Then my dear, first good morning!
As you've already visited PHP documentation , I'm going to give you just a quick brush stroke for every item you quoted in the topic.
1 .- The filter_input()
can be said to be a join of the variables already known by us PHP programmers ($ _POST, $ _GET and others) into a single function and "optionally filters (as quoted in the documentation). "
2 .- Yes it is really valid for you to exchange a $ _ POST for one we assume filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING)
or filter_input(INPUT_POST, 'username', FILTER_SPECIAL_CHARS)
(being just a very basic example how it could be used)
3 .- It could be used on too many occasions, for example in a $ _GET and checking if $ _GET is numeric. ..
$foo = filter_input(INPUT_GET, 'foo', FILTER_SANITIZE_NUMBER_INT);
But we have a however if the index does not exist ... On this occasion:
$foo = filter_var($_GET['foo'], FILTER_SANITIZE_NUMBER_INT);
Returns a string ""
empty and generates:
Notice: Undefined index: foo
Our current one, following the parameters of the documentation, will only return a NULL
result:
$foo = filter_input(INPUT_GET, 'foo', FILTER_SANITIZE_NUMBER_INT);
Returns only:
NULL
But basically the answer is: YES , you can make a simple exchange of your $_POST
with filter_input()
. (Including use in my projects! Kkk)
Just adding the information (In thanks to @ Fox.11 for posting) if there are too many doubts about the two filter options.
FILTER_SANITIZE
Used to clear variables:
link
FILTER_VALIDATE
Used to validate variables:
link