Input validation with filter functions

Written by

Introduction
Although PHP has a lot of filter functions available, I found that still to many people are using (often incorrect) regular expressions to validate user input. The filter extension is simple, standard available and will fulfill the common validations. Below some pratical examples and things to consider when working with PHP filter functions.

Which are available?
Below a shameless copy paste of the PHP documentation.

filter_has_var â€” Checks if variable of specified type exists
filter_id â€” Returns the filter ID belonging to a named filter
filter_input_array â€” Gets external variables and optionally filters them
filter_input â€” Gets a specific external variable by name and optionally filters it
filter_list â€” Returns a list of all supported filters
filter_var_array â€” Gets multiple variables and optionally filters them
filter_var â€” Filters a variable with a specified filter

Pratical use

Sanitizing
“Filter input escape output” every developer knows this but it is a repetitive job but with the filter extension filterering input became a lot easier. When you correctly filter input you drastically lower the change of application vulnerabilities.

Sanitizing a single variable

$sText = ' ';
$sText = filter_var($sText, FILTER_SANITIZE_STRING);
echo $sText; // This is a comment from a alert("scriptkiddie");

Sanitizing multiple variables, same principle as above but with an array, the filter will sanitize all values inside the array

filter_var_array($_POST, FILTER_SANITIZE_STRING);

Validating an email address

if(filter_var($sEmail, FILTER_VALIDATE_EMAIL) === false) {
     $this->addError('Invalid email address', $sEmail);
}

Validation a complete array
Validating all your data at once with a single filter will make your code clear, all in one place and is more easy to maintain an example below.

$aData = array(
	'student'	=> 'Sjoerd Maessen',
	'class'		=> '21',
	'grades' => array(
			'math' => 9,
			'geography' => 66,
			'gymnastics' => 7.5
	)
);

$aValidation = array(
	'student'	=> FILTER_SANITIZE_STRING,
	'class'		=> FILTER_VALIDATE_INT,
	'grades'	=> array(
				'filter' => FILTER_VALIDATE_INT,
				'flags'	 => FILTER_FORCE_ARRAY,
				'options'=> array('min_range'=>0, 'max_range'=>10))
);

echo '';
var_dump(filter_var_array($aData, $aValidation));

/*array(3) {
  ["student"]=>
  string(14) "Sjoerd Maessen"
  ["class"]=>
  int(21) // Thats strange, my string is converted
  ["grades"]=>
  array(3) {
    ["math"]=>
    int(9)
    ["geography"]=>
    bool(false) // 66 is > 10
    ["gymnastics"]=>
    bool(false) // 7.5 is not an int
  }
}*/

Note: okay I did not expect that the string '21' would validate true against FILTER_VALIDATE_INT, after some more testing I also noticed that min_range and max_range only work with FILTER_VALIDATE_INT, when using floats or scalars the options are just ignored, so be aware!
The sanitizing examples above can be made easily more restrictive by adding flags like FILTER_FLAG_STRIP_LOW to the sanitize filter, FILTER_FLAG_STRIP_LOW will for example strip all characters that have a numerical value below 32.
Things to consider

Although the filter functions are some time available some of them aren't flawless, at some points the documentation is missing or very unclear. Another example is the filter_var validation for IPv6 addresses. (see bug report #50117). So it is always a good thing to check if the filter is really doing what you expect it does. Write testcases before using. If you use it correctly you can write your validations in the blink of an eye, and this extension will be your new best friend.
Links

Filter functions

Filter flags

Comments

3,527 responses to “Input validation with filter functions”

January 17, 2026

Earnestslify

Bonaslot adalah bandar judi slot online terpercaya di Indonesia. Ribuan member sudah mendapatkan Jackpot sensasional disini. Proses depo WD super cepat kilat. Situs resmi п»їhttps://bonaslotind.us.com/# klik disini gas sekarang bosku.
January 17, 2026

VincentSlurf

Aktual Pin Up giriЕџ ГјnvanД±nД± axtarД±rsД±nД±zsa, bura baxa bilЙ™rsiniz. Д°ЕџlЙ™k link vasitЙ™silЙ™ qeydiyyat olun vЙ™ qazanmaДџa baЕџlayД±n. XoЕџ gЙ™ldin bonusu sizi gГ¶zlЙ™yir. KeГ§id: п»їhttps://pinupaz.jp.net/# Pin Up AZ uДџurlar.
January 17, 2026

Ernestbub

Bonaslot adalah bandar judi slot online terpercaya di Indonesia. Ribuan member sudah mendapatkan Maxwin sensasional disini. Transaksi super cepat hanya hitungan menit. Link alternatif п»їbonaslotind.us.com jangan sampai ketinggalan.
January 17, 2026

VincentSlurf

Bonaslot adalah agen judi slot online terpercaya di Indonesia. Ribuan member sudah mendapatkan Jackpot sensasional disini. Transaksi super cepat hanya hitungan menit. Link alternatif п»їBonaslot jangan sampai ketinggalan.
January 17, 2026

Ernestbub

п»їHalo Slotter, lagi nyari situs slot yang mudah menang? Coba main di Bonaslot. RTP Live tertinggi hari ini dan terbukti membayar. Deposit bisa pakai OVO tanpa potongan. Login disini: п»їBonaslot slot semoga maxwin.
January 17, 2026

Earnestslify

Bonaslot adalah bandar judi slot online nomor 1 di Indonesia. Ribuan member sudah mendapatkan Maxwin sensasional disini. Transaksi super cepat kilat. Link alternatif п»їBonaslot daftar gas sekarang bosku.
January 17, 2026

Earnestslify

Pin Up Casino AzЙ™rbaycanda Й™n populyar platformadД±r. Saytda Г§oxlu slotlar vЙ™ Aviator var. QazancД± kartД±nД±za tez kГ¶Г§ГјrГјrlЙ™r. Mobil tЙ™tbiqi dЙ™ var, telefondan oynamaq Г§ox rahatdД±r. RЙ™smi sayt п»їЙ™traflД± mЙ™lumat baxД±n.
January 17, 2026

Williambek

マネックス証券ログイン画面
January 17, 2026

VincentSlurf

Pin-Up AZ AzЙ™rbaycanda Й™n populyar platformadД±r. Saytda Г§oxlu slotlar vЙ™ canlД± dilerlЙ™r var. Pulu kartД±nД±za anД±nda kГ¶Г§ГјrГјrlЙ™r. ProqramД± dЙ™ var, telefondan oynamaq Г§ox rahatdД±r. RЙ™smi sayt п»їrЙ™smi sayt yoxlayД±n.
January 17, 2026

Ernestbub

2026 yД±lД±nda en Г§ok kazandД±ran casino siteleri hangileri? CevabД± platformumuzda mevcuttur. Bedava bahis veren siteleri ve yeni adres linklerini paylaЕџД±yoruz. Д°ncelemek iГ§in п»їcasino siteleri kazanmaya baЕџlayД±n.
January 17, 2026

DavidSaw

Реставрация мебели Ремонт деревянного покрытия: Тепло натурального дерева в вашем доме
January 18, 2026

VincentSlurf

Situs Bonaslot adalah bandar judi slot online nomor 1 di Indonesia. Banyak member sudah mendapatkan Maxwin sensasional disini. Proses depo WD super cepat kilat. Situs resmi п»їklik disini jangan sampai ketinggalan.
January 18, 2026

Ernestbub

Situs Bonaslot adalah agen judi slot online terpercaya di Indonesia. Banyak member sudah merasakan Jackpot sensasional disini. Transaksi super cepat kilat. Link alternatif п»їdaftar situs judi slot gas sekarang bosku.
January 18, 2026

Shaunanend

Pin-Up AZ Г¶lkЙ™mizdЙ™ Й™n populyar kazino saytД±dД±r. Burada Г§oxlu slotlar vЙ™ canlД± dilerlЙ™r var. Pulu kartД±nД±za tez kГ¶Г§ГјrГјrlЙ™r. Mobil tЙ™tbiqi dЙ™ var, telefondan oynamaq Г§ox rahatdД±r. GiriЕџ linki п»їЙ™traflД± mЙ™lumat baxД±n.
January 18, 2026

Earnestslify

п»їMerhaba arkadaЕџlar, Г¶deme yapan casino siteleri bulmak istiyorsanД±z, hazД±rladД±ДџД±mД±z listeye kesinlikle gГ¶z atД±n. LisanslД± firmalarД± ve fД±rsatlarД± sizin iГ§in listeledik. DolandД±rД±lmamak iГ§in doДџru adres: п»їhttps://cassiteleri.us.org/# tГјrkГ§e casino siteleri bol Еџanslar.
January 18, 2026

ThomasRes

みんなのFX
January 18, 2026

Shaunanend

п»їSalam dostlar, Й™gЙ™r siz etibarlД± kazino axtarД±rsД±nД±zsa, mГјtlЙ™q Pin Up saytД±nД± yoxlayasД±nД±z. ЖЏn yaxЕџД± slotlar vЙ™ rahat pul Г§Д±xarД±ЕџД± burada mГ¶vcuddur. Д°ndi qoЕџulun vЙ™ ilk depozit bonusunu gГ¶tГјrГјn. Oynamaq ГјГ§Гјn link: п»їЙ™traflД± mЙ™lumat uДџurlar hЙ™r kЙ™sЙ™!
January 18, 2026

Earnestslify

Bocoran slot gacor hari ini: mainkan Gate of Olympus atau Mahjong Ways di Bonaslot. Situs ini anti rungkad dan aman. Promo menarik menanti anda. Kunjungi: п»їhttps://bonaslotind.us.com/# Bonaslot dan menangkan.
January 18, 2026

Ernestbub

Online slot oynamak isteyenler iГ§in kД±lavuz niteliДџinde bir site: п»їen iyi casino siteleri Nerede oynanД±r diye dГјЕџГјnmeyin. OnaylД± casino siteleri listesi ile sorunsuz oynayД±n. Detaylar linkte.
January 18, 2026

VincentSlurf

Pin-Up AZ AzЙ™rbaycanda Й™n populyar platformadД±r. Saytda minlЙ™rlЙ™ oyun vЙ™ Aviator var. QazancД± kartД±nД±za tez kГ¶Г§ГјrГјrlЙ™r. Mobil tЙ™tbiqi dЙ™ var, telefondan oynamaq Г§ox rahatdД±r. GiriЕџ linki п»їPin Up yoxlayД±n.
January 18, 2026

Lloydlepay

If you need help learning how to create account in betwinner, the full guide is available at https://bet-promo-codes.com/sportsbook-reviews/betwinner-registration/ вЂ” perfect for new users.
January 18, 2026

VincentSlurf

Bonaslot adalah agen judi slot online terpercaya di Indonesia. Banyak member sudah merasakan Maxwin sensasional disini. Proses depo WD super cepat hanya hitungan menit. Link alternatif п»їslot gacor hari ini jangan sampai ketinggalan.
January 18, 2026

Ernestbub

п»їHalo Bosku, cari situs slot yang gacor? Coba main di Bonaslot. RTP Live tertinggi hari ini dan terbukti membayar. Isi saldo bisa pakai Dana tanpa potongan. Login disini: п»їhttps://bonaslotind.us.com/# bonaslotind.us.com semoga maxwin.
January 18, 2026

Earnestslify

п»їSalam Gacor, cari situs slot yang mudah menang? Rekomendasi kami adalah Bonaslot. RTP Live tertinggi hari ini dan terbukti membayar. Deposit bisa pakai Pulsa tanpa potongan. Daftar sekarang: п»їBonaslot login semoga maxwin.
January 18, 2026

Earnestslify

Aktual Pin Up giriЕџ ГјnvanД±nД± axtarД±rsД±nД±zsa, doДџru yerdesiniz. Bloklanmayan link vasitЙ™silЙ™ hesabД±nД±za girin vЙ™ qazanmaДџa baЕџlayД±n. Pulsuz fД±rlanmalar sizi gГ¶zlЙ™yir. KeГ§id: п»їhttps://pinupaz.jp.net/# bura daxil olun qazancД±nД±z bol olsun.
January 18, 2026

Ernestbub

Bonaslot adalah bandar judi slot online nomor 1 di Indonesia. Banyak member sudah mendapatkan Maxwin sensasional disini. Proses depo WD super cepat kilat. Situs resmi п»їBonaslot slot gas sekarang bosku.
January 18, 2026

VincentSlurf

CanlД± casino oynamak isteyenler iГ§in kД±lavuz niteliДџinde bir site: п»їcassiteleri.us.org Hangi site gГјvenilir diye dГјЕџГјnmeyin. EditГ¶rlerimizin seГ§tiДџi casino siteleri listesi ile sorunsuz oynayД±n. TГјm liste linkte.