Filter 函数
在线手册:中文 英文
PHP手册

filter_input_array

(PHP 5 >= 5.2.0)

filter_input_arrayGets external variables and optionally filters them

说明

mixed filter_input_array ( int $type [, mixed $definition ] )

This function is useful for retrieving many values without repetitively calling filter_input().

参数

type

One of INPUT_GET, INPUT_POST, INPUT_COOKIE, INPUT_SERVER, or INPUT_ENV.

definition

An array defining the arguments. A valid key is a string containing a variable name and a valid value is either a filter type, or an array optionally specifying the filter, flags and options. If the value is an array, valid keys are filter which specifies the filter type, flags which specifies any flags that apply to the filter, and options which specifies any options that apply to the filter. See the example below for a better understanding.

This parameter can be also an integer holding a filter constant. Then all values in the input array are filtered by this filter.

返回值

An array containing the values of the requested variables on success, or FALSE on failure. An array value will be FALSE if the filter fails, or NULL if the variable is not set. Or if the flag FILTER_NULL_ON_FAILURE is used, it returns FALSE if the variable is not set and NULL if the filter fails.

范例

Example #1 A filter_input_array() example

<?php
error_reporting
(E_ALL E_STRICT);
/* data actually came from POST
$_POST = array(
    'product_id'    => 'libgd<script>',
    'component'     => '10',
    'versions'      => '2.0.33',
    'testscalar'    => array('2', '23', '10', '12'),
    'testarray'     => '2',
);
*/

$args = array(
    
'product_id'   => FILTER_SANITIZE_ENCODED,
    
'component'    => array('filter'    => FILTER_VALIDATE_INT,
                            
'flags'     => FILTER_REQUIRE_ARRAY
                            
'options'   => array('min_range' => 1'max_range' => 10)
                           ),
    
'versions'     => FILTER_SANITIZE_ENCODED,
    
'doesnotexist' => FILTER_VALIDATE_INT,
    
'testscalar'   => array(
                            
'filter' => FILTER_VALIDATE_INT,
                            
'flags'  => FILTER_REQUIRE_SCALAR,
                           ),
    
'testarray'    => array(
                            
'filter' => FILTER_VALIDATE_INT,
                            
'flags'  => FILTER_REQUIRE_ARRAY,
                           )

);

$myinputs filter_input_array(INPUT_POST$args);

var_dump($myinputs);
echo 
"\n";
?>

以上例程会输出:

array(6) {
  ["product_id"]=>
  array(1) {
    [0]=>
    string(17) "libgd%3Cscript%3E"
  }
  ["component"]=>
  array(1) {
    [0]=>
    int(10)
  }
  ["versions"]=>
  array(1) {
    [0]=>
    string(6) "2.0.33"
  }
  ["doesnotexist"]=>
  NULL
  ["testscalar"]=>
  bool(false)
  ["testarray"]=>
  array(1) {
    [0]=>
    int(2)
  }
}

注释

Note:

There is no REQUEST_TIME key in INPUT_SERVER array because it is inserted into the $_SERVER later.

参见


Filter 函数
在线手册:中文 英文
PHP手册
PHP手册 - N: Gets external variables and optionally filters them

用户评论:

Anonymous (22-Apr-2010 08:12)

Beware: if none of the arguments is set, this function returns NULL, not an array of NULL values.

/* No POST vars set in request
$_POST = array();
*/

$args = array('some_post_var' => FILTER_VALIDATE_INT);
$myinputs = filter_input_array(INPUT_POST, $args);
var_dump($myinputs);

Expected Output: array(1) { ["some_post_var"]=> NULL }

Actual Output: NULL

ville at N0SPAM dot zydo dot com (13-Mar-2010 11:18)

While filtering input arrays, be careful of what flags you set besides FILTER_REQUIRE_ARRAY. For example, setting the flags like so:

<?php
$filter
= array(
'myInputArr' => array('filter' => FILTER_SANITIZE_STRING,
                     
'flags' => array('FILTER_FLAG_STRIP_LOW', 'FILTER_REQUIRE_ARRAY'))
);

$form_inputs = filter_input_array(INPUT_POST, $filter);
?>

.. will result in a blank $form_inputs['myInputArr'] regardless of what $_POST['myInputArr'] contains.

kibblewhite at live dot com (26-Jan-2009 03:35)

If you are trying to handling multiple form inputs with same name, then you must assign the `'flags'  => FILTER_REQUIRE_ARRAY` to the definitions entry.

Example, you have a html form as such:
<form>
 <input name="t1[]" value="Some string One" />
 <input name="t1[]" value="Another String Two" />
</form>

Your definitions array will look a little like this:
$args = array(
  't1'    => array(
      'name' => 't1',
      'filter' => FILTER_SANITIZE_STRING,
      'flags'  => FILTER_REQUIRE_ARRAY)
);

kdeloach at gmail dot com (12-Aug-2008 08:42)

@iam4webwork

This is not specific to filter_input.  If you have an element in HTML called names[], it can be accessed by calling $_POST['names'].

Kevin (08-Jul-2008 02:37)

Looks like filter_input_array isn't aware of changes to the input arrays that were made before calling filter_input_array. Instead, it always looks at the originally submitted input arrays.

So this will not work:

$_POST['my_float_field'] = str_replace(',','.',$_POST['my_float_field']);
$args = array('my_float_field',FILTER_VALIDATE_FLOAT);
$result = filter_input_array(INPUT_POST, $args);

phpnotes dot 20 dot zsh at spamgourmet dot com (10-Sep-2007 06:32)

The above example will actually output "NULL" because of the undefined variable doesnotexist - see http://bugs.php.net/bug.php?id=42608.

Sinured (22-Aug-2007 06:10)

extract() is a very convenient way of copying all those variables to the local scope. (see http://www.php.net/extract)

iam4webwork at NOSPAM dot hotmail dot com (08-Jun-2007 09:02)

The above example raises other questions such as how one would validate an html array.  In the input form each input tag that refers to an html array would be named for example testarray[].  However, after the form is submitted, the syntax for validating the values is different from  the expected $_POST['testarray[]']. Instead one has to drop the braces and validate as follows, assuming that testarray[] is supposed to be an html array of numerical values:

Valid test:

echo '*';
echo filter_input(
INPUT_POST,
'testarray',
FILTER_VALIDATE_INT,
FILTER_REQUIRE_ARRAY
);
echo '*';

But the following is an invalid test that results in 2 consequtive asterisks only!

echo '*';
echo filter_input(INPUT_POST,
'testarray[]',
FILTER_VALIDATE_INT,
FILTER_REQUIRE_ARRAY
);
echo '*';

So, there is a naming inconsistency going on, as after the form is submitted, one has to forget about the original name of the submitted array by dropping its braces. Maybe when the PECL/Filter extension is reviewed again, the great ones might consider making the syntax a little more forgiving.