/** * Lists all filters available with the filter extension. */ public function doListFilters() { $list = filter_list(); foreach ($list as $filter) { echo filter_id($filter), ": {$filter}<br />\n"; } }
/** * Gets all possible filter types * * @return array */ static function getRegisteredFilters() { if (empty(self::$filtersTypes)) { foreach (filter_list() as $filter_name) { self::$filtersTypes[filter_id($filter_name)] = $filter_name; } } return self::$filtersTypes; }
function _filter_var_array_is_valid_filter($filter) { static $ids = null; if ($ids === null) { // A bit painful in php, exposing the IDs might be better if this is hot $ids = array_fill_keys(array_map('filter_id', filter_list()), null); } return array_key_exists($filter, $ids); }
public function getServer($key = null, $default = null) { var_dump($this->filters); die; if (null === $key) { return filter_list(INPUT_SERVER) ? filter_input_array(INPUT_SERVER) : $this->params; } return filter_has_var(INPUT_SERVER, $key) ? filter_input(INPUT_SERVER, $key) : $default; }
/** * ( excerpt from http://docs.hhvm.com/manual/en/function.filter-var-array.php ) * * This function is useful for retrieving many values without repetitively * calling filter_var(). * * @data mixed An array with string keys containing the data to * filter. * @definition mixed An array defining the arguments. A valid key is a * string containing a variable name and a valid value * is either a filter type, or an array optionally * specifying the filter, flags and options. If the * value is an array, valid keys are filter which * specifies the filter type, flags which specifies any * flags that apply to the filter, and options which * specifies any options that apply to the filter. See * the example below for a better understanding. * * This parameter can be also an integer holding a * filter constant. Then all values in the input array * are filtered by this filter. * @add_empty mixed Add missing keys as NULL to the return value. * * @return mixed An array containing the values of the requested * variables on success, or FALSE on failure. An array * value will be FALSE if the filter fails, or NULL if * the variable is not set. */ function filter_var_array($data, $definition = null, $add_empty = true) { if (!is_array($data)) { trigger_error('filter_var_array() expects parameter 1 to be array, ' . gettype($data) . ' given', E_WARNING); return null; } $default_filter = null; if (!is_array($definition)) { if ($definition === null) { $default_filter = FILTER_DEFAULT; } else { if (is_int($definition)) { // A bit painful in php, exposing the IDs might be better if this is hot $ids = array_fill_keys(array_map('filter_id', filter_list()), null); if (!array_key_exists($definition, $ids)) { return false; } $default_filter = $definition; } else { return false; } } $definition = array_fill_keys(array_keys($data), null); } $ret = array(); foreach ($definition as $key => $def) { if ($key === "") { trigger_error('filter_var_array(): Empty keys are not allowed in the ' . 'definition array', E_WARNING); return false; } if (!array_key_exists($key, $data)) { if ($add_empty) { $ret[$key] = null; } continue; } $value = $data[$key]; if ($default_filter) { $ret[$key] = _filter_var_array_single($value, $default_filter); continue; } if (!is_array($def)) { $ret[$key] = _filter_var_array_single($value, $def); continue; } if (!isset($def['filter'])) { $filter = FILTER_DEFAULT; } else { $filter = $def['filter']; } $ret[$key] = _filter_var_array_single($value, $filter, $def); } return $ret; }
/** * Validate Form Input * * This function is used during the processing of the form data to validate * each added field and the value contained in that field against the set datatypes, * lengths, and if they are required. */ private function checkInput($post) { if (empty($this->fields) || empty($post)) { trigger_error("Required data for validating missing.", E_USER_WARNING); return false; } // Loop over data and validate it foreach ($post as $key => $val) { /** * Make sure only defined fields were submitted an nothing else. * If this error keeps happening, make SURE you created all input fields * using the addField() method and not manually. */ if (!isset($this->fields[$key])) { $this->errors[] = "The form you submitted doesn't appear to be valid.\n" . "Please notify an administrator if this problem continues. [{$key}]\n"; return false; } // Verify required fields have been filled in if ($this->fields[$key]['required'] === true && empty($val)) { $this->errors[] = "The \"{$key}\" field is required and cannot be empty!\n"; return false; } // Make sure value isn't longer than the field maxlength if ($this->fields[$key]['maxlength'] < strlen(trim($val)) && !empty($this->fields[$key]['maxlength'])) { $this->errors[] = "Somehow you entered more data than permitted for the " . "\"{$key}\" field!\n"; return false; } // Validate field Datatype // Current types are 'email', 'letters','alphanumeric', 'numbers', 'phone', or 'any' /** * Check Email Address * Takes a given email address and split it into the username and domain, * then verifies the domain name is valid. See functions.php for a more * comprehensive email validation function if this isn't sufficient. */ if ($this->fields[$key]['datatype'] == 'email' && !empty($val)) { list($userName, $mailDomain) = explode("@", $val); if (!checkdnsrr($mailDomain, "MX") || strlen($userName) < 2) { $this->errors[] = "Sorry, but your email address {$val} couldn't be validated.\n"; return false; } } // Check for letters, spaces, and '.', '-', '_' only. if ($this->fields[$key]['datatype'] == 'letters' && !empty($val)) { if (!preg_match('/^([a-zA-Z\\.-_ ]+)$/', $val)) { $this->errors[] = "The '{$key}' field only allows letters! Please remove anything else."; return false; } } // Check for numbers, spaces, and '.', '-', '_' only. if ($this->fields[$key]['datatype'] == 'numbers' && !empty($val)) { if (!preg_match('/^([0-9\\.-_ ]+)$/', $val)) { $this->errors[] = "The '{$key}' field only allows numbers! Please remove anything else."; return false; } } // Check for letters, numbers, spaces, and '.', '-', '_' only. if ($this->fields[$key]['datatype'] == 'alphanumeric' && !empty($val)) { if (!preg_match('/^([#0-9a-zA-Z\\.-_ ]+)$/', $val)) { $this->errors[] = "The '{$key}' field only allows letters and numbers! Please remove anything else."; return false; } } // Check Phone Number - Allows either 123-456-7890 or 456-7890 format if ($this->fields[$key]['datatype'] == 'phone' && !preg_match('/^([0-9]{3}-)?([0-9]{3})-([0-9]{4})$/', $val) && !empty($val)) { $this->errors[] = "The number {$val} is an invalid phone number format.\n" . "Make sure you enter a number in this format: 501-555-1234\n"; return false; } /** * Clean the input data * * This part uses php's Filter extension which must be installed and * requires PHP version 5.2. * This function removes and converts potentially harmful characters from * post data such as <>, etc. */ if (!function_exists('filter_list') || !in_array('string', filter_list())) { trigger_error("A required function doesn't exist! Please notify the administrator.", E_USER_ERROR); exit; } $this->fields[$key]['value'] = filter_var($val, FILTER_SANITIZE_STRING); } // Return true on success return true; }
<?php //$body=file_get_contents('php://input'); //var_dump($body); //http_response_code(202); //print_r($_SERVER); echo <<<HTML <html> <body onload="return false;"> <form id='redirectForm' method='POST' action='/done.html'> <input type='hidden' name='status' value='complete'/> <input type='hidden' name='id' value='0u812'/> <input type='submit' value='Please Click Here To Continue'/> </form> </body> </html> HTML; //virtual('d'); //print_r(get_browser()); var_export(filter_list()); var_dump(filter_has_var(INPUT_GET, 'test'));
protected function getPHPFilterName($id) { foreach (filter_list() as $name) { if (filter_id($name) == $id) { return $name; } } if (filter_id($id) === FALSE) { return FALSE; } return $id; }
public function getList() { return filter_list(); }
/** {@inheritdoc} */ public function validate() { if (empty(self::$rules)) { return false; // no rules; defaults to FALSE } // initialize filter & validator $filters = ['php' => filter_list(), 'validated' => [], 'filter' => [], 'filter_plugin' => null, 'validator' => [], 'validator_plugin' => null]; if (class_exists(ZEND_STATIC_VALIDATOR)) { $filters['validator_plugin'] = forward_static_call([ZEND_STATIC_VALIDATOR, 'getPluginManager']); $filters['validator'] = $filters['validator_plugin']->getRegisteredServices()['invokableClasses']; } if (class_exists(ZEND_STATIC_FILTER)) { $filters['filter_plugin'] = forward_static_call([ZEND_STATIC_FILTER, 'getPluginManager']); $filters['filter'] = $filters['filter_plugin']->getRegisteredServices()['invokableClasses']; } foreach (self::$rules as $k => $v) { $newValue = $value = $v['property']->getValue($this); $hasValue = !is_blank($value); foreach ($v['rules'] as $rule) { // e.g. [full_special_chars('flags' => FILTER_FLAG_NO_ENCODE_QUOTES)] // [HtmlEntities('quotestyle' => ENT_QUOTES, 'encoding' => 'UTF-8', 'doublequote' => true)] // [StringLength('max' => 255, 'message' => 'Hi, ntd1712')] preg_match(CHAOS_MATCH_RULE_ITEM, $rule, $matches); if (!isset($matches[1])) { continue; } $rule = strtolower($matches[1]); $options = []; if (!empty($matches[2])) { $result = @eval('return array' . $matches[2] . ';'); if (null === error_get_last() && is_array($result)) { $options = $result; if (isset($options['message'])) { $options['message'] = str_replace('{property}', $k, $options['message']); } } } // validator if ('notempty' === $rule || $hasValue) { if (in_array($rule, $filters['validator'])) { /** @var \Zend\Validator\AbstractValidator $validator */ $validator = $filters['validator_plugin']->get($rule, $options); $filters['validated'][$rule] = true; if (!$validator->isValid($value)) { return $validator->getMessages(); } } elseif (in_array($rule, $filters['php'])) { $result = filter_var($value, filter_id($rule), $options); $filters['validated'][$rule] = true; if (false === $result) { return [sprintf('Value of "%s" is not valid for "%s"', 32 < strlen($value) ? substr($value, 0, 20) . '...' : $value, $k)]; } } } // filter if (!isset($filters['validated'][$rule]) && $hasValue) { if (in_array($rule, $filters['filter'])) { /** @var \Zend\Filter\AbstractFilter $filter */ $filter = $filters['filter_plugin']->get($rule, $options); $newValue = $filter->filter($value); } elseif (in_array($rule, $filters['php'])) { $result = filter_var($value, filter_id($rule), $options); if (false !== $result) { $newValue = $result; } } // set new property value (if any) if ($value != $newValue) { $v['property']->setValue($this, $newValue); } } } } return false; }
/** * 判别类型的准确的常量表示 * @param string $type 含糊的类型表述 */ public static function detectType($type) { $type = empty($type) ? 'string' : strtolower($type); foreach (filter_list() as $name) { if (ends_with($name, $type)) { return filter_id($name); } } }
/** * Sanitize and validate a variable contained in a name space * * @param string $varName the name of a variable defined in the namespace * @param mixed $default a default value if variable is not set. NULL means that * the variable is mandatory. * @param mixed $validator Can be: * 1) null use default validation * 2) an integer representing a simple Validate filter without flags and options * 3) an array representing a Validate filter with flags and/or options * 4) an instance of an object that expose function 'assert'. * you can use istance of Respect\Validation\Validator * @param mixed $sanitizer Can be: * A) null if no sanitization is required * B) an integer representing a simple Sanitize filter without flags and options * C) an array representing a Sanitize filter with flags and/or options * D) a callable that accept an argument (the source) and return sanitized one * * @throws InvalidArgumentException if $varName is not defined and $default not provided * @throws Exception if validator fails to validate variable (depending from the validator) * @throws InvalidArgumentException if sanitize fails * * @return mixed the sanitized value associated to varName in namespace * * LIMITS: * sanitizer are supported just on scalar values * non scalar value require a custom validator like Respect\Validator * */ public function getValue($varName, $default = null, $validator = null, $sanitizer = null) { // prepare a static array to validate validators and sanitizer filters static $validFilters = null; //load once runtime if (is_null($validFilters)) { // prepare a list of valid filters: do once $validFilters = array(); $filters = filter_list(); foreach ($filters as $filter_name) { $validFilters[filter_id($filter_name)] = $filter_name; } // Remove unsupported filters: foreach (array(FILTER_VALIDATE_BOOLEAN, FILTER_CALLBACK) as $badFilter) { unset($validFilters[$badFilter]); } } // Ensure var exists or a default value is present if (!$varName || is_null($default) && !isset($this->varStore[$varName])) { throw new InvalidArgumentException("Missing mandatory parameter {$varName}.", 400); } $sourceValue = isset($this->varStore[$varName]) ? $this->varStore[$varName] : $default; $scalarValue = is_scalar($sourceValue); // manage NULL_AS_DEFAULT if ($sourceValue === self::NULL_AS_DEFAULT) { $sourceValue = null; } // sanitize the variable value (if requested ) if (is_null($sanitizer)) { // CASE A: sanitizing not required $sanitizedValue = $sourceValue; } elseif (is_int($sanitizer) && array_key_exists($sanitizer, $validFilters) && $scalarValue) { // CASE B: Use a simple sanitize filter $sanitizedValue = filter_var($sourceValue, $sanitizer); } elseif (is_array($sanitizer) && isset($sanitizer['filter']) && array_key_exists($sanitizer['filter'], $validFilters) && $scalarValue) { // CASE C: use sanitizer filter with flags and/or options $filter = $sanitizer['filter']; $sanitizedValue = filter_var($sourceValue, $filter, $sanitize); // should I unset($sanitizer['filter']) ? } elseif (is_callable($sanitizer)) { $sanitizedValue = $sanitizer($sourceValue); } else { throw new InvalidArgumentException("Invalid sanitizer filter on {$varName}.", 400); } //Now we are sure that variable has a sanitized value: validate it (if requested ) if (is_null($validator)) { // CASE 1: validation not required $valid = $scalarValue ? filter_var($sanitizedValue) : $sanitizedValue; $validatorName = 'DEFAULT'; } elseif (is_int($validator) && array_key_exists($validator, $validFilters) && $scalarValue) { // CASE 2: Use a simple validation filter $valid = filter_var($sanitizedValue, $validator); $validatorName = $validFilters[$validator]; } elseif (is_array($validator) && isset($validator['filter']) && array_key_exists($validator['filter'], $validFilters) && $scalarValue) { // CASE 3: use validation filter with flags and/or options $filter = $validator['filter']; $valid = filter_var($sanitizedValue, $filter, $validator); // should unset($validator['filter'])? $validatorName = $validFilters[$filter]; } elseif (is_object($validator)) { // CASE 4: the object must expose assert() method (like in Respect\Validation library ) try { $validator->assert($sanitizedValue); // N.B. is up to custom validator test the value type $valid = true; } catch (Exception $e) { $validatorName = 'OBJECT_VALIDATOR'; $valid = false; $errorMsg = $e->getMessage(); } } else { $validatorName = 'unsupported'; $valid = false; } // thrown exception if not validate value if (false === $valid) { if (empty($errorMsg)) { $val = $scalarValue ? $sanitizedValue : 'structured'; $errorMsg = "Invalid value({$val}) for {$validatorName} filter on [{$varName}]"; } throw new InvalidArgumentException($errorMsg, 400); } return $sanitizedValue; }
static function detectType($F) { $F = empty($F) ? 'string' : strtolower($F); foreach (filter_list() as $A) { if (ends_with($A, $F)) { return filter_id($A); } } }
<?php var_dump(filter_list()); var_dump(filter_list(array())); echo "Done\n";
/** * 获取全部过滤器方法 * * @return multitype:number */ public function filterAction() { $map = array(); $map['int'] = '整数验证'; $map['boolean'] = '是非验证'; $map['float'] = '浮点验证'; $map['validate_url'] = '是否URL'; $map['validate_email'] = '是否Email'; $map['validate_ip'] = '是否IP地址'; $map['string'] = '过滤字符串'; $map['encoded'] = '去除或编码特殊字符'; $map['special_chars'] = 'HTML转义'; $map['unsafe_raw'] = '无过滤字符串'; $map['email'] = '过滤非Email字符'; $map['url'] = '过滤非URL字符'; $map['number_int'] = '数字过滤非整型'; $map['number_float'] = '数字过滤非浮点'; $map['magic_quotes'] = '转义字符'; $filters = array(); foreach (filter_list() as $key => $value) { if (isset($map[$value])) { $filters[] = array('name' => $map[$value], 'val' => filter_id($value)); } } $filters[] = array('name' => '关闭过滤器', 'val' => 0); return $this->rst($filters, null, true); }
function test_filters() { /*** * Data Filtering Using PHP's Filter Functions - Part one * Examples using PHP's Filter Functions * http://devolio.com/blog/archives/413-Data-Filtering-Using-PHPs-Filter-Functions-Part-one.html **/ error_reporting(E_ALL); /* do a quick check to make sure that the filter list is available */ if (function_exists('filter_list')) { /* filter list found */ } else { die("Error: Filters not found."); } /* variables to test against */ $int = 432; $bool = true; $float = 432.43; $reg = "/^([a-zA-Z0-9 ]){4,16}\$/"; $url = "http://devolio.com/blog"; $email = '*****@*****.**'; $ipaddr = '127.0.0.1'; $ipres = "192.168.0.*"; $ipv6addr = "2001:0db8:85a3:08d3:1319:8a2e:0370:7334"; $string = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWX\n\tYZ1234\t567890`~!@#\$%^&*()-_=+[{]};:'\"<,>.?/\\|\\n\\r\\t"; /* grab all of the filters and show them */ echo "<h2>Filter list</h2><pre>"; echo "<ul>\n"; $filters = filter_list(); foreach ($filters as $filter) { echo "<li>" . $filter . "</li>\n"; } echo "</ul></pre>\n"; echo "<h2>FILTER_VALIDATE_*</h2>"; /* check if an integer is valid */ $valid_int = filter_var($int, FILTER_VALIDATE_INT); echo "<pre><b>FILTER_VALIDATE_INT</b><br>"; if ($valid_int !== false) { echo "Valid integer.</pre>"; } else { echo "Not a valid integer.</pre>"; } /* check if a boolean is valid */ $valid_bool = filter_var($bool, FILTER_VALIDATE_BOOLEAN); echo "<pre><b>FILTER_VALIDATE_BOOL</b><br>"; if ($valid_bool !== false) { echo "Valid boolean.</pre>"; } else { echo "Not a valid boolean.</pre>"; } /* check if a float (int) is valid */ $valid_float = filter_var($float, FILTER_VALIDATE_FLOAT); echo "<pre><b>FILTER_VALIDATE_FLOAT</b><br>"; if ($valid_float !== false) { echo "Valid float.</pre>"; } else { echo "Not a valid float.</pre>"; } /* check if a regular expression is valid * suppressed (bug?) in case regex not available */ $valid_reg = @filter_var($reg, FILTER_VALIDATE_REGEXP); echo "<pre><b>FILTER_VALIDATE_REGEXP</b><br>"; if ($valid_reg !== false) { echo "Valid regular expression.</pre>"; } else { echo "Not a valid regular expression.</pre>"; } /* check if a URL is valid */ $valid_url = filter_var($url, FILTER_VALIDATE_URL); echo "<pre><b>FILTER_VALIDATE_URL</b><br>"; if ($valid_url !== false) { echo "Valid URL.</pre>"; } else { echo "Not a valid URL.</pre>"; } /* check if an e-mail address is valid */ $valid_email = filter_var($email, FILTER_VALIDATE_EMAIL); echo "<pre><b>FILTER_VALIDATE_EMAIL</b><br>"; if ($valid_email !== false) { echo "Valid e-mail address.</pre>"; } else { echo "Not a valid e-mail address.</pre>"; } /* check if an IP address is valid */ $valid_ip = filter_var($ipaddr, FILTER_VALIDATE_IP); echo "<pre><b>FILTER_VALIDATE_IP</b><br>"; if ($valid_ip !== false) { echo "Valid IP address.</pre>"; } else { echo "Not a valid IP address.</pre>"; } echo "<h2>FILTER_SANITIZE_*</h2>"; /* sanitize filters */ /* check if filter unsafe raw is unsafe. protip: YES */ $raw = $string; $valid_raw = filter_var($raw, FILTER_UNSAFE_RAW); echo "<pre><b>FILTER_UNSAFE_RAW</b><br>" . $valid_raw . "</pre>"; /* sanitize string */ $san_string = filter_var($string, FILTER_SANITIZE_STRING); echo "<pre><b>FILTER_SANITIZE_STRING</b><br>" . $san_string . "</pre>"; /* sanitize stripped */ $san_stripped = filter_var($string, FILTER_SANITIZE_STRIPPED); echo "<pre><b>FILTER_SANITIZE_STRIPPED</b><br>" . $san_stripped . "</pre>"; /* sanitize encoded */ $san_enc = filter_var($string, FILTER_SANITIZE_ENCODED); echo "<pre><b>FILTER_SANITIZE_ENCODED</b><br>" . $san_enc . "</pre>"; /* sanitize special chars */ $san_spc = filter_var($string, FILTER_SANITIZE_SPECIAL_CHARS); echo "<pre><b>FILTER_SANITIZE_SPECIAL_CHARS</b><br>" . $san_spc . "</pre>"; /* sanitize email */ $san_email = filter_var($string, FILTER_SANITIZE_EMAIL); echo "<pre><b>FILTER_SANITIZE_EMAIL</b><br>" . $san_email . "</pre>"; /* sanitize url */ $san_url = filter_var($string, FILTER_SANITIZE_URL); echo "<pre><b>FILTER_SANITIZE_URL</b><br>" . $san_url . "</pre>"; /* sanitize int */ $san_int = filter_var($string, FILTER_SANITIZE_NUMBER_INT); echo "<pre><b>FILTER_SANITIZE_NUMBER_INT</b><br>" . $san_int . "</pre>"; echo "<h2>FILTER_FLAG_*</h2>"; /* filter flags */ /* strip low - strips ascii < 32 */ $strip_low = filter_var($string, FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW); echo "<pre><b>FILTER_FLAG_STRIP_LOW</b><br>" . $strip_low . "</pre>"; /* strip high - strips ascii > 127 */ $strip_high = filter_var($string, FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_HIGH); echo "<pre><b>FILTER_FLAG_STRIP_HIGH</b><br>" . $strip_high . "</pre>"; /* encode low - encodes ascii < 32 */ $enc_low = filter_var($string, FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_LOW); echo "<pre><b>FILTER_FLAG_ENCODE_LOW</b><br>" . $enc_low . "</pre>"; /* encode high - encodes ascii > 127 */ $enc_high = filter_var($string, FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_HIGH); echo "<pre><b>FILTER_FLAG_ENCODE_HIGH</b><br>" . $enc_high . "</pre>"; /* don't encode ' or " */ $deq = filter_var($string, FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES); echo "<pre><b>FILTER_FLAG_NO_ENCODE_QUOTES</b><br>" . $deq . "</pre>"; var_dump('ORIGINAL STRING: ', $string); var_dump('ORIGINAL INT: ', $int); }
/** * Filters data using PHP's filter extension * * @see filter_var() * @param mixed $data * @param mixed $filter * @param mixed $options * @param bool $falseOnFail * @return mixed */ function filter($data, $filter = null, $options = null, $falseOnFail = true) { if (is_array($data)) { // the $filter must be an array or a string to an array defined under app.filters.rules if (is_string($filter)) { if (($rules = Atomik::get("helpers.filters.rules.{$filter}", false)) === false) { throw new AtomikException('When $data is an array, the filter must be an array of definition or a defination name in filter()'); } } else { $rules = $filter; } $results = array(); $messages = array(); $validate = true; foreach ($rules as $field => $params) { if (isset($data[$field]) && is_array($data[$field])) { if (($results[$field] = $this->filter($data[$field], $params)) === false) { $messages[$field] = Atomik::get('helpers.filters.messages', array()); $validate = false; } continue; } $filter = FILTER_SANITIZE_STRING; $message = Atomik::get('helpers.filters.default_message', 'The %s field failed to validate'); $required = false; $default = null; $label = $field; if (is_array($params)) { // extracting information from the array if (isset($params['message'])) { $message = Atomik::delete('message', $params); } if (isset($params['required'])) { $required = Atomik::delete('required', $params); } if (isset($params['default'])) { $default = Atomik::delete('default', $params); } if (isset($params['label'])) { $label = Atomik::delete('label', $params); } if (isset($params['filter'])) { $filter = Atomik::delete('filter', $params); } $options = count($params) == 0 ? null : $params; } else { $filter = $params; $options = null; } if (!isset($data[$field]) && !$required) { // field not set and not required, do nothing continue; } if ((!isset($data[$field]) || $data[$field] == '') && $required) { // the field is required and either not set or empty, this is an error $results[$field] = false; $message = Atomik::get('helpers.filters.required_message', 'The %s field must be filled'); } else { if ($data[$field] === '' && !$required) { // empty but not required, null value $results[$field] = $default; } else { // normal, validating $results[$field] = $this->filter($data[$field], $filter, $options); } } if ($results[$field] === false) { // failed validation, adding the message $messages[$field] = sprintf($message, $label); $validate = false; } } Atomik::set('helpers.filters.messages', $messages); return $validate || !$falseOnFail ? $results : false; } if (is_string($filter)) { if (in_array($filter, filter_list())) { // filter name from the extension filters $filter = filter_id($filter); } else { if (preg_match('@/.+/[a-zA-Z]*@', $filter)) { // regexp $options = array('options' => array('regexp' => $filter)); $filter = FILTER_VALIDATE_REGEXP; } else { if (($callback = Atomik::get("helpers.filters.callbacks.{$filter}", false)) !== false) { // callback defined under app/filters/callbacks $filter = FILTER_CALLBACK; $options = $callback; } } } } return filter_var($data, $filter, $options); }
public function getList() : array { return filter_list(); }
<meta http-equiv="Cache-Control" content="max-age=3600, public"> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>PHP Filter</title> <meta name="Content-Language" content="de" /> <meta name="language" content="Deutsch" /> <meta name="author" content="Andre Kasper, M.Sc."> <meta name="viewport" content="width=device-width,initial-scale=1.0"> </head> <body> <table> <tr> <td>Filter Name</td> <td>Filter ID</td> </tr> <?php foreach (filter_list() as $id => $filter) { echo '<tr><td>' . $filter . '</td><td>' . filter_id($filter) . '</td></tr>'; } ?> </table> <?php $email1 = 'andre.kasper.@th-koeln.de<"'; $email2 = '*****@*****.**'; //$email1 = filter_var($email1, FILTER_SANITIZE_EMAIL); if (!filter_var($email1, FILTER_VALIDATE_EMAIL) === false) { echo 'E-Mail ' . $email1 . ' erfolgreich validiert!<br />'; } else { echo 'E-Mail ' . $email1 . ' ist keine gültige Adresse!<br />'; } if (!filter_var($email2, FILTER_VALIDATE_EMAIL) === false) { echo 'E-Mail ' . $email2 . ' erfolgreich validiert!<br />';
<?php include 'header.php'; ?> <div class="container"> <div class="row"> <div class="col-md-3"> <h1>PHP 5 FILTERS</h1> </div> <div class="col-md-6"> <?php //php5 filters printed echo '<pre>'; print_r(filter_list()); echo '</pre>'; //http://phphulp.jorendewit.nl/view/24/4/ ?> </div> <div class="col-md-3"> <h1></h1> </div> </div> <div class="row"> <div class="col-md-12"> <?php //filter voor nummer
/** * Finds the filter name by filter id * * @param int $filterId * @return string * @throws SanitizationException */ private function findFilter($filterId) { foreach (filter_list() as $filterName) { if (filter_id($filterName) === $filterId) { return $filterName; } } throw new \Exception('Could not find filter ' . $filterId); }
/** * 过滤参数 * @param mixed $value * @param string $type * @param mixed $default * @param mixed $filter * @param mixed $options * @return mixed */ private static function filter($value, $type = null, $default = '', $filter = null, $options = null) { //获取系统默认的过滤器 if (!isset(self::$_defaultFilters)) { self::$_defaultFilters = filter_list(); } // 默认强制转换为字符串 if (is_null($type) && self::$AUTO_STRING) { $type = 's'; } $filters = isset($filter) ? $filter : self::$FILTER; if ($filters) { if (is_string($filters)) { if (0 === strpos($filters, '/')) { if (1 !== preg_match($filters, (string) $value)) { // 支持正则验证 return isset($default) ? $default : null; } } elseif (strpos($filters, ',')) { $filters = explode(',', $filters); } else { $filters = [$filters]; } } elseif (is_int($filters)) { $filters = [$filters]; } if (is_array($filters)) { foreach ($filters as $filter) { if (function_exists($filter)) { $value = is_array($value) ? array_map_recursive($filter, $value) : $filter($value); // 参数过滤 } else { if (is_int($filter)) { $filter = isset(self::$_defaultFilters[$filter]) ? $filter : null; } else { $filter = filter_id($filter) ?: null; } $value = filter_var($value, $filter); if (false === $value) { return isset($default) ? $default : null; } } } } } if (!empty($type)) { switch (strtolower($type)) { case 'a': // 数组 $value = (array) $value; break; case 'd': // 数字 $value = (int) $value; break; case 'f': // 浮点 $value = (double) $value; break; case 'b': // 布尔 $value = (bool) $value; break; case 's': // 字符串 // 字符串 default: $value = (string) $value; } } return $value; }
<?php /** * @copyright Copyright (C) 2005-2008 eZ systems as. All rights reserved. * @license http://ez.no/licenses/new_bsd New BSD License * @version 1.4 * @filesource * @package UserInput * @subpackage Tests */ ?> <html> <head><title>Test 3</title></head> <body> <?php var_dump(filter_list()); $cb1 = filter_input(INPUT_GET, 'test1', filter_id('boolean'), FILTER_NULL_ON_FAILURE); $cb2 = filter_input(INPUT_GET, 'test2', filter_id('boolean')); $int1 = filter_input(INPUT_GET, 'test3', filter_id('int'), FILTER_NULL_ON_FAILURE); $int2 = filter_input(INPUT_GET, 'test4', filter_id('int'), array('flags' => FILTER_NULL_ON_FAILURE, 'options' => array('max_range' => 42))); if ($cb1 && $cb2) { echo "both are checked"; } var_dump($cb1, $cb2, $int1, $int2); ?> <form method="get" align="center"> <input type="checkbox" name="test1" checked="yes"/> <input type="checkbox" name="test2"/> <input type="text" name="test3"/> <input type="text" name="test4"/> <input type="submit" name="submit" value="Go!"/>
/** * Validates the definition array $definition. * * Before reading the values from the input source, the definition array * can be validated by this method to check whether all necessary * elements are correctly formed. * * With the following code you can check whether the definition is valid: * <code> * <?php * if ( ( $returnValue = ezcInputForm::validateDefinition( $definition ) ) !== true ) * { * // do something with the error type and error message in $returnValue * } * else * { * // the definition was correct * } * ?> * </code> * * @param array $definition * @return array|bool If the definition is correct the method returns * boolean true. When an error is found the function * returns an array where the first element is the type, * and the second element the error message. */ public static function validateDefinition($definition) { // The definition parameter should be an array if (!is_array($definition)) { return array(ezcInputForm::DEF_NO_ARRAY, "The definition array is not an array"); } // There should be atleast one element if (count($definition) === 0) { return array(ezcInputForm::DEF_EMPTY, "The definition array is empty"); } foreach ($definition as $name => $element) { // Each element should be an ezcInputFormDefinitionElement if (!$element instanceof ezcInputFormDefinitionElement) { return array(ezcInputForm::DEF_ELEMENT_NO_DEFINITION_ELEMENT, "The definition for element '{$name}' is not an ezcInputFormDefinitionElement"); } // The first value in an element should be REQUIRED or OPTIONAL if (!in_array($element->type, array(ezcInputFormDefinitionElement::OPTIONAL, ezcInputFormDefinitionElement::REQUIRED), true)) { return array(ezcInputForm::DEF_NOT_REQUIRED_OR_OPTIONAL, "The first element definition for element '{$name}' is not ezcInputFormDefinitionElement::OPTIONAL or ezcInputFormDefinitionElement::REQUIRED"); } // The options should either be an array, a string, or an int if ($element->options !== null) { $filterOptionsType = gettype($element->options); if (!in_array($filterOptionsType, array('integer', 'string', 'array'))) { return array(ezcInputForm::DEF_WRONG_FLAGS_TYPE, "The options to the definition for element '{$name}' is not of type integer, string or array"); } // A callback filter should have the form "string" or "array(string, string)" if ($element->filterName == 'callback') { if ($filterOptionsType == 'integer') { return array(ezcInputForm::DEF_WRONG_FLAGS_TYPE, "The callback filter for element '{$name}' should not be an integer"); } if ($filterOptionsType == 'array') { if (count($element->options) != 2) { return array(ezcInputForm::DEF_WRONG_FLAGS_TYPE, "The array parameter for the callback filter for element '{$name}' should have exactly two elements"); } if (gettype($element->options[0]) != 'string' || gettype($element->options[1]) != 'string') { return array(ezcInputForm::DEF_WRONG_FLAGS_TYPE, "The array elements for the callback filter for element '{$name}' should both be a string"); } } } } // The options should either be an int if ($element->flags !== null) { if (gettype($element->flags) !== 'integer') { return array(ezcInputForm::DEF_WRONG_FLAGS_TYPE, "The flags to the definition for element '{$name}' is not of type integer, string or array"); } } // The filter should be an existing filter if (!in_array($element->filterName, filter_list())) { $filters = join(', ', filter_list()); return array(ezcInputForm::DEF_UNSUPPORTED_FILTER, "The filter '{$element->filterName}' for element '{$name}' does not exist. Pick one of: {$filters}"); } // The input field name should have a sane format if (gettype($name) != 'string') { return array(ezcInputForm::DEF_FIELD_NAME_BROKEN, "The element name '{$name}' is not a string"); } if (!preg_match('@^[a-z][a-z0-9_]*$@i', $name)) { return array(ezcInputForm::DEF_FIELD_NAME_BROKEN, "The element name '{$name}' has an unsupported format. It should start with an a-z and followed by a-z0-9_"); } } return true; }
/** * Filter key. * * @param string $key Key * @param mixed $default Default = null * @param int $filter FILTER_* constant * @param mixed $options Filter options * @param bool $deep Default = false * * @see http://php.net/manual/en/function.filter-var.php * * @return mixed */ public function filter($key, $default = null, $filter = FILTER_DEFAULT, $options = array(), $deep = false) { static $filters = null; if (null === $filters) { foreach (filter_list() as $tmp) { $filters[filter_id($tmp)] = 1; } } if (is_bool($filter) || !isset($filters[$filter]) || is_array($deep)) { @trigger_error('Passing the $deep boolean as 3rd argument to the ' . __METHOD__ . ' method is deprecated since version 2.8 and will be removed in 3.0. Remove it altogether as the $deep argument will be removed in 3.0.', E_USER_DEPRECATED); $tmp = $deep; $deep = $filter; $filter = $options; $options = $tmp; } $value = $this->get($key, $default, $deep); // Always turn $options into an array - this allows filter_var option shortcuts. if (!is_array($options) && $options) { $options = array('flags' => $options); } // Add a convenience check for arrays. if (is_array($value) && !isset($options['flags'])) { $options['flags'] = FILTER_REQUIRE_ARRAY; } return filter_var($value, $filter, $options); }