W3docs
en
Log in

How to Use the filter_var() Function in PHP

Let’s dive deeper into the world of PHP. Here, we are going to discover the filter_var() function. Let’s see for what purposes it can be used in PHP.

Tags

The filter_var() function is used for filtering a variable with a particular filter. You can use it for both validating and sanitizing data. The syntax of this function is as follows:

php filter_var syntax

filter_var(var, filtername, options)

On success it returns the filtered data, otherwise, FALSE. Below, we will consider several use cases of the filter_var() function.

Sanitizing a String

In the example below, you can see how to sanitize a string with filter_var() : it will remove all HTML tags and encode special characters.

php sanitize a string with filter_var

<?php

$str = "<h1>W3docs!</h1>";
$newstr = filter_var($str, FILTER_SANITIZE_FULL_SPECIAL_CHARS);
echo $newstr;

?>
Try it Yourself »

The output of the example is as follows:

W3docs!

Validating an Integer

In this section, we will demonstrate how to use filter_var() $int variable is an integer. If it is an integer, the code outputs "Valid integer". Otherwise, it shows "Invalid Integer".

Here is the example:

php check if integer is valid or not

<?php

$int = 200;

if (filter_var($int, FILTER_VALIDATE_INT) !== false) {
  echo "Valid integer";
} else {
  echo "Invalid Integer";
}

?>
Try it Yourself »

The output will show a valid integer:

Valid integer

Validating an IP Address

Below is an example of using the filter_var() function for validating an IP address:

php check if ip address is valid or not

<?php

$ip = "129.0.0.1";

if (!filter_var($ip, FILTER_VALIDATE_IP) === false) {
  echo "$ip is a valid IP address";
} else {
  echo "$ip is not a valid IP address";
}

?>
Try it Yourself »

The output will show:

129.0.0.1 is a valid IP address

Sanitizing and Validating an Email

Let’s see an example of using filter_var() filter_var() $email variable and check whether it is a valid email.

Here is how it looks:

php check if an email is valid or not

<?php

$email = "[email protected]";

// Removing all the illegal characters from email
$email = filter_var($email, FILTER_SANITIZE_EMAIL);

// Validate e-mail
if (!filter_var($email, FILTER_VALIDATE_EMAIL) === false) {
  echo "$email is a valid email address";
} else {
  echo "$email is not a valid email address";
}

?>
Try it Yourself »

The output is:

[email protected] is a valid email address

Sanitizing and Validating a URL

The example below applies filter_var() $url and check whether it is valid:

php check if url is valid or not

<?php

$url = "https://www.w3docs.com";

// Remove overall illegal characters from a URL
$url = filter_var($url, FILTER_SANITIZE_URL);

// Validate url
if (!filter_var($url, FILTER_VALIDATE_URL) === false) {
  echo "$url is a valid URL";
} else {
  echo "$url is not a valid URL";
}

?>
Try it Yourself »

The output will look as follows:

https://www.w3docs.com is a valid URL

Describing the filter_var Function

As noted at the beginning, filter_var() is used for filtering a variable with a particular filter. It supports both validation and sanitization.

It accepts three parameters: variable filter filter_var() options .

Common filters include FILTER_VALIDATE_INT, FILTER_VALIDATE_EMAIL, FILTER_VALIDATE_URL, and FILTER_DEFAULT (which applies FILTER_UNSAFE_RAW by default).

More information about the filter_var() function can be found here.