{"id":2772,"date":"2021-09-28T14:28:35","date_gmt":"2021-09-28T14:28:35","guid":{"rendered":"https:\/\/phptutorial.net\/?page_id=2772"},"modified":"2021-09-28T14:32:34","modified_gmt":"2021-09-28T14:32:34","slug":"php-filter","status":"publish","type":"page","link":"https:\/\/www.phptutorial.net\/php-tutorial\/php-filter\/","title":{"rendered":"PHP filter"},"content":{"rendered":"\n

Summary<\/strong>: in this tutorial, you’ll learn to define a PHP filter()<\/code> function that sanitizes and validates data.<\/p>\n\n\n\n

Define PHP filter() function #<\/a><\/h2>\n\n\n\n

In the previous tutorials, you learned how to define the sanitize()<\/a><\/code> and validate()<\/a><\/code> functions to sanitize and validate data.<\/p>\n\n\n\n

The sanitize()<\/code> function sanitizes data based on specified filters and returns an array that contains the sanitized data. For example:<\/p>\n\n\n

$inputs = sanitize($_POST, [\n    'name'<\/span> => 'string'<\/span>,\n    'email'<\/span> => 'email'<\/span>\n]);<\/code><\/span>Code language:<\/span> PHP<\/span> (<\/span>php<\/span>)<\/span><\/small><\/pre>\n\n\n
The validate()<\/code> function validates data based on the rules and returns an array that contains the error messages:<\/p>\n\n\n
$errors = validate($inputs,[\n    'name'<\/span> => 'required | max: 255'<\/span>,\n    'email'<\/span> => 'required | email'<\/span>,\n]);<\/code><\/span>Code language:<\/span> PHP<\/span> (<\/span>php<\/span>)<\/span><\/small><\/pre>\n\n\n
These functions work fine. However, you need to specify two sets of rules: sanitization and validation rules.<\/p>\n\n\n\n
To make them more concise, you can define a filter()<\/code> function that both sanitizes and validates data based on the combination of the sanitization and validation rules:<\/p>\n\n\n
function<\/span> filter<\/span>(array $data, array $fields, array $messages=[])<\/span>: array<\/span>\n<\/span>{\n    \/\/ implementation<\/span>\n}<\/code><\/span>Code language:<\/span> PHP<\/span> (<\/span>php<\/span>)<\/span><\/small><\/pre>\n\n\n
For example:<\/p>\n\n\n
[$inputs, $errors] = filter($_POST, [\n    'name'<\/span> => 'string | required | max: 255'<\/span>,\n    'email'<\/span> => 'email | required | email'<\/span>,\n]);<\/code><\/span>Code language:<\/span> PHP<\/span> (<\/span>php<\/span>)<\/span><\/small><\/pre>\n\n\n
The name<\/code> field has the string<\/code> filter rule and the required | max: 255<\/code> validation rule in this code. Therefore, you need to extract the filter and validation rules from the $rules.<\/p>\n\n\n
$sanitization_rules = [];\n$validation_rules = [];\n\nforeach<\/span> ($fields as<\/span> $field => $rules) {\n    if<\/span> (strpos($rules, '|'<\/span>)) {\n        [$sanitization_rules[$field], $validation_rules[$field] ] =  explode('|'<\/span>, $rules, 2<\/span>);\n    } else<\/span> {\n            $sanitization_rules[$field] = $rules;\n    }\n}<\/code><\/span>Code language:<\/span> PHP<\/span> (<\/span>php<\/span>)<\/span><\/small><\/pre>\n\n\n
How it works.<\/p>\n\n\n\n
First, define two arrays that hold the sanitization and validation rules:<\/p>\n\n\n
$sanitization_rules = [];\n$validation_rules = [];<\/code><\/span>Code language:<\/span> PHP<\/span> (<\/span>php<\/span>)<\/span><\/small><\/pre>\n\n\n
Second, iterate over the $fields<\/code> array. For each element, if the $rules<\/code> contains the |<\/code> character, split the $rules<\/code> string using the |<\/code> separator into two and assign the first element to$sanitization_rules[$field]<\/code>and the second element to$validation_rules[$field]<\/code>. Otherwise, assign the $rules to the $sanitization_rules[$field]<\/code>.<\/p>\n\n\n\n
For example, if you have the following fields:<\/p>\n\n\n
[\n    'name'<\/span> => 'string | required | max: 255'<\/span>,\n    'email'<\/span> => 'email | required | email'<\/span>,\n]<\/code><\/span>Code language:<\/span> PHP<\/span> (<\/span>php<\/span>)<\/span><\/small><\/pre>\n\n\n
The $sanitization_rules<\/code> will be:<\/p>\n\n\n
 [\n    'name'<\/span> => 'string'<\/span>,\n    'email'<\/span> => 'email'<\/span>,\n]<\/code><\/span>Code language:<\/span> PHP<\/span> (<\/span>php<\/span>)<\/span><\/small><\/pre>\n\n\n
And the validation_rules<\/code> will be:<\/p>\n\n\n
[\n    'name'<\/span> => 'required | max: 255'<\/span>,\n    'email'<\/span> => 'required | email'<\/span>,\n]<\/code><\/span>Code language:<\/span> PHP<\/span> (<\/span>php<\/span>)<\/span><\/small><\/pre>\n\n\n
Once having the sanitization and validation rules, you can call the sanitize()<\/code> and validate()<\/code> function in sequence and returns an array that contains the sanitized inputs and validation errors:<\/p>\n\n\n
\/\/ ...<\/span>\n$inputs = sanitize($data, $sanitization_rules);\n$errors = validate($inputs, $validation_rules, $messages);\n\nreturn<\/span> [$inputs, $errors];<\/code><\/span>Code language:<\/span> PHP<\/span> (<\/span>php<\/span>)<\/span><\/small><\/pre>\n\n\n
Here’s the complete filter()<\/code> function:<\/p>\n\n\n
function<\/span> filter<\/span>(array $data, array $fields, array $messages=[])<\/span> : array<\/span>\n<\/span>{\n    $sanitization_rules = [];\n    $validation_rules  = [];\n\n    foreach<\/span> ($fields as<\/span> $field=>$rules) {\n        if<\/span> (strpos($rules, '|'<\/span>)) {\n            [$sanitization_rules[$field], $validation_rules[$field] ] =  explode('|'<\/span>, $rules, 2<\/span>);\n        } else<\/span> {\n            $sanitization_rules[$field] = $rules;\n        }\n    }\n\n    $inputs = sanitize($data, $sanitization_rules);\n    $errors = validate($inputs, $validation_rules, $messages);\n\n    return<\/span> [$inputs, $errors];\n}<\/code><\/span>Code language:<\/span> PHP<\/span> (<\/span>php<\/span>)<\/span><\/small><\/pre>\n\n\n
Use the PHP filter() function #<\/a><\/h2>\n\n\n\n
The following example shows how to use the filter()<\/code> function:<\/p>\n\n\n
<?php<\/span>\n\nrequire<\/span> __DIR__<\/span> . '\/filter.php'<\/span>;\n\n$data = [\n    'name'<\/span> => ''<\/span>,\n    'email'<\/span> => 'john$email.com'<\/span>,\n];\n\n$fields = [\n    'name'<\/span> => 'string | required | max: 255'<\/span>,\n    'email'<\/span> => 'email | required | email'<\/span>\n];\n\n[$inputs, $errors] = filter($data, $fields);\n\nprint_r($inputs);\nprint_r($errors);<\/code><\/span>Code language:<\/span> PHP<\/span> (<\/span>php<\/span>)<\/span><\/small><\/pre>\n\n\n
Output:<\/p>\n\n\n
Array<\/span>\n(\n    [name] => Please enter the name\n    [email] => The email is not a valid email address\n)<\/code><\/span>Code language:<\/span> PHP<\/span> (<\/span>php<\/span>)<\/span><\/small><\/pre>\n\n\n
Summary #<\/a><\/h2>\n\n\n\n
  • Use the PHP filter()<\/code> helper function to sanitize and validate data.<\/li><\/ul>\n
    \n\t
    \n\t\t
    Did you find this tutorial useful?<\/div>\n\t\t
    \n\t\t\t\n\t\t\t\t\n\t\t\t\t\t<\/path>\n\t\t\t\t<\/svg>\n\t\t\t\t Yes <\/span>\n\t\t\t<\/button>\n\n\t\t\t\n\t\t\t\t\n\t\t\t\t\t<\/path>\n\t\t\t\t<\/svg>\n\t\t\t\t No <\/span>\n\t\t\t<\/button>\n\t\t<\/div>\n\t<\/header>\n\n\t
    \n\t\t
    \n\t\t\t
    <\/div>\n\t\t\t\n\t\t\t