This PHP filters is used to validate and filter data coming from insecure sources, like user input.
Installation
The filter functions are part of the PHP core. There is no installation needed to use these functions.
PHP Filter Functions
PHP: indicates the earliest version of PHP that supports the function.
| Function | Description | PHP version |
|---|---|---|
| filter_has_var() | Checks if a variable of a specified input type exist | 5 |
| filter_id() | Returns the ID number of a specified filter | 5 |
| filter_input() | Get input from outside the script and filter it | 5 |
| filter_input_array() | Get multiple inputs from outside the script and filters them |
5 |
| filter_list() | Returns an array of all supported filters | 5 |
| filter_var_array() | Get multiple variables and filter them | 5 |
| filter_var() | Get a variable and filter it | 5 |
PHP Filters
| ID Name | Description |
|---|---|
| FILTER_CALLBACK | Call a user-defined function to filter data |
| FILTER_SANITIZE_STRING | Strip tags, optionally strip or encode special characters |
| FILTER_SANITIZE_STRIPPED | Alias of “string” filter |
| FILTER_SANITIZE_ENCODED | URL-encode string, optionally strip or encode special characters |
| FILTER_SANITIZE_SPECIAL_CHARS | HTML-escape ‘”<>& and characters with ASCII value less than 32 |
| FILTER_SANITIZE_EMAIL | Remove all characters, except letters, digits and !#$%&’*+-/=?^_`{|}~@.[] |
| FILTER_SANITIZE_URL | Remove all characters, except letters, digits and $-_.+!*’(),{}|\\^~[]`<>#%”;/?:@&= |
| FILTER_SANITIZE_NUMBER_INT | Remove all characters, except digits and +- |
| FILTER_SANITIZE_NUMBER_FLOAT | Remove all characters, except digits, +- and optionally .,eE |
| FILTER_SANITIZE_MAGIC_QUOTES | Apply addslashes() |
| FILTER_UNSAFE_RAW | Do nothing, optionally strip or encode special characters |
| FILTER_VALIDATE_INT | Validate value as integer, optionally from the specified range |
| FILTER_VALIDATE_BOOLEAN | Return TRUE for “1″, “true”, “on” and “yes”, FALSE for “0″, “false”, “off”, “no”, and “”, NULL otherwise |
| FILTER_VALIDATE_FLOAT | Validate value as float |
| FILTER_VALIDATE_REGEXP | Validate value against regexp, a Perl-compatible regular expression |
| FILTER_VALIDATE_URL | Validate value as URL, optionally with required components |
| FILTER_VALIDATE_EMAIL | Validate value as e-mail |
| FILTER_VALIDATE_IP | Validate value as IP address, optionally only IPv4 or IPv6 or not from private or reserved ranges |
The Zip files functions let you to read ZIP files.
Installation
For the Zip file functions to work on your server, these libraries must be installed:
- The ZZIPlib library by
Guido Draheim: Download the ZZIPlib library
- The Zip PELC
extension:Â Download the Zip PELC extension
Installation on Linux Systems
PHP 5+: Zip functions and the Zip
library is not enabled by default and must be downloaded from the links above.
Use the –with-zip=DIR configure option to include Zip support.
Installation on Windows Systems
PHP 5+: Zip functions are not
enabled by default, so the php_zip.dll and the ZZIPlib library must be downloaded from the link above. Php_zip.dll must be enabled inside of php.ini. To enable any PHP extension, the PHP extension_dir setting (in the php.ini file) should be set to the directory where the PHP extensions are located. An example extension_dir value is c:\php\ext.
PHP Zip File Functions
PHP: indicates the earliest version of PHP that supports the function.
| Function | Description | PHPversion |
|---|---|---|
| zip_close() | Closes a ZIP file | 4 |
| zip_entry_close() | Closes an entry in the ZIP file | 4 |
| zip_entry_compressedsize() | Returns the compressed size of an entry in the ZIP file | 4 |
| zip_entry_compressionmethod() | Returns the compression method of an entry in the ZIP file |
4 |
| zip_entry_filesize() | Returns the actual file size of an entry in the ZIP file |
4 |
| zip_entry_name() | Returns the name of an entry in the ZIP file | 4 |
| zip_entry_open() | Opens an entry in the ZIP file for reading | 4 |
| zip_entry_read() | Reads from an open entry in the ZIP file | 4 |
| zip_open() | Opens a ZIP file | 4 |
| zip_read() | Reads the next entry in a ZIP file | 4 |
The HTTP functions let you influence information sent to the browser by the Web server, before any other output has been sent.
Installation
The index functions are part of the PHP core. There is no installation needed to employ these functions.
PHP HTTP Functions
PHP: indicates the earliest version of PHP that ropes the function.
| Function | Description | PHP version |
|---|---|---|
| header() | Sends a raw HTTP header to a client | 3 |
| headers_list() | Returns a list of response headers sent (or ready to send) |
5 |
| headers_sent() | Checks if / where the HTTP headers have been sent | 3 |
| setcookie() | Sends an HTTP cookie to a client | 3 |
| setrawcookie() | Sends an HTTP cookie without URL encoding the cookie value |
5 |
Setting and reading cookies in PHP is a part of–dare we say it?–cake. We don’t want to get into all the misinformation about cookies, but they’re important and useful. Sometimes they’re the right tool for the work.
create and modify a cookie In PHP
To create and modify a cookie, use the PHP function setcookie(). setcookie() takes up to six arguments, depending upon how much control you want over the cookie and who can read its value.
The best way of setting a cookie is like this:
setcookie(‘name’, ‘xxx’);
Then, for every further page on your site viewed by this browser (without the user quitting) you’ll have the value of ‘xxx’ stored in the variable $name for easy right to use in PHP. This type of cookie is known as a session cookie, since it lasts for the length of a user’s session.
If you want the cookie to persevere after the person exits his or her browser, you must pass setcookie() through a third parameter, the date you want the cookie to expire. Since PHP’s background springs fully formed from the head of Unix, you correspond to this time as the number of seconds since March 23, 1985. If you’re a Unix programmer, this makes total sense. But, if you’re from a Windows or a Macintosh background, you’re just trembling your head wondering if you’ll ever understand those wacky Unix folk.
PHP has a very nice function, mktime(). You pass mktime() (in this order) the hour, minute, second, month, day, and year that you want to represent, and mktime() returns to you the number of seconds since March 1, 1985. So, if you want to simulate a ZZZ meltdown:
<?php
$ZZZ = mktime(0,0,0,1,1,2000);
setcookie(‘name’, ‘xxx’, $ZZZ);
?>
your cookie will end with the millennium.
If you want to update a cookie to store a newer value, you can simply overwrite its value. So, even if you’ve previously sent the cookie above on an earlier page, it’s perfectly legal to go ahead and change your name to “akki.”
<?php
$ZZZ = mktime(0,0,0,1,1,2000);
setcookie(‘name’, ‘akki’, $ZZZ);
?>
Note that doing this doesn’t alter the value of the variable $name. It’s set when the page is loaded. If you want to make sure these two are always in sync, you can code like this:
<?php
$name = ‘Akki’;
$ZZZ = mktime(0,0,0,1,1,2000);
setcookie(‘name’, $name, $ZZZ);
?>
The next two parameters for setcookie() let you control the path and the domain of who can read your cookie. By default, only pages equivalent to or lower down in the ladder on the same server that sends the cookie can read its value. That’s for security’s sake. However, if you had an account that’s sometimes “www.any.com” but also “other.any.com,” and your account lets you serve pages from ~/myhome, you should modify setcookie() as such:
<?php
setcookie(‘name’, ‘akki’, $ZZZ, ‘~/myhome’, ‘.any.com’);
?>
The last parameter to setcookie(), which we’ve never used, teach that the cookie be sent only to a Web server that’s running a secure connection such as SSL. For this to occur, set the sixth value to 1.
Delete Cookie
Deleting a cookie is simple, simply pass setcookie() the name of your cookie and PHP will arrange for it to be deleted.
<?php setcookie(‘name’); ?>
There’s one last important item to cite about using cookies. Because of the way cookies work within HTTP, it’s important that you send all cookies before you print any text. If you don’t, PHP will give you a warning and your cookies will not be sent. So, this is OK:
<?php
setcookie(‘name’, ‘akki’);
echo “Good Morning!”;
?>
But this is not:
<?php
echo “Good Morning!”;
setcookie(‘name’, ‘akki’);
?>
The FTP functions give client access to file servers through the File Transfer Protocol (FTP).
The FTP functions are used to open, login and close connections, as well as upload, download, rename, delete, and get information on files from file servers. Not all of the FTP functions will work with every server or return the same results. The FTP functions became available with PHP 3.
These functions are meant for detailed access to an FTP server. If you only wish to read from or write to a file on an FTP server, consider using the ftp://wrapper with the File system functions.
Installation
The windows version of PHP has built-in support for the FTP extension. So, the FTP functions will work automatically.
However, if you are running the Linux version of PHP, you will have to compile PHP with –enable-ftp (PHP 4+) or –with-ftp (PHP 3) to get the FTP functions to work.
PHP FTP Functions
PHP: indicates the earliest version of PHP that supports the function.
| Function | Description | PHP version |
|---|---|---|
| ftp_alloc() | Allocates space for a file to be uploaded to the FTP server |
5 |
| >ftp_cdup() | Changes the current directory to the parent directory on the FTP server |
3 |
| ftp_chdir() | Changes the current directory on the FTP server | 3 |
| ftp_chmod() | Sets permissions on a file via FTP | 5 |
| ftp_close() | Closes an FTP connection | 4 |
| ftp_connect() | Opens an FTP connection | 3 |
| ftp_delete() | Deletes a file on the FTP server | 3 |
| ftp_exec() | Executes a program/command on the FTP server | 4 |
| ftp_fget() | Downloads a file from the FTP server and saves it to an open file |
3 |
| ftp_fput() | Uploads from an open file and saves it to a file on the FTP server |
3 |
| ftp_get_option() | Returns runtime behaviors of the FTP connection | 4 |
| ftp_get() | Downloads a file from the FTP server | 3 |
| ftp_login() | Logs on to an FTP connection | 3 |
| ftp_mdtm() | Returns the last modified time of a specified file | 3 |
| ftp_mkdir() | Creates a new directory on the FTP server | 3 |
| ftp_nb_continue() | Continues retrieving/sending a file (non-blocking) | 4 |
| ftp_nb_fget() | Downloads a file from the FTP server and saves it to an open file (non-blocking) |
4 |
| ftp_nb_fput() | Uploads from an open file and saves it to a file on the FTP server (non-blocking) |
4 |
| ftp_nb_get() | Downloads a file from the FTP server (non-blocking) | 4 |
| ftp_nb_put() | Uploads a file to the FTP server (non-blocking) | 4 |
| ftp_nlist() | Lists the files in a specified directory on the FTP server |
3 |
| ftp_pasv() | Turns passive mode on or off | 3 |
| ftp_put() | Uploads a file to the FTP server | 3 |
| ftp_pwd() | Returns the current directory name | 3 |
| ftp_quit() | Alias of ftp_close() | 3 |
| ftp_raw() | Sends a raw command to the FTP server | 5 |
| ftp_rawlist() | Returns a detailed list of files in the specified directory |
3 |
| ftp_rename() | Renames a file or directory on the FTP server | 3 |
| ftp_rmdir() | Removes a directory on the FTP server | 3 |
| ftp_set_option() | Sets runtime options for the FTP connection | 4 |
| ftp_site() | Sends a SITE command to the server | 3 |
| ftp_size() | Returns the size of the specified file | 3 |
| ftp_ssl_connect() | Opens a secure SSL-FTP connection | 4 |
| ftp_systype() | Returns the system type identifier of the FTP server | 3 |
PHP FTP Constants
PHP: indicates the earliest version of PHP that supports the constant.
| Constant | Description | PHP |
|---|---|---|
| FTP_ASCII | 3 | |
| FTP_TEXT | 3 | |
| FTP_BINARY | 3 | |
| FTP_IMAGE | 3 | |
| FTP_TIMEOUT_SEC | 3 | |
| FTP_AUTOSEEK | 4 | |
| FTP_AUTORESUME | Determine resume position and start position for get and put requests automatically |
4 |
| FTP_FAILED | Asynchronous transfer has failed | 4 |
| FTP_FINISHED | Asynchronous transfer has finished | 4 |
| FTP_MOREDATA | Asynchronous transfer is still active | 4 |
