Documentation

22.1. Introduction

The Zend_Filter component provides a set of commonly needed data filters. It also provides a simple filter chaining mechanism by which multiple filters may be applied to a single datum in a user-defined order.

22.1.1. What is a filter?

In the physical world, a filter is typically used for removing unwanted portions of input, and the desired portion of the input passes through as filter output (e.g., coffee). In such scenarios, a filter is an operator that produces a subset of the input. This type of filtering is useful for web applications - removing illegal input, trimming unnecessary white space, etc.

This basic definition of a filter may be extended to include generalized transformations upon input. A common transformation applied in web applications is the escaping of HTML entities. For example, if a form field is automatically populated with untrusted input (e.g., from a web browser), this value should either be free of HTML entities or contain only escaped HTML entities, in order to prevent undesired behavior and security vulnerabilities. To meet this requirement, HTML entities that appear in the input must either be removed or escaped. Of course, which approach is more appropriate depends on the situation. A filter that removes the HTML entities operates within the scope of the first definition of filter - an operator that produces a subset of the input. A filter that escapes the HTML entities, however, transforms the input (e.g., "&" is transformed to "&"). Supporting such use cases for web developers is important, and "to filter," in the context of using Zend_Filter, means to perform some transformations upon input data.

22.1.2. Basic usage of filters

Having this filter definition established provides the foundation for Zend_Filter_Interface, which requires a single method named filter() to be implemented by a filter class.

Following is a basic example of using a filter upon two input data, the ampersand (&) and double quote (") characters:

$htmlEntities = new Zend_Filter_HtmlEntities();

echo $htmlEntities->filter('&'); // &
echo $htmlEntities->filter('"'); // "

22.1.3. Using the static staticFilter() method

If it is inconvenient to load a given filter class and create an instance of the filter, you can use the static method Zend_Filter::filterStatic() as an alternative invocation style. The first argument of this method is a data input value, that you would pass to the filter() method. The second argument is a string, which corresponds to the basename of the filter class, relative to the Zend_Filter namespace. The staticFilter() method automatically loads the class, creates an instance, and applies the filter() method to the data input.

echo Zend_Filter::filterStatic('&', 'HtmlEntities');

You can also pass an array of constructor arguments, if they are needed for the filter class.

echo Zend_Filter::filterStatic('"', 'HtmlEntities', array(ENT_QUOTES));

The static usage can be convenient for invoking a filter ad hoc, but if you have the need to run a filter for multiple inputs, it's more efficient to follow the first example above, creating an instance of the filter object and calling its filter() method.

Also, the Zend_Filter_Input class allows you to instantiate and run multiple filter and validator classes on demand to process sets of input data. See Section 22.5, “Zend_Filter_Input”.

22.1.3.1. Namespaces

When working with self defined filters you can give a forth parameter to Zend_Filter::filterStatic() which is the namespace where your filter can be found.

echo Zend_Filter::filterStatic(
    '"',
    'MyFilter',
    array($parameters),
    array('FirstNamespace', 'SecondNamespace')
);

Zend_Filter allows also to set namespaces as default. This means that you can set them once in your bootstrap and have not to give them again for each call of Zend_Filter::filterStatic(). The following code snippet is identical to the above one.

Zend_Filter::setDefaultNamespaces(array('FirstNamespace', 'SecondNamespace'));
echo Zend_Filter::filterStatic('"', 'MyFilter', array($parameters));
echo Zend_Filter::filterStatic('"', 'OtherFilter', array($parameters));

For your convinience there are following methods which allow the handling of namespaces:

  • Zend_Filter::getDefaultNamespaces(): Returns all set default namespaces as array.

  • Zend_Filter::setDefaultNamespaces(): Sets new default namespaces and overrides any previous set. It accepts eighter a string for a single namespace of an array for multiple namespaces.

  • Zend_Filter::addDefaultNamespaces(): Adds additional namespaces to already set ones. It accepts eighter a string for a single namespace of an array for multiple namespaces.

  • Zend_Filter::hasDefaultNamespaces(): Returns true when one or more default namespaces are set, and false when no default namespaces are set.

Table of Contents

22.1. Introduction
22.1.1. What is a filter?
22.1.2. Basic usage of filters
22.1.3. Using the static staticFilter() method
22.1.3.1. Namespaces
22.2. Standard Filter Classes
22.2.1. Alnum
22.2.2. Alpha
22.2.3. BaseName
22.2.4. Callback
22.2.5. Decrypt
22.2.5.1. Decryption with Mcrypt
22.2.5.2. Decryption with OpenSSL
22.2.6. Digits
22.2.7. Dir
22.2.8. Encrypt
22.2.8.1. Encryption with Mcrypt
22.2.8.2. Encryption with OpenSSL
22.2.9. HtmlEntities
22.2.10. Int
22.2.11. LocalizedToNormalized
22.2.11.1. Normalization for numbers
22.2.11.2. Normalization for date and time
22.2.12. NormalizedToLocalized
22.2.12.1. Localization for numbers
22.2.12.2. Localization for date and time
22.2.13. StripNewlines
22.2.14. RealPath
22.2.15. StringToLower
22.2.16. StringToUpper
22.2.17. StringTrim
22.2.18. StripTags
22.3. Filter Chains
22.4. Writing Filters
22.5. Zend_Filter_Input
22.5.1. Declaring Filter and Validator Rules
22.5.2. Creating the Filter and Validator Processor
22.5.3. Retrieving Validated Fields and other Reports
22.5.3.1. Querying if the input is valid
22.5.3.2. Getting Invalid, Missing, or Unknown Fields
22.5.3.3. Getting Valid Fields
22.5.4. Using Metacommands to Control Filter or Validator Rules
22.5.4.1. The FIELDS metacommand
22.5.4.2. The PRESENCE metacommand
22.5.4.3. The DEFAULT_VALUE metacommand
22.5.4.4. The ALLOW_EMPTY metacommand
22.5.4.5. The BREAK_CHAIN metacommand
22.5.4.6. The MESSAGES metacommand
22.5.4.7. Using options to set metacommands for all rules
22.5.5. Adding Filter Class Namespaces
22.6. Zend_Filter_Inflector
22.6.1. Operation
22.6.2. Setting Paths To Alternate Filters
22.6.3. Setting the Inflector Target
22.6.4. Inflection Rules
22.6.4.1. Static Rules
22.6.4.2. Filter Inflector Rules
22.6.4.3. Setting Many Rules At Once
22.6.5. Utility Methods
22.6.6. Using Zend_Config with Zend_Filter_Inflector
22.7. Migrating from Previous Versions
22.7.1. Migrating from versions prior to 1.9

Previous topic

Prev

Next topic

Next

Copyright

© 2006-2017 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.

Contacts