We can sanitize a string by using FILTER_SANITIZE_STRING which removes different tags and quotes to make the string safe for use. The id of this is 513.
For comparison we have displayed the original string and the string after using FILTER_SANITIZE_STRING function. You can see how the string is cleaned by removing the html tags and the quotes are also removed. Above example is a code visitors can use to post malicious codes to your system. We can sanitize such strings before using them.
FILTER_FLAG_NO_ENCODE_QUOTESIf we don't want to remove the quotes then we can add the flag
Output is here ( You will also get one alert window )
IN addition to above we can also add few more flags like this
This article is written by plus2net.com team.
filter_list:PHP list of filters available and how to display
filter_has_var: checking the existance of variable in PHP
filter_var: Validating variable using filter id
FILTER_VALIDATE_FLOAT: Validating Float data FILTER_VALIDATE_INT: Validating Integer with Maximum and Minimum range
FILTER_VALIDATE_REGEXP: Validating REgular Expression
FILTER_VALIDATE_EMAIL: Validating Email
FILTER_VALIDATE_URL: Validating URL with query string and path
FILTER_VALIDATE_IP: Validating IPV4 and IPV6 address
FILTER_VALIDATE_BOOLEAN: Validating boolean variable
FILTER_SANITIZE_STRING: Sanitize string FILTER_SANITIZE_URL: Sanitize url