This extension provides filters which can be used to validate or sanitize data. This is especially useful when the data source contains unknown (or foreign) data, like user supplied input. For example, this data may come from an HTML form.
There are two main types of filtering: validation and sanitization.
A validation filter is used to check if the data meets certain criteria.
These filters are identified by the
FILTER_VALIDATE_*
constants.
For example, the FILTER_VALIDATE_EMAIL filter
can be used to determine if the data is a valid email address.
However, it will never alter the input data.
Sanitization on the other hand will "clean up" the data,
therefore it may alter the input data by adding or removing characters.
These filters are identified by the
FILTER_SANITIZE_*
constants.
For example, the FILTER_SANITIZE_EMAIL filter will
remove characters that are inappropriate for an email address to contain.
However, the sanitized data is not validated to check if it is a valid
email address.
Most filters support optional flags that can tweak
the behavior of the filter.
These flags are identified by the
FILTER_FLAG_*
constants.
For example, using the FILTER_FLAG_PATH_REQUIRED with
the FILTER_VALIDATE_URL validation filter
requires that the URL has a path
(e.g. /foo in https://example.org/foo).