FLAG_ALLOW_FRACTION
(int)
.
) character,
which usually represents the separator between the integer and
fractional parts.
FILTER_FLAG_ALLOW_THOUSAND
(int)
,
) character,
which usually represents the thousand separator.
FILTER_FLAG_ALLOW_SCIENTIFIC
(int)
e
and E
characters.
FILTER_SANITIZE_ADD_SLASHES
(int)
FILTER_SANITIZE_MAGIC_QUOTES
(int)
FILTER_SANITIZE_ADD_SLASHES
.
(DEPRECATED as of PHP 7.3.0 and
REMOVED as of PHP 8.0.0)
FILTER_CALLBACK
(int)
Note: FILTER_NULL_ON_FAILURE, FILTER_REQUIRE_SCALAR, FILTER_REQUIRE_ARRAY and FILTER_FORCE_ARRAY dont have prefix "FILTER_FLAG_" but they are FLAGS!