FILTER_SANITIZE_STRING
For comparison we have displayed the original string and the string after using FILTER_SANITIZE_STRING function. You can see how the string is cleaned by removing the html tags and the quotes are also removed. Above example is a code visitors can use to post malicious codes to your system. We can sanitize such strings before using them.
FILTER_FLAG_NO_ENCODE_QUOTESIf we don't want to remove the quotes then we can add the flagFILTER_FLAG_NO_ENCODE_QUOTES like this
Output is here ( You will also get one alert window )
IN addition to above we can also add few more flags like this
Subscribe to our YouTube Channel here
This article is written by plus2net.com team.
https://www.plus2net.com
![]() |
filter_list:PHP list of filters available and how to display
filter_has_var: checking the existance of variable in PHP filter_var: Validating variable using filter id FILTER_VALIDATE_FLOAT: Validating Float data FILTER_VALIDATE_INT: Validating Integer with Maximum and Minimum range FILTER_VALIDATE_REGEXP: Validating REgular Expression FILTER_VALIDATE_EMAIL: Validating Email FILTER_VALIDATE_URL: Validating URL with query string and path FILTER_VALIDATE_IP: Validating IPV4 and IPV6 address FILTER_VALIDATE_BOOLEAN: Validating boolean variable FILTER_SANITIZE_STRING: Sanitize string FILTER_SANITIZE_URL: Sanitize url |