Php/docs/filter.filters.sanitize
Sanitize filters
ID | Name | Flags | Description |
---|---|---|---|
FILTER_SANITIZE_EMAIL
|
"email" | Remove all characters except letters, digits and
| |
FILTER_SANITIZE_ENCODED
|
"encoded" | FILTER_FLAG_STRIP_LOW ,
|
URL-encode string, optionally strip or encode special characters. |
FILTER_SANITIZE_MAGIC_QUOTES
|
"magic_quotes" | Apply addslashes(). | |
FILTER_SANITIZE_NUMBER_FLOAT
|
"number_float" | FILTER_FLAG_ALLOW_FRACTION ,
|
Remove all characters except digits, +- and
optionally |
FILTER_SANITIZE_NUMBER_INT
|
"number_int" | Remove all characters except digits, plus and minus sign. | |
FILTER_SANITIZE_SPECIAL_CHARS
|
"special_chars" | FILTER_FLAG_STRIP_LOW ,
|
HTML-escape '"<>& and characters with
ASCII value less than 32, optionally strip or encode other special characters. |
FILTER_SANITIZE_FULL_SPECIAL_CHARS
|
"full_special_chars" | FILTER_FLAG_NO_ENCODE_QUOTES ,
|
Equivalent to calling htmlspecialchars() with ENT_QUOTES set. Encoding quotes can
be disabled by setting |
FILTER_SANITIZE_STRING
|
"string" | FILTER_FLAG_NO_ENCODE_QUOTES ,
|
Strip tags, optionally strip or encode special characters. |
FILTER_SANITIZE_STRIPPED
|
"stripped" | Alias of "string" filter. | |
FILTER_SANITIZE_URL
|
"url" | Remove all characters except letters, digits and
| |
FILTER_UNSAFE_RAW
|
"unsafe_raw" | FILTER_FLAG_STRIP_LOW ,
|
Do nothing, optionally strip or encode special characters. This
filter is also aliased to |
Warning
When using one of these filters as a default filter either through your ini file
or through your web server's configuration, the default flags is set to
FILTER_FLAG_NO_ENCODE_QUOTES
. You need to explicitly set
filter.default_flags to 0 to have quotes encoded by default. Like this:
Example #1 Configuring the default filter to act like htmlspecialchars
filter.default = full_special_charsfilter.default_flags = 0
更新日志
版本 | 说明 |
---|---|
5.2.11/5.3.1 | Slashes (/ ) are removed by
|