这些函数的行为受 php.ini 中的设置影响。
| 名字 | 默认 | 可修改范围 | 更新日志 |
|---|---|---|---|
| filter.default | "unsafe_raw" | PHP_INI_PERDIR | PHP_INI_ALL in filter <= 0.9.4. Available since PHP 5.2.0. |
| filter.default_flags | NULL | PHP_INI_PERDIR | PHP_INI_ALL in filter <= 0.9.4. Available since PHP 5.2.0. |
这是配置指令的简短说明。
filter.default
string
Filter all $_GET, $_POST, $_COOKIE, $_REQUEST and $_SERVER data by this filter. Original data can be accessed through filter_input().
Accepts the name of the filter you like to use by default. See the existing filter list for the list of the filter names.
Note:
Be careful about the default flags for the default filters. You should explicitly set them to the value you want. For example, to configure the default filter to behave exactly like htmlspecialchars() you need to set them default flags to 0 as shown below.
Example #1 Configuring the default filter to act like htmlspecialchars
filter.default = full_special_chars
filter.default_flags = 0
filter.default_flags
integer
Default flags to apply when the default filter is set. This is set to
FILTER_FLAG_NO_ENCODE_QUOTES by default for backwards
compatibility reasons. See the flag list
for the list of all the flag names.