English
English
In PHP, data filtering and verification are integral to processing user input. We often use filter_var() to verify a single data value, but if we have a set of data, such as multiple fields submitted by a form, each field requires different verification rules, it is very appropriate to use filter_var_array() at this time.
filter_var_array() is a function provided by PHP to filter multiple data values , usually a associative array, such as data from $_GET or $_POST . This function can process each field separately according to the filter rules you define.
The function prototype is as follows:
filter_var_array(array $data, array|int $definition, bool $add_empty = true): array|false|null
$data : The array data to be processed.
$definition : Filtering rule, which can be an integer (using the same filter for all fields) or an array (defining different filters for different fields).
$add_empty : Whether to include no matching keys in the result, default to true .
Suppose you have a user login form with mailbox and age fields. You want to verify the mailbox, integer verification of age and limit the range. Use filter_var_array() to process as follows:
$data = [
'email' => '[email protected]',
'age' => '25'
];
$filters = [
'email' => FILTER_VALIDATE_EMAIL,
'age' => [
'filter' => FILTER_VALIDATE_INT,
'options' => [
'min_range' => 18,
'max_range' => 99
]
]
];
$result = filter_var_array($data, $filters);
print_r($result);
The output may be:
Array
(
[email] => [email protected]
[age] => 25
)
If verification fails, the corresponding value will become false .
filter_var_array() is especially suitable for processing form data, because you can define clear validation rules and batch processing.
$_POST = [
'username' => 'jack',
'email' => '[email protected]',
'age' => '17'
];
$rules = [
'username' => [
'filter' => FILTER_SANITIZE_STRING,
'flags' => FILTER_FLAG_NO_ENCODE_QUOTES
],
'email' => FILTER_VALIDATE_EMAIL,
'age' => [
'filter' => FILTER_VALIDATE_INT,
'options' => ['min_range' => 18]
]
];
$cleanData = filter_var_array($_POST, $rules);
print_r($cleanData);
In this example, if the age is less than 18, the returned age will be false , prompting us that the verification failed.
You can set the default value through FILTER_DEFAULT and custom options, and you can also get meaningful output when fields are missing.
$data = [
'email' => 'wrong-format',
// 'age' => missing
];
$rules = [
'email' => FILTER_VALIDATE_EMAIL,
'age' => [
'filter' => FILTER_VALIDATE_INT,
'options' => ['default' => 18]
]
];
$result = filter_var_array($data, $rules);
print_r($result);
Output:
Array
(
[email] => false
[age] => 18
)
When you receive data submitted by third-party APIs, using filter_var_array() can quickly ensure data security.
$json = file_get_contents('https://api.gitbox.net/user/input');
$input = json_decode($json, true);
$filters = [
'email' => FILTER_VALIDATE_EMAIL,
'subscription' => FILTER_VALIDATE_BOOLEAN
];
$validated = filter_var_array($input, $filters);
If the incoming $data is not an array, filter_var_array() will return false .
If some keys are not in $definition , but $add_empty is set to true , they will still appear in the return result with a value of null .
Care is needed to use filters of type FILTER_SANITIZE_* , which are cleaning data rather than verifying data.
filter_var_array() is a very powerful tool that can help us batch verification and cleaning of a set of data, making the code more concise and maintainable. It can shine in processing form data, API requests, or any scenario that requires multi-field verification.
Learn to use filter_var_array() reasonably, and you will be able to greatly improve the security and efficiency of data processing in PHP projects.
