filter_var
PHP Filter Function: filter_var
Support PHP version
- PHP 5 >= 5.2.0
- PHP 7
- PHP 8
Example
IP Address
https://electrictoolbox.com/php-validate-ip-address-filter-var/
Validating an IP address
$ip = "127.0.0.1";
if(filter_var($ip, FILTER_VALIDATE_IP)) {
// it's valid
}
else {
// it's not valid
}
Validate an IPv4 IP address
if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
// it's valid
}
else {
// it's not valid
}
Validate an IPv4 address, excluding private range addresses
if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_NO_PRIV_RANGE)) {
// it's valid
}
else {
// it's not valid
}
Validate an IPv6 address
$ip = "2001:200::";
if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
// it's valid
}
else {
// it's not valid
}
Excluding Reserved
if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE)) {
// it's valid
}
else {
// it's not valid
}
Excluding Reserved and Private Ranges
if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE)) {
// it's valid
}
else {
// it's not valid
}
Combining FILTER_FLAG_IPV4 and FILTER_FLAG_IPV6?
Combining FILTER_FLAG_IPV4 and FILTER_FLAG_IPV6 always return false. So DO NOT combine the IPv4 and IPv6 filter together.
Filter Cheetsheet
| ID |
Flags |
| FILTER_VALIDATE_BOOLEAN, FILTER_VALIDATE_BOOL |
FILTER_NULL_ON_FAILURE |
| FILTER_VALIDATE_DOMAIN |
FILTER_FLAG_HOSTNAME, FILTER_NULL_ON_FAILURE |
| FILTER_VALIDATE_EMAIL |
FILTER_FLAG_EMAIL_UNICODE, FILTER_NULL_ON_FAILURE |
| FILTER_VALIDATE_FLOAT |
FFILTER_FLAG_ALLOW_THOUSAND, FILTER_NULL_ON_FAILURE |
| FILTER_VALIDATE_INT |
FILTER_FLAG_ALLOW_OCTAL, FILTER_FLAG_ALLOW_HEX, FILTER_NULL_ON_FAILURE |
| FILTER_VALIDATE_IP |
FILTER_FLAG_IPV4, FILTER_FLAG_IPV6, FILTER_FLAG_NO_PRIV_RANGE, FILTER_FLAG_NO_RES_RANGE, FILTER_FLAG_GLOBAL_RANGE, FILTER_NULL_ON_FAILURE |
| FILTER_VALIDATE_MAC |
FILTER_NULL_ON_FAILURE |
| FILTER_VALIDATE_REGEXP |
FILTER_NULL_ON_FAILURE |
| FILTER_VALIDATE_URL |
FILTER_FLAG_SCHEME_REQUIRED, FILTER_FLAG_HOST_REQUIRED, FILTER_FLAG_PATH_REQUIRED, FILTER_FLAG_QUERY_REQUIRED, FILTER_NULL_ON_FAILURE |
| ID |
Flags |
| FILTER_SANITIZE_EMAIL |
|
| FILTER_SANITIZE_ENCODED |
FILTER_FLAG_STRIP_LOW, FILTER_FLAG_STRIP_HIGH, FILTER_FLAG_STRIP_BACKTICK, FILTER_FLAG_ENCODE_LOW, FILTER_FLAG_ENCODE_HIGH |
| FILTER_SANITIZE_MAGIC_QUOTES |
|
| FILTER_SANITIZE_ADD_SLASHES |
|
| FILTER_SANITIZE_NUMBER_FLOAT |
FILTER_FLAG_ALLOW_FRACTION, FILTER_FLAG_ALLOW_THOUSAND, FILTER_FLAG_ALLOW_SCIENTIFIC |
| FILTER_SANITIZE_NUMBER_INT |
|
| FILTER_SANITIZE_SPECIAL_CHARS |
FILTER_FLAG_STRIP_LOW, FILTER_FLAG_STRIP_HIGH, FILTER_FLAG_STRIP_BACKTICK, FILTER_FLAG_ENCODE_HIGH |
| FILTER_SANITIZE_FULL_SPECIAL_CHARS |
FILTER_FLAG_NO_ENCODE_QUOTES |
| FILTER_SANITIZE_STRING |
FILTER_FLAG_NO_ENCODE_QUOTES, FILTER_FLAG_STRIP_LOW, FILTER_FLAG_STRIP_HIGH, FILTER_FLAG_STRIP_BACKTICK, FILTER_FLAG_ENCODE_LOW, FILTER_FLAG_ENCODE_HIGH, FILTER_FLAG_ENCODE_AMP |
| FILTER_SANITIZE_STRIPPED |
|
| FILTER_SANITIZE_URL |
|
| FILTER_UNSAFE_RAW |
FILTER_FLAG_STRIP_LOW, FILTER_FLAG_STRIP_HIGH, FILTER_FLAG_STRIP_BACKTICK, FILTER_FLAG_ENCODE_LOW, FILTER_FLAG_ENCODE_HIGH, FILTER_FLAG_ENCODE_AMP |
| ID |
Flags |
| FILTER_CALLBACK |
All flags are ignored |
| ID |
Used with |
| FILTER_FLAG_STRIP_LOW |
FILTER_SANITIZE_ENCODED, FILTER_SANITIZE_SPECIAL_CHARS, FILTER_SANITIZE_STRING, FILTER_UNSAFE_RAW |
| FILTER_FLAG_STRIP_HIGH |
FILTER_SANITIZE_ENCODED, FILTER_SANITIZE_SPECIAL_CHARS, FILTER_SANITIZE_STRING, FILTER_UNSAFE_RAW |
| FILTER_FLAG_STRIP_BACKTICK |
FILTER_SANITIZE_ENCODED, FILTER_SANITIZE_SPECIAL_CHARS, FILTER_SANITIZE_STRING, FILTER_UNSAFE_RAW |
| FILTER_FLAG_ALLOW_FRACTION |
FILTER_SANITIZE_NUMBER_FLOAT |
| FILTER_FLAG_ALLOW_THOUSAND |
FILTER_SANITIZE_NUMBER_FLOAT, FILTER_VALIDATE_FLOAT |
| FILTER_FLAG_ALLOW_SCIENTIFIC |
FILTER_SANITIZE_NUMBER_FLOAT |
| FILTER_FLAG_NO_ENCODE_QUOTES |
FILTER_SANITIZE_STRING |
| FILTER_FLAG_ENCODE_LOW |
FILTER_SANITIZE_ENCODED, FILTER_SANITIZE_STRING, FILTER_UNSAFE_RAW |
| FILTER_FLAG_ENCODE_HIGH |
FILTER_SANITIZE_ENCODED, FILTER_SANITIZE_SPECIAL_CHARS, FILTER_SANITIZE_STRING, FILTER_UNSAFE_RAW |
| FILTER_FLAG_ENCODE_AMP |
FILTER_SANITIZE_STRING, FILTER_UNSAFE_RAW |
| FILTER_NULL_ON_FAILURE |
any FILTER_VALIDATE_* |
| FILTER_FLAG_ALLOW_OCTAL |
FILTER_VALIDATE_INT |
| FILTER_FLAG_ALLOW_HEX |
FILTER_VALIDATE_INT |
| FILTER_FLAG_EMAIL_UNICODE |
FILTER_VALIDATE_EMAIL |
| FILTER_FLAG_IPV4 |
FILTER_VALIDATE_IP |
| FILTER_FLAG_IPV6 |
FILTER_VALIDATE_IP |
| FILTER_FLAG_NO_PRIV_RANGE |
FILTER_VALIDATE_IP |
| FILTER_FLAG_NO_RES_RANGE |
FILTER_VALIDATE_IP |
| FILTER_FLAG_GLOBAL_RANGE |
FILTER_VALIDATE_IP |
| FILTER_FLAG_SCHEME_REQUIRED |
FILTER_VALIDATE_URL |
| FILTER_FLAG_HOST_REQUIRED |
FILTER_VALIDATE_URL |
| FILTER_FLAG_PATH_REQUIRED |
FILTER_VALIDATE_URL |
| FILTER_FLAG_QUERY_REQUIRED |
FILTER_VALIDATE_URL |
| FILTER_REQUIRE_SCALAR |
|
| FILTER_REQUIRE_ARRAY |
|
| FILTER_FORCE_ARRAY |
|
Example
Filter email
$email = 'kj@example.com';
// kj@example.com
var_dump(filter_var($email, FILTER_VALIDATE_EMAIL));
$email = 'kj';
// false
var_dump(filter_var($email, FILTER_VALIDATE_EMAIL));
Get just number from the given string
$a = '!a-b.c3@j+dk9.0$3e8`~]\]2';
$number = str_replace(['+', '-'], '', filter_var($a, FILTER_SANITIZE_NUMBER_INT));
// Output is 390382
Reference
Example