PHP | filter_var() Function

The filter_var() function filters a variable with the specified filter. This function is used to both validate and sanitize the data.

Syntax :-

filter_var(var, filtername, options)

Parameters: This function accepts three parameters and are described below:

1. var : It is the required field. It denotes the variable to filter.
2. filtername : It is used to specify the ID or name of the filter to use. Default is FILTER_DEFAULT, which results in no filtering. It is optional field.
3. options : It is used to specify one or more flags/options to use. Check each filter for possible options and flags. It is also optional field.

Return Value: It returns the filtered data on success, or FALSE on failure.

Below are some different applications of filter_var() function:

• Sanitize a string :
  In the below example we sanitize a string

  Example:-

  
  

  
  
  

  <?php    $str = "<h1>GeeksforGeeks!</h1>"; $newstr = filter_var($str, FILTER_SANITIZE_STRING); echo $newstr;    ?>

  Output :-

  GeeksforGeeks!
  

• Validate an Integer :

  The below example uses the filter_var() function to check if the variable $int is an integer. If $int is an integer, the output of the code below will be: “Integer is valid”. If $int is not an integer, the output will be: “Integer is not valid”:

  Example:-

  
  

  
  
  

  <?php    $int = 200;    if (filter_var($int, FILTER_VALIDATE_INT) === 0 ||      !filter_var($int, FILTER_VALIDATE_INT) === false)  {     echo("Integer is valid"); }  else  {     echo("Integer is not valid"); }    ?>

  Output :-

  Integer is valid 
  

• Validate an IP Address :
  The following example uses the filter_var() function to check if the variable $ip is a valid IP address:

  Example :-

  
  

  
  
  

  <?php    $ip = "129.0.0.1";    if (!filter_var($ip, FILTER_VALIDATE_IP) === false) {     echo("$ip is a valid IP address"); } else {     echo("$ip is not a valid IP address"); }    ?>

  Output :-

  129.0.0.1 is a valid IP address
   

• Sanitize and Validate an Email Address :
  The following example uses the filter_var() function to first remove all illegal characters from the $email variable, then check if it is a valid email address:

  Example :-

  
  

  
  
  

  <?php    $email = "gfg@example.com";    // Remove all illegal characters from email $email = filter_var($email, FILTER_SANITIZE_EMAIL);    // Validate e-mail if (!filter_var($email, FILTER_VALIDATE_EMAIL) === false) {     echo("$email is a valid email address"); } else {     echo("$email is not a valid email address"); }    ?>

  Output :-

  gfg@example.com is a valid email address 
  

• Sanitize and Validate a URL :
  The following example uses the filter_var() function to first remove all illegal characters from a URL, then check if $url is a valid URL:

  Example :-

  
  

  
  
  

  <?php    $url = "https://www.geeksforgeeks.org";    // Remove all illegal characters from a url $url = filter_var($url, FILTER_SANITIZE_URL);    // Validate url if (!filter_var($url, FILTER_VALIDATE_URL) === false) {     echo("$url is a valid URL"); } else {     echo("$url is not a valid URL"); }    ?>

  Output :-

  https://www.geeksforgeeks.org is a valid URL
  

Reference:
http://php.net/manual/en/function.filter-var.php