All geek questions in one place

PHP Filter_var alternative?

I built a php script to output the data posted on the form, but I had a problem. The server on which the website will be launched runs PHP 5.1.6. This version of PHP does not support filter_var.

I need to know an alternative in the short term (preferably yesterday) and cannot find something directly on Google or a stack overflow.

Maybe someone here has faced the same issue in the past and will quickly correct me?

This code:

$email= filter_var($_POST['email'], FILTER_SANITIZE_EMAIL); $answer= filter_var($_POST['answer'], FILTER_SANITIZE_STRING);

must be compatible with PHP 5.1.6, so the email address is authenticated and that no malicious code is used in both fields. Any tips?

Many thanks!

+4
source share
4 answers

you can use Regex for emails: (for example: http://www.totallyphp.co.uk/validate-an-email-address-using-regular-expressions )

for strings you can also do regex, but it's a little too heavy, so maybe mysql_real_escape_string() combination if you send it to the database, and for html you should use htmlentities() :

http://de.php.net/manual/en/function.mysql-real-escape-string.php

http://www.php.net/manual/en/function.htmlentities.php

I don't think the filter_var function is much different than using these methods

+4
source

You can install the extension through PECL on PHP 5.1: http://pecl.php.net/package/filter

+2
source

I would use regex. It provides maximum flexibility. There are many useful resources on the Internet. look here or here

+2
source

Using the information I received in previous answers, here is how I fixed my problem:

 <?PHP // Retreive POST data and sanitize it: trim string, no HTML, plain text $variable1=htmlentities(trim($_POST['input1']), ENT_NOQUOTES); $variable2=htmlentities(trim($_POST['input2']), ENT_NOQUOTES); $emailaddress=$_POST['email']; // sanitizing email address happens below if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[az]{2,3})$", $emailadres)){ // check email address and if legit, do this: echo '<p>The e-mail address given is valid.</p>' } else{ // if email is not legit, do this: echo '<p>The e-mail address given is not valid.</p>'; } ?>

Hope this helps someone :)

-one
source

Source: https://habr.com/ru/post/1394568/

More articles:


All Articles