How to Use the filter_var() Function in PHP

  1. Sanitizing a String
  2. Validating an Integer
  3. Validating an IP Address
  4. Sanitizing and Validating an Email
  5. Sanitizing and Validating a URL
  6. Describing the filter_var Function

The filter_var() function is used for filtering a variable with a particular filter. You can use it for both validating and sanitizing data. The syntax of this function is as follows:

filter_var(var, filtername, options)

On success it returns the filtered data, otherwise, FALSE. Below, we will consider several use cases of the filter_var() function.

Sanitizing a String

In the example, demonstrated below, you can see how to sanitize a string with filter_var():

<?php

$str = "<h1>W3docs!</h1>";
$newstr = filter_var($str, FILTER_SANITIZE_STRING);
echo $newstr;

?>

The output of the example is as follows:

  W3docs!

Validating an Integer

In this section, we will demonstrate how to use filter_var() for testing whether the $int variable is an integer. If it is an integer, the code output will be "Integer is valid". Otherwise, it will show: "Integer is not valid".

Here is how the example will look like:

<?php

$int = 200;

if (filter_var($int, FILTER_VALIDATE_INT) === 0 || !filter_var($int, FILTER_VALIDATE_INT) === false) {
  echo ("Integer is valid");
} else {
  echo ("Integer is not valid");
}

?>

The output will show a valid integer:

  Integer is valid

Validating an IP Address

Below, you can see an example of using the filter_var() function for validating an IP address:

<?php

$ip = "129.0.0.1";

if (!filter_var($ip, FILTER_VALIDATE_IP) === false) {
  echo ("$ip is a valid IP address");
} else {
  echo ("$ip is not a valid IP address");
}

?>

The output will show:

  129.0.0.1 is a valid IP address

Sanitizing and Validating an Email

Let’s see an example of using filter_var() for deleting illegal characters from the $email variable and checking whether it is a valid Email or not.

Here is how it looks like:

<?php

$email = "w3dcs@example.com";

// Removing all the illegal characters from email 
$email = filter_var($email, FILTER_SANITIZE_EMAIL);

// Validate e-mail 
if (!filter_var($email, FILTER_VALIDATE_EMAIL) === false) {
  echo ("$email is a valid email address");
} else {
  echo ("$email is not a valid email address");
}

?>

The output is:

  w3dcs@example.com is a valid email address

Sanitizing and Validating a URL

The example, demonstrated below, applies filter_var() for removing the overall illegal characters from the URL and checking whether the $url is valid or not:

<?php

$url = "https://www.w3docs.com";

// Remove overall illegal characters from a URL 
$url = filter_var($url, FILTER_SANITIZE_URL);

// Validate url 
if (!filter_var($url, FILTER_VALIDATE_URL) === false) {
  echo ("$url is a valid URL");
} else {
  echo ("$url is not a valid URL");
}

?>

The output will look as follows:

  https://www.w3docs.com is a valid URL

Describing the filter_var Function

As it was noted at the beginning of our snippet, filter_var() is used for filtering a variable with a particular filter. It can be used for both validating and sanitizing the data.

It includes three parameters: variable, filter, and options.

More information about the filter_var() function can be found here.


Do you find this helpful?

Related articles