PHP Tutorial #24 Filters Part 2 " FILTER_SANITIZE "

in utopian-io •  6 years ago  (edited)

Image Source

Repository

https://github.com/php/php-src 

What Will I Learn?

  • You will learn the " FILTER_SANITIZE_EMAIL " and " FILTER_SANITIZE_ENCODED ".
  • You will learn the " FILTER_SANITIZE_QUOTES " and " FILTER_SANITIZE_FLOAT ".
  • You will learn the " FILTER_SANITIZE_INT " and " FILTER_SANITIZE_SPECIAL_CHARS  ".
  • You will learn the " FILTER_SANITIZE_STRING " and " FILTER_SANITIZE_URL ".

Requirements

System Requirements:
OS Support for PHP
  • Windows
  • macOS
  • Linux

Required Knowledge

  • HTML language
  • CSS language

Difficulty

  •  Intermediate 

Description

In this tutorial we will learn the second part of "filters", in the previous tutorial we have learned the "FILTER_VALIDATE", today we will take the "FILTER_SANITIZE".

The idea is that the "FILTER_VALIDATE" will test and will validate if the value entered by the user is suitable and is correct with the type of the column in the database for example or not.

But the "FILTER_SANITIZE" will clean or delete all the characters that don't belong to this type, and will return the original caracters of this type.

We need before validation to do the impossible and to minimize the faults of the user, and for that we will use before any validate the sanitize.

PHP offers 11 types of filtering, we will see 8 important types with their flags and use.

FILTER_SANITIZE_EMAIL , QUOTES and URL 

Before using the validation filters as we have already said, we must minimize the rate of mistakes by the use of cleaning filters, for that we have the " FILTER_SANITIZE_EMAIL " that goes Deletes all the characters except the letters, numbers, and these characters : [! # $% & '* + - =? ^ _ `{|} ~ @. []] , to return a correct email.

And we also have the " FILTER_SANITIZE_URL " to delete all characters except the letters, digits, and special characters : [$ -_. +! * '(), {} | \\ ^ ~ [] `<> #%"; /? : @ & =] to clean the URL.

Finally we have the " FILTER_SANITIZE_MAGIC_QUOTES ", which will apply the rules of the " addslaches() " function, to add backslaches before the characters : 

Single quotation marks (')

Double quotation marks (")

FILTER_SANITIZE_FLOAT and INT 

We have learned the previous tutorial that we can easly validate the value entered by the user if it's a correct value or not , or it's a number or not, with both possibilties "Float and Int", today is in this tutorial, we will learn how to sanitize the value entered by the user to be a correct number, using " FILTER_SANITIZE_NUMBER_FLOAT " and these flags

FILTER_FLAG_ALLOW_FRACTION

FILTER_FLAG_ALLOW_THOUSAND

FILTER_FLAG_ALLOW_SCIENTIFIC

And also the " FILTER_SANITIZE_NUMBER_INT " .

FILTER_SANITIZE_ENCODED, STRING and  FILTER_SANITIZE_SPECIAL_CHARS 

For the security of your site or database, you must use the " FILTER_SANITIZE_ENCODED " or " FILTER_SANITIZE_SPECIAL_CHARS " to transform the HTML tags and codes, the spaces and all to HTML entities and apply the encoding for these characters.

For more security you can use the " FILTER_SANITIZE_STRING " that will just return the text, if you pass a code javascript or HTML code, it will filter it and just return the text.

They have several common flags:

FILTER_FLAG_NO_ENCODE_QUOTES

FILTER_FLAG_STRIP_LOW

FILTER_FLAG_STRIP_HIGH

FILTER_FLAG_STRIP_BACKTICK

FILTER_FLAG_ENCODE_LOW

FILTER_FLAG_ENCODE_HIGH

FILTER_FLAG_ENCODE_AMP

The effect of the special characters will be in the source code 

Video Tutorial

Curriculum

Proof of Work Done

https://github.com/alexendre-maxim/PHP-Tutorial/blob/master/sanitize.html

https://github.com/alexendre-maxim/PHP-Tutorial/blob/master/sanitize.php

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

Hi @alexendre-maxim

Thank you for your contribution to the video category.

I see that you try to write better post. Sometimes it is difficult for people whose English is their second language.

Try to write simple sentences. This will help to make your text flow in the tutorial.

Again, your deliverance in the video tutorial is improving.

Your contribution has been evaluated according to Utopian policies and guidelines, as well as a predefined set of questions pertaining to the category.

To view those questions and the relevant answers related to your post, click here.


Need help? Chat with us on Discord.

[utopian-moderator]

Thank you for your review, @rosatravels! Keep up the good work!

Thank you @rosatravels, I will try to put more detailed and precise sentences.

Great post! I invite you to watch the last video on channel54

Thank you for your invetation@channel64

Hi @alexendre-maxim!

Your post was upvoted by @steem-ua, new Steem dApp, using UserAuthority for algorithmic post curation!
Your post is eligible for our upvote, thanks to our collaboration with @utopian-io!
Feel free to join our @steem-ua Discord server

Thank you @steem-ua

Hey, @alexendre-maxim!

Thanks for contributing on Utopian.
We’re already looking forward to your next contribution!

Get higher incentives and support Utopian.io!
Simply set @utopian.pay as a 5% (or higher) payout beneficiary on your contribution post (via SteemPlus or Steeditor).

Want to chat? Join us on Discord https://discord.gg/h52nFrV.

Vote for Utopian Witness!

Thank you