Clever Geek Handbook

PHP filter () function - why?

Why do I want to use the PHP filter library? Why don't I want to?

It seems like you're trying to do a little cleanup (it's terrible when you have to work with regexes), but on the other hand, the naming functions and parameter constants seem like a disaster if you ask me. It must have been included in PHP for some reason, but I just don't like it. What am I missing?

Edit later:
Regarding GaryF's answer, I want to explain a little why I don't like this feature. It's not about using it in "my case" if it fits. It's about using it wherever it fits. There is a good chance that you will need a filter that will not match the PHP functionality, so I will have to create my own filter. In this case, the application will use two completely different types of functions to filter the data. In my opinion, this is much worse than just reinventing a better wheel.

+1


source to share


3 answers


My position is that the concept of filtering input data is conceptually flawed. See my answer to a nearly similar question What is the best method to sanitize user input with PHP?



+1


source


Probably the best resource for this is the tutorial linked from the PHP man page: http://devolio.com/blog/archives/413-Data-Filtering-Using-PHPs-Filter-Functions-Part-one.html



It's decent enough for simple filtering, but if you don't find your use case on this page, it probably isn't for you.

+2


source


Using a well-tested data filtering framework to prevent XSS and SQL Injection attacks.

If you look at all the possibilities, this is the type of filtering you don't want to implement yourself.

http://www.php.net/manual/en/intro.filter.php

+1


source






More articles:


All Articles