Sanitize and Validations Functions

  • Sanitize and Validations Functions

Data validation is an integral part of working with forms. Not only can invalid submitted data lead to security problems, but it can also break your webpage.

Compares the data they want to validate against every possible combination they can think of.

 

filter_var In Action

filter_var will do, both, sanitize and validate data. What’s the difference between the two?

Sanitizing will remove any illegal character from the data.

Validating will determine if the data is in proper form.

 

How to use filter_var

Using filter_var is incredibly easy. It’s simply a PHP function that takes two pieces of data:

The variable you want to check

The type of check to use

$title = “<h1>Lets leran PHP Functions <br></h1>”;

$updated = filter_var($title, FILTER_SANITIZE_STRING);

echo “After SANITIZE data is “.$updated;

 

// ANOTHER example

echo “<br>”;

$ip = “127.0.0.1.33”;

$valid_ip = filter_var($ip, FILTER_VALIDATE_IP);

 

if($valid_ip)

echo “valid IP Address “;

else

echo “invalid IP Address “;

// to check url received in proper format ?

//$homepage = filter_var($_POST[‘homepage’], FILTER_SANITIZE_URL);

 

// to check email received in proper format

echo “<br>”;

$x=”info@websjyoti.om”;

$email = filter_var($x, FILTER_SANITIZE_EMAIL);

 

if (filter_var($email, FILTER_VALIDATE_EMAIL))

{

echo “email id is a valid .<br/><br/>”;

} else {

echo “$x is NOT a valid email address.<br/><br/>”;

}

 

// to test given value is integer

$val = 125;

// validate the integer

echo filter_var($val, FILTER_VALIDATE_INT);

// in case if you put string value then this will return nothing because value is false. bcx variable  has failed validation

Example form Validation

<?php

if (isset($_POST[’email’])) {

echo filter_var($_POST[’email’], FILTER_SANITIZE_EMAIL);

echo “<br/><br/>”;

}

 

if (isset($_POST[‘homepage’])) {

echo filter_var($_POST[‘homepage’], FILTER_SANITIZE_URL);

echo “<br/><br/>”;

}

?>

 

<form name=”form1″ method=”post” action=”form-sanitize.php”>

Email Address: <br/>

<input type=”text” name=”email” value=”<?php echo $_POST[’email’]; ?>” size=”50″/> <br/><br/>

Home Page: <br/>

<input type=”text” name=”homepage” value=”<?php echo $_POST[‘homepage’]; ?>” size=”50″ /> <br/>

<br/>

<input type=”submit” />

</form>

In order to ensure the data is properly formatted, it needs to be validated

<?php

if (isset($_POST[’email’])) {

$email = filter_var($_POST[’email’], FILTER_SANITIZE_EMAIL);

if (filter_var($email, FILTER_VALIDATE_EMAIL)) {

echo “$email is a valid email address.<br/><br/>”;

} else {

echo “$email is <strong>NOT</strong> a valid email address.<br/><br/>”;

}

}

if (isset($_POST[‘homepage’])) {

$homepage = filter_var($_POST[‘homepage’], FILTER_SANITIZE_URL);

if (filter_var($homepage, FILTER_VALIDATE_URL)) {

echo “$homepage is a valid URL.<br/><br/>”;

} else {

echo “$homepage is <strong>NOT</strong> a valid URL.<br/><br/>”;

}

}

?>

<form name=”form1″ method=”post” action=”form-validate.php”>

Email Address: <br/>

<input type=”text” name=”email” value=”<?php echo $_POST[’email’]; ?>” size=”50″/> <br/><br/>

<input type=”text” name=”homepage” value=”<?php echo $_POST[‘homepage’]; ?>” size=”50″ /> <br/>

<input type=”submit” />

</form>

Leave a Reply

Your email address will not be published.

Enjoy the tutorial? Please spread the word :)

Follow by Email
Facebook
Facebook
Google+2k
Google+
http://hirdeshbhardwaj.com/2016/09/14/sanitize-and-validations-functions/
YouTube39
YouTube