PHP - Types of filters

Below is the complete list of types of filter supported by PHP.

Validate filters
Sanitize filters
Other filters
Filter flags

Validate filters

List of filters for validation

ID	Name	Options	Flags	Description
FILTER_VALIDATE_BOOLEAN, FILTER_VALIDATE_BOOL	"boolean"	default	FILTER_NULL_ON_FAILURE	Returns true for "1", "true", "on" and "yes". Returns false otherwise. If FILTER_NULL_ON_FAILURE is set, false is returned only for "0", "false", "off", "no", and "", and null is returned for all non-boolean values.
FILTER_VALIDATE_DOMAIN	"validate_domain"	default	FILTER_FLAG_HOSTNAME, FILTER_NULL_ON_FAILURE	Validates whether the domain name label lengths are valid. Optional flag: FILTER_FLAG_HOSTNAME adds ability to specifically validate hostnames (they must start with an alphanumeric character and contain only alphanumerics or hyphens).
FILTER_VALIDATE_EMAIL	"validate_email"	default	FILTER_FLAG_EMAIL_UNICODE, FILTER_NULL_ON_FAILURE	Validates whether the value is a valid e-mail address.
FILTER_VALIDATE_FLOAT	"float"	default, decimal, min_range, max_range	FILTER_FLAG_ALLOW_THOUSAND, FILTER_NULL_ON_FAILURE	Validates value as float, optionally from the specified range, and converts to float on success.
FILTER_VALIDATE_INT	"int"	default, min_range, max_range	FILTER_FLAG_ALLOW_OCTAL, FILTER_FLAG_ALLOW_HEX, FILTER_NULL_ON_FAILURE	Validates value as integer, optionally from the specified range, and converts to int on success.
FILTER_VALIDATE_IP	"validate_ip"	default	FILTER_FLAG_IPV4, FILTER_FLAG_IPV6, FILTER_FLAG_NO_PRIV_RANGE, FILTER_FLAG_NO_RES_RANGE, FILTER_NULL_ON_FAILURE	Validates value as IP address, optionally only IPv4 or IPv6 or not from private or reserved ranges.
FILTER_VALIDATE_MAC	"validate_mac_address"	default	FILTER_NULL_ON_FAILURE	Validates value as MAC address.
FILTER_VALIDATE_REGEXP	"validate_regexp"	default, regexp	FILTER_NULL_ON_FAILURE	Validates value against regexp, a Perl-compatible regular expression.
FILTER_VALIDATE_URL	"validate_url"	default	FILTER_FLAG_SCHEME_REQUIRED, FILTER_FLAG_HOST_REQUIRED, FILTER_FLAG_PATH_REQUIRED, FILTER_FLAG_QUERY_REQUIRED, FILTER_NULL_ON_FAILURE	Validates value as URL, optionally with required components. Beware a valid URL may not specify the HTTP protocol http:// so further validation may be required to determine the URL uses an expected protocol, e.g. ssh:// or mailto:. Note that the function will only find ASCII URLs to be valid; internationalized domain names (containing non-ASCII characters) will fail.

Sanitize filters

List of filters for sanitization

ID	Name	Flags	Description
FILTER_SANITIZE_EMAIL	"email"		Remove all characters except letters, digits and !#$%&'*+-=?^_`{\|}~@.[].
FILTER_SANITIZE_ENCODED	"encoded"	FILTER_FLAG_STRIP_LOW, FILTER_FLAG_STRIP_HIGH, FILTER_FLAG_STRIP_BACKTICK, FILTER_FLAG_ENCODE_LOW, FILTER_FLAG_ENCODE_HIGH	URL-encode string, optionally strip or encode special characters.
FILTER_SANITIZE_MAGIC_QUOTES	"magic_quotes"		Apply addslashes(). (DEPRECATED as of PHP 7.3.0 and REMOVED as of PHP 8.0.0.)
FILTER_SANITIZE_ADD_SLASHES	"add_slashes"		Apply addslashes(). (Available as of PHP 7.3.0)
FILTER_SANITIZE_NUMBER_FLOAT	"number_float"	FILTER_FLAG_ALLOW_FRACTION, FILTER_FLAG_ALLOW_THOUSAND, FILTER_FLAG_ALLOW_SCIENTIFIC	Remove all characters except digits, +- and optionally .,eE.
FILTER_SANITIZE_NUMBER_INT	"number_int"		Remove all characters except digits, plus and minus sign.
FILTER_SANITIZE_SPECIAL_CHARS	"special_chars"	FILTER_FLAG_STRIP_LOW, FILTER_FLAG_STRIP_HIGH, FILTER_FLAG_STRIP_BACKTICK, FILTER_FLAG_ENCODE_HIGH	HTML-encode ' "<>& and characters with ASCII value less than 32, optionally strip or encode other special characters.
FILTER_SANITIZE_FULL_SPECIAL_CHARS	"full_special_chars"	FILTER_FLAG_NO_ENCODE_QUOTES	Equivalent to calling htmlspecialchars() with ENT_QUOTES set.
FILTER_SANITIZE_STRING	"string"	FILTER_FLAG_NO_ENCODE_QUOTES, FILTER_FLAG_STRIP_LOW, FILTER_FLAG_STRIP_HIGH, FILTER_FLAG_STRIP_BACKTICK, FILTER_FLAG_ENCODE_LOW, FILTER_FLAG_ENCODE_HIGH, FILTER_FLAG_ENCODE_AMP	Strip tags and HTML-encode double and single quotes, optionally strip or encode special characters.
FILTER_SANITIZE_STRIPPED	"stripped"		Alias of "string" filter.
FILTER_SANITIZE_URL	"url"		Remove all characters except letters, digits and $-_.+!*'(),{}\|\\^~[]`<>#%";/?:@&=.
FILTER_UNSAFE_RAW	"unsafe_raw"	FILTER_FLAG_STRIP_LOW, FILTER_FLAG_STRIP_HIGH, FILTER_FLAG_STRIP_BACKTICK, FILTER_FLAG_ENCODE_LOW, FILTER_FLAG_ENCODE_HIGH, FILTER_FLAG_ENCODE_AMP	Do nothing, optionally strip or encode special characters.

Other filters

List of miscellaneous filters

ID	Name	Options	Flags	Description
FILTER_CALLBACK	"callback"	callable function or method	All flags are ignored	Call user-defined function to filter data.

Filter flags

List of filter flags

ID	Used with	Description
FILTER_FLAG_STRIP_LOW	FILTER_SANITIZE_ENCODED, FILTER_SANITIZE_SPECIAL_CHARS, FILTER_SANITIZE_STRING, FILTER_UNSAFE_RAW	Strips characters that have a numerical value <32.
FILTER_FLAG_STRIP_HIGH	FILTER_SANITIZE_ENCODED, FILTER_SANITIZE_SPECIAL_CHARS, FILTER_SANITIZE_STRING, FILTER_UNSAFE_RAW	Strips characters that have a numerical value >127.
FILTER_FLAG_STRIP_BACKTICK	FILTER_SANITIZE_ENCODED, FILTER_SANITIZE_SPECIAL_CHARS, FILTER_SANITIZE_STRING, FILTER_UNSAFE_RAW	Strips backtick characters.
FILTER_FLAG_ALLOW_FRACTION	FILTER_SANITIZE_NUMBER_FLOAT	Allows a period (.) as a fractional separator in numbers.
FILTER_FLAG_ALLOW_THOUSAND	FILTER_SANITIZE_NUMBER_FLOAT, FILTER_VALIDATE_FLOAT	Allows a comma (,) as a thousands separator in numbers.
FILTER_FLAG_ALLOW_SCIENTIFIC	FILTER_SANITIZE_NUMBER_FLOAT	Allows an e or E for scientific notation in numbers.
FILTER_FLAG_NO_ENCODE_QUOTES	FILTER_SANITIZE_STRING	If this flag is present, single (') and double (") quotes will not be encoded.
FILTER_FLAG_ENCODE_LOW	FILTER_SANITIZE_ENCODED, FILTER_SANITIZE_STRING, FILTER_SANITIZE_RAW	Encodes all characters with a numerical value <32.
FILTER_FLAG_ENCODE_HIGH	FILTER_SANITIZE_ENCODED, FILTER_SANITIZE_SPECIAL_CHARS, FILTER_SANITIZE_STRING, FILTER_SANITIZE_RAW	Encodes all characters with a numerical value >127.
FILTER_FLAG_ENCODE_AMP	FILTER_SANITIZE_STRING, FILTER_SANITIZE_RAW	Encodes ampersands (&).
FILTER_NULL_ON_FAILURE	any FILTER_VALIDATE_*	Returns null for unrecognized values.
FILTER_FLAG_ALLOW_OCTAL	FILTER_VALIDATE_INT	Regards inputs starting with a zero (0) as octal numbers. This only allows the succeeding digits to be 0-7.
FILTER_FLAG_ALLOW_HEX	FILTER_VALIDATE_INT	Regards inputs starting with 0x or 0X as hexadecimal numbers. This only allows succeeding characters to be a-fA-F0-9.
FILTER_FLAG_EMAIL_UNICODE	FILTER_VALIDATE_EMAIL	Allows the local part of the email address to contain Unicode characters.
FILTER_FLAG_IPV4	FILTER_VALIDATE_IP	Allows the IP address to be in IPv4 format.
FILTER_FLAG_IPV6	FILTER_VALIDATE_IP	Allows the IP address to be in IPv6 format.
FILTER_FLAG_NO_PRIV_RANGE	FILTER_VALIDATE_IP	Fails validation for the following private IPv4 ranges: 10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16. Fails validation for the IPv6 addresses starting with FD or FC.
FILTER_FLAG_NO_RES_RANGE	FILTER_VALIDATE_IP	Fails validation for the following reserved IPv4 ranges: 0.0.0.0/8, 169.254.0.0/16, 127.0.0.0/8 and 240.0.0.0/4. Fails validation for the following reserved IPv6 ranges: ::1/128, ::/128, ::ffff:0:0/96 and fe80::/10.
FILTER_FLAG_SCHEME_REQUIRED	FILTER_VALIDATE_URL	Requires the URL to contain a scheme part.
FILTER_FLAG_HOST_REQUIRED	FILTER_VALIDATE_URL	Requires the URL to contain a host part.
FILTER_FLAG_PATH_REQUIRED	FILTER_VALIDATE_URL	Requires the URL to contain a path part.
FILTER_FLAG_QUERY_REQUIRED	FILTER_VALIDATE_URL	Requires the URL to contain a query string.
FILTER_REQUIRE_SCALAR		Requires the value to be scalar.
FILTER_REQUIRE_ARRAY		Requires the value to be an array.
FILTER_FORCE_ARRAY		If the value is a scalar, it is treated as array with the scalar value as only element.

❮ PHP Filter Reference