Sanitization

Example #1 Sanitizing and validating email addresses

<?php
$a
= 'joe@example.org';
$b = 'bogus - at - example dot org';
$c = '(bogus@example.org)';

$sanitized_a = filter_var($a, FILTER_SANITIZE_EMAIL);
if (
filter_var($sanitized_a, FILTER_VALIDATE_EMAIL)) {
echo
"This (a) sanitized email address is considered valid.\n";
}

$sanitized_b = filter_var($b, FILTER_SANITIZE_EMAIL);
if (
filter_var($sanitized_b, FILTER_VALIDATE_EMAIL)) {
echo
"This sanitized email address is considered valid.";
} else {
echo
"This (b) sanitized email address is considered invalid.\n";
}

$sanitized_c = filter_var($c, FILTER_SANITIZE_EMAIL);
if (
filter_var($sanitized_c, FILTER_VALIDATE_EMAIL)) {
echo
"This (c) sanitized email address is considered valid.\n";
echo
"Before: $c\n";
echo
"After: $sanitized_c\n";
}
?>

The above example will output:

This (a) sanitized email address is considered valid.
This (b) sanitized email address is considered invalid.
This (c) sanitized email address is considered valid.
Before: (bogus@example.org)
After: bogus@example.org

Example #2 Configuring a default filter

filter.default = full_special_chars
filter.default_flags = 0