Easy way to data filter and validate in php

Before php 5.2.0 when we have to validate or filter user data, we normally use regex and some php functions. Some of those regex are difficult to understand. So normally most of the coders search in google to collect the correct regex to validate data and also use some php functions to filter data.

In php 5.2.0 a new extension is provided named filter to make these filter tasks much easy.  You can install it in your linux distro by simply typing in shell  pecl install filter

Before proceeding next at first check the available filters in your system:

echo '<pre>';
echo '</pre>';

Output in my system:

    [0] => int
    [1] => boolean
    [2] => float
    [3] => validate_regexp
    [4] => validate_url
    [5] => validate_email
    [6] => validate_ip
    [7] => string
    [8] => stripped
    [9] => encoded
    [10] => special_chars
    [11] => unsafe_raw
    [12] => email
    [13] => url
    [14] => number_int
    [15] => number_float
    [16] => magic_quotes
    [17] => callback

filter_list() is a method that returns a list of all supported filters.

Validate Email address

Normally we validate email address like this way

$email = "siddharth.jain@infoface.in";
if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) {
  echo "Valid email address.";
else {
  echo "Invalid email address.";

But using php’s filter functions you can easily verify that

$email  = "siddharth.jain@infoface.in";
 if(filter_var($email, FILTER_VALIDATE_EMAIL)){
      echo " $email is valid email address <br />";
 $email = "siddharth.jain@infoface,in";
 if(filter_var($email, FILTER_VALIDATE_EMAIL) === FALSE){
      echo " $email is not a valid email address <br />";


siddharth.jain@infoface.in is valid email address
siddharth.jain@infoface,in is not a valid email address

So using filter_var() and its parameters you can easily validate email, url, ip address and more.

Check this link to learn what type of data you can validate via filter functions. Normally FILTER_VALIDATE_EMAIL, FILTER_VALIDATE_INT,FILTER_VALIDATE_URL, FILTER_VALIDATE_IP are mostly used.

Data Sanitization

Data sensitization is very important. As a coder never trust user’s input. User may push SQL injection code or javascript code. So always validate or sanitize data before use. To sanitize data you can use the same filter functions but you have to only provide sanitize filters as second parameter. Some commonly used sanitize filters are:


You’ll see detail list and description from here. For example to get valid string from user input

$userData = array(
               "<script>javascript alert('hi');</script>",
               'P*}i@893746%%%p*.i.*}}|.dw<?php echo "echo works!!";?>'
   $myinputs = filter_var_array($userData, FILTER_SANITIZE_STRING);
   echo '<pre>';
   echo '</pre>';


    [0] => bold
    [1] => javascript alert('hi');
    [2] => P*}i@893746%%%p*.i.*}}|.dw

filter_var_array() is used to get multiple variables and optionally filters them. And this function is very useful for retrieving many values without repetitively calling filter_var().


One thought on “Easy way to data filter and validate in php

  1. Thi is such a very informative article and today i have learnt how to data filter and validate in php so thanks for sharing your kind knowledge on this great post .

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.