Standard Filter Classes

Alnum

Zend_Filter_Alnum is a filter which returns only alphabetic characters and digits. All other characters are supressed.

Supported options for Zend_Filter_Alnum

The following options are supported for Zend_Filter_Alnum:

allowwhitespace: If this option is set then whitespace characters are allowed. Otherwise they are supressed. Per default whitespaces are not allowed.

Basic usage

See the following example for the default behaviour of this filter.

$filter = new Zend_Filter_Alnum();
$return = $filter->filter('This is (my) content: 123');
// returns 'Thisismycontent123'

The above example returns 'Thisismycontent123'. As you see all whitespaces and also the brackets are filtered.

Nota

Zend_Filter_Alnum works on almost all languages. But actually there are three exceptions: Chinese, Japanese and Korean. Within these languages the english alphabet is use instead of the characters from these languages. The language itself is detected by using Zend_Locale.

Allow whitespaces

Zend_Filter_Alnum can also allow whitespaces. This can be usefull when you want to strip special chars from a text. See the following example:

$filter = new Zend_Filter_Alnum(array('allowwhitespace' => true));
$return = $filter->filter('This is (my) content: 123');
// returns 'This is my content 123'

The above example returns 'This is my content 123'. As you see only the brackets are filtered whereas the whitespaces are not touched.

To change allowWhiteSpace afterwards you can use setAllowWhiteSpace() and getAllowWhiteSpace().

Alpha

Zend_Filter_Alpha is a filter which returns the string $value, removing all but alphabetic characters. This filter includes an option to also allow white space characters.

Supported options for Zend_Filter_Alpha

The following options are supported for Zend_Filter_Alpha:

allowwhitespace: If this option is set then whitespace characters are allowed. Otherwise they are suppressed. By default whitespace characters are not allowed.

Basic usage

A basic example of usage is below:

$filter = new Zend_Filter_Alpha();

print $filter->filter('This is (my) content: 123');

The above example returns 'Thisismycontent'. Notice that the whitespace characters and brackets are removed.

Nota

Zend_Filter_Alpha works on most languages; however, there are three exceptions: Chinese, Japanese and Korean. With these languages the english alphabet is used. The language is detected through the use of Zend_Locale.

Allow whitespace characters

Zend_Filter_Alpha can also allow whitespace characters. This can be useful when you want to strip special characters from a string. See the following example:

$filter = new Zend_Filter_Alpha(array('allowwhitespace' => true));

print $filter->filter('This is (my) content: 123');

The above example returns 'This is my content '. Notice that the parenthesis, colon, and numbers have all been removed while the whitespace characters remain.

To change allowWhiteSpace after instantiation the method setAllowWhiteSpace() may be used.

To query the current value of allowWhiteSpace the method getAllowWhiteSpace() may be used.

BaseName

Zend_Filter_BaseName allows you to filter a string which contains the path to a file and it will return the base name of this file.

Supported options for Zend_Filter_BaseName

There are no additional options for Zend_Filter_BaseName.

Basic usage

A basic example of usage is below:

$filter = new Zend_Filter_BaseName();

print $filter->filter('/vol/tmp/filename');

This will return 'filename'.

$filter = new Zend_Filter_BaseName();

print $filter->filter('/vol/tmp/filename.txt');

This will return 'filename.txt'.

Boolean

This filter changes a given input to be a BOOLEAN value. This is often useful when working with databases or when processing form values.

Supported options for Zend_Filter_Boolean

The following options are supported for Zend_Filter_Boolean:

casting: When this option is set to TRUE then any given input will be casted to boolean. This option defaults to TRUE.
locale: This option sets the locale which will be used to detect localized input.
type: The type option sets the boolean type which should be used. Read the following for details.

Default behaviour for Zend_Filter_Boolean

By default, this filter works by casting the input to a BOOLEAN value; in other words, it operates in a similar fashion to calling (boolean) $value.

$filter = new Zend_Filter_Boolean();
$value  = '';
$result = $filter->filter($value);
// returns false

This means that without providing any configuration, Zend_Filter_Boolean accepts all input types and returns a BOOLEAN just as you would get by type casting to BOOLEAN.

Changing behaviour for Zend_Filter_Boolean

Sometimes casting with (boolean) will not suffice. Zend_Filter_Boolean allows you to configure specific types to convert, as well as which to omit.

The following types can be handled:

boolean: Returns a boolean value as is.
integer: Converts an integer 0 value to FALSE.
float: Converts a float 0.0 value to FALSE.
string: Converts an empty string '' to FALSE.
zero: Converts a string containing the single character zero ('0') to FALSE.
empty_array: Converts an empty array to FALSE.
null: Converts a NULL value to FALSE.
php: Converts values according to PHP when casting them to BOOLEAN.
false_string: Converts a string containing the word "false" to a boolean FALSE.
yes: Converts a localized string which contains the word "no" to FALSE.
all: Converts all above types to BOOLEAN.

All other given values will return TRUE by default.

There are several ways to select which of the above types are filtered. You can give one or multiple types and add them, you can give an array, you can use constants, or you can give a textual string. See the following examples:

// converts 0 to false
$filter = new Zend_Filter_Boolean(Zend_Filter_Boolean::INTEGER);

// converts 0 and '0' to false
$filter = new Zend_Filter_Boolean(
    Zend_Filter_Boolean::INTEGER + Zend_Filter_Boolean::ZERO
);

// converts 0 and '0' to false
$filter = new Zend_Filter_Boolean(array(
    'type' => array(
        Zend_Filter_Boolean::INTEGER,
        Zend_Filter_Boolean::ZERO,
    ),
));

// converts 0 and '0' to false
$filter = new Zend_Filter_Boolean(array(
    'type' => array(
        'integer',
        'zero',
    ),
));

You can also give an instance of Zend_Config to set the desired types. To set types after instantiation, use the setType() method.

Localized booleans

As mentioned previously, Zend_Filter_Boolean can also recognise localized "yes" and "no" strings. This means that you can ask your customer in a form for "yes" or "no" within his native language and Zend_Filter_Boolean will convert the response to the appropriate boolean value.

To set the desired locale, you can either use the locale option, or the method setLocale().

$filter = new Zend_Filter_Boolean(array(
    'type'   => Zend_Filter_Boolean::ALL,
    'locale' => 'de',
));

// returns false
echo $filter->filter('nein');

$filter->setLocale('en');

// returns true
$filter->filter('yes');

Disable casting

Sometimes it is necessary to recognise only TRUE or FALSE and return all other values without changes. Zend_Filter_Boolean allows you to do this by setting the casting option to FALSE.

In this case Zend_Filter_Boolean will work as described in the following table, which shows which values return TRUE or FALSE. All other given values are returned without change when casting is set to FALSE

Tabla 74. Usage without casting

Type	True	False
`Zend_Filter_Boolean::BOOLEAN`	`TRUE`	`FALSE`
`Zend_Filter_Boolean::INTEGER`	0	1
`Zend_Filter_Boolean::FLOAT`	0.0	1.0
`Zend_Filter_Boolean::STRING`	""
`Zend_Filter_Boolean::ZERO`	"0"	"1"
`Zend_Filter_Boolean::EMPTY_ARRAY`	`array()`
`Zend_Filter_Boolean::NULL`	`NULL`
`Zend_Filter_Boolean::FALSE_STRING`	"false" (case independently)	"true" (case independently)
`Zend_Filter_Boolean::YES`	localized "yes" (case independently)	localized "no" (case independently)

The following example shows the behaviour when changing the casting option:

$filter = new Zend_Filter_Boolean(array(
    'type'    => Zend_Filter_Boolean::ALL,
    'casting' => false,
));

// returns false
echo $filter->filter(0);

// returns true
echo $filter->filter(1);

// returns the value
echo $filter->filter(2);

Callback

This filter allows you to use own methods in conjunction with Zend_Filter. You don't have to create a new filter when you already have a method which does the job.

Supported options for Zend_Filter_Callback

The following options are supported for Zend_Filter_Callback:

callback: This sets the callback which should be used.
options: This property sets the options which are used when the callback is processed.

Basic usage

The usage of this filter is quite simple. Let's expect we want to create a filter which reverses a string.

$filter = new Zend_Filter_Callback('strrev');

print $filter->filter('Hello!');
// returns "!olleH"

As you can see it's really simple to use a callback to define a own filter. It is also possible to use a method, which is defined within a class, by giving an array as callback.

// Our classdefinition
class MyClass
{
    public function Reverse($param);
}

// The filter definition
$filter = new Zend_Filter_Callback(array('MyClass', 'Reverse'));
print $filter->filter('Hello!');

To get the actual set callback use getCallback() and to set another callback use setCallback().

Possible exceptions

You should note that defining a callback method which can not be called will raise an exception.

Default parameters within a callback

It is also possible to define default parameters, which are given to the called method as array when the filter is executed. This array will be concatenated with the value which will be filtered.

$filter = new Zend_Filter_Callback(
    array(
        'callback' => 'MyMethod',
        'options'  => array('key' => 'param1', 'key2' => 'param2')
    )
);
$filter->filter(array('value' => 'Hello'));

When you would call the above method definition manually it would look like this:

$value = MyMethod('Hello', 'param1', 'param2');

Compress and Decompress

These two filters are capable of compressing and decompressing strings, files, and directories.

Supported options for Zend_Filter_Compress and Zend_Filter_Decompress

The following options are supported for Zend_Filter_Compress and Zend_Filter_Decompress:

adapter: The compression adapter which should be used. It defaults to Gz.
options: Additional options which are given to the adapter at initiation. Each adapter supports it's own options.

Supported compression adapters

The following compression formats are supported by their own adapter:

Bz2
Gz
Lzf
Rar
Tar
Zip

Each compression format has different capabilities as described below. All compression filters may be used in approximately the same ways, and differ primarily in the options available and the type of compression they offer (both algorithmically as well as string vs. file vs. directory)

Generic handling

To create a compression filter you need to select the compression format you want to use. The following description takes the Bz2 adapter. Details for all other adapters are described after this section.

The two filters are basically identical, in that they utilize the same backends. Zend_Filter_Compress should be used when you wish to compress items, and Zend_Filter_Decompress should be used when you wish to decompress items.

For instance, if we want to compress a string, we have to initiate Zend_Filter_Compress and indicate the desired adapter.

$filter = new Zend_Filter_Compress('Bz2');

To use a different adapter, you simply specify it to the constructor.

You may also provide an array of options or Zend_Config object. If you do, provide minimally the key "adapter", and then either the key "options" or "adapterOptions" (which should be an array of options to provide to the adapter on instantiation).

$filter = new Zend_Filter_Compress(array(
    'adapter' => 'Bz2',
    'options' => array(
        'blocksize' => 8,
    ),
));

Default compression Adapter

When no compression adapter is given, then the Gz adapter will be used.

Almost the same usage is we want to decompress a string. We just have to use the decompression filter in this case.

$filter = new Zend_Filter_Decompress('Bz2');

To get the compressed string, we have to give the original string. The filtered value is the compressed version of the original string.

$filter     = new Zend_Filter_Compress('Bz2');
$compressed = $filter->filter('Uncompressed string');
// Returns the compressed string

Decompression works the same way.

$filter     = new Zend_Filter_Decompress('Bz2');
$compressed = $filter->filter('Compressed string');
// Returns the uncompressed string

Note on string compression

Not all adapters support string compression. Compression formats like Rar can only handle files and directories. For details, consult the section for the adapter you wish to use.

Creating an archive

Creating an archive file works almost the same as compressing a string. However, in this case we need an additional parameter which holds the name of the archive we want to create.

$filter     = new Zend_Filter_Compress(array(
    'adapter' => 'Bz2',
    'options' => array(
        'archive' => 'filename.bz2',
    ),
));
$compressed = $filter->filter('Uncompressed string');
// Returns true on success and creates the archive file

In the above example the uncompressed string is compressed, and is then written into the given archive file.

Existing archives will be overwritten

The content of any existing file will be overwritten when the given filename of the archive already exists.

When you want to compress a file, then you must give the name of the file with its path.

$filter     = new Zend_Filter_Compress(array(
    'adapter' => 'Bz2',
    'options' => array(
        'archive' => 'filename.bz2'
    ),
));
$compressed = $filter->filter('C:\temp\compressme.txt');
// Returns true on success and creates the archive file

You may also specify a directory instead of a filename. In this case the whole directory with all its files and subdirectories will be compressed into the archive.

$filter     = new Zend_Filter_Compress(array(
    'adapter' => 'Bz2',
    'options' => array(
        'archive' => 'filename.bz2'
    ),
));
$compressed = $filter->filter('C:\temp\somedir');
// Returns true on success and creates the archive file

Do not compress large or base directories

You should never compress large or base directories like a complete partition. Compressing a complete partition is a very time consuming task which can lead to massive problems on your server when there is not enough space or your script takes too much time.

Decompressing an archive

Decompressing an archive file works almost like compressing it. You must specify either the archive parameter, or give the filename of the archive when you decompress the file.

$filter     = new Zend_Filter_Decompress('Bz2');
$compressed = $filter->filter('filename.bz2');
// Returns true on success and decompresses the archive file

Some adapters support decompressing the archive into another subdirectory. In this case you can set the target parameter.

$filter     = new Zend_Filter_Decompress(array(
    'adapter' => 'Zip',
    'options' => array(
        'target' => 'C:\temp',
    )
));
$compressed = $filter->filter('filename.zip');
// Returns true on success and decompresses the archive file
// into the given target directory

Directories to extract to must exist

When you want to decompress an archive into a directory, then that directory must exist.

Bz2 Adapter

The Bz2 Adapter can compress and decompress:

Strings
Files
Directories

This adapter makes use of PHP's Bz2 extension.

To customize compression, this adapter supports the following options:

Archive: This parameter sets the archive file which should be used or created.
Blocksize: This parameter sets the blocksize to use. It can be from '0' to '9'. The default value is '4'.

All options can be set at instantiation or by using a related method. For example, the related methods for 'Blocksize' are getBlocksize() and setBlocksize(). You can also use the setOptions() method which accepts all options as array.

Gz Adapter

The Gz Adapter can compress and decompress:

Strings
Files
Directories

This adapter makes use of PHP's Zlib extension.

To customize the compression this adapter supports the following options:

Archive: This parameter sets the archive file which should be used or created.
Level: This compression level to use. It can be from '0' to '9'. The default value is '9'.
Mode: There are two supported modes. 'compress' and 'deflate'. The default value is 'compress'.

All options can be set at initiation or by using a related method. For example, the related methods for 'Level' are getLevel() and setLevel(). You can also use the setOptions() method which accepts all options as array.

Lzf Adapter

The Lzf Adapter can compress and decompress:

Strings

Lzf supports only strings

The Lzf adapter can not handle files and directories.

This adapter makes use of PHP's Lzf extension.

There are no options available to customize this adapter.

Rar Adapter

The Rar Adapter can compress and decompress:

Files
Directories

Rar does not support strings

The Rar Adapter can not handle strings.

This adapter makes use of PHP's Rar extension.

Rar compression not supported

Due to restrictions with the Rar compression format, there is no compression available for free. When you want to compress files into a new Rar archive, you must provide a callback to the adapter that can invoke a Rar compression program.

To customize the compression this adapter supports the following options:

Archive: This parameter sets the archive file which should be used or created.
Callback: A callback which provides compression support to this adapter.
Password: The password which has to be used for decompression.
Target: The target where the decompressed files will be written to.

All options can be set at instantiation or by using a related method. For example, the related methods for 'Target' are getTarget() and setTarget(). You can also use the setOptions() method which accepts all options as array.

Tar Adapter

The Tar Adapter can compress and decompress:

Files
Directories

Tar does not support strings

The Tar Adapter can not handle strings.

This adapter makes use of PEAR's Archive_Tar component.

To customize the compression this adapter supports the following options:

Archive: This parameter sets the archive file which should be used or created.
Mode: A mode to use for compression. Supported are either 'NULL' which means no compression at all, 'Gz' which makes use of PHP's Zlib extension and 'Bz2' which makes use of PHP's Bz2 extension. The default value is 'NULL'.
Target: The target where the decompressed files will be written to.

All options can be set at instantiation or by using a related method. For example, the related methods for 'Target' are getTarget() and setTarget(). You can also use the setOptions() method which accepts all options as array.

Directory usage

When compressing directories with Tar then the complete file path is used. This means that created Tar files will not only have the subdirectory but the complete path for the compressed file.

Zip Adapter

The Zip Adapter can compress and decompress:

Strings
Files
Directories

Zip does not support string decompression

The Zip Adapter can not handle decompression to a string; decompression will always be written to a file.

This adapter makes use of PHP's Zip extension.

To customize the compression this adapter supports the following options:

Archive: This parameter sets the archive file which should be used or created.
Target: The target where the decompressed files will be written to.

All options can be set at instantiation or by using a related method. For example, the related methods for 'Target' are getTarget() and setTarget(). You can also use the setOptions() method which accepts all options as array.

Digits

Returns the string $value, removing all but digits.

Supported options for Zend_Filter_Digits

There are no additional options for Zend_Filter_Digits.

Basic usage

A basic example of usage is below:

$filter = new Zend_Filter_Digits();

print $filter->filter('October 2009');

This returns "2009".

$filter = new Zend_Filter_Digits();

print $filter->filter('HTML 5 for Dummies');

This returns "5".

Dir

Given a string containing a path to a file, this function will return the name of the directory.

Supported options for Zend_Filter_Dir

There are no additional options for Zend_Filter_Dir.

Basic usage

A basic example of usage is below:

$filter = new Zend_Filter_Dir();

print $filter->filter('/etc/passwd');

This returns "/etc".

$filter = new Zend_Filter_Dir();

print $filter->filter('C:/Temp/x');

This returns "C:/Temp".

Encrypt and Decrypt

These filters allow to encrypt and decrypt any given string. Therefor they make use of Adapters. Actually there are adapters for the Mcrypt and OpenSSL extensions from PHP.

Supported options for Zend_Filter_Encrypt and Zend_Filter_Decrypt

The following options are supported for Zend_Filter_Encrypt and Zend_Filter_Decrypt:

adapter: This sets the encryption adapter which should be used
algorithm: Only MCrypt. The algorithm which has to be used. It should be one of the algorithm ciphers which can be found under PHP's mcrypt ciphers. If not set it defaults to blowfish.
algorithm_directory: Only MCrypt. The directory where the algorithm can be found. If not set it defaults to the path set within the mcrypt extension.
compression: If the encrypted value should be compressed. Default is no compression.
envelope: Only OpenSSL. The encrypted envelope key from the user who encrypted the content. You can either provide the path and filename of the key file, or just the content of the key file itself. When the package option has been set, then you can omit this parameter.
key: Only MCrypt. The encryption key with which the input will be encrypted. You need the same key for decryption.
mode: Only MCrypt. The encryption mode which has to be used. It should be one of the modes which can be found under PHP's mcrypt modes. If not set it defaults to 'cbc'.
mode_directory: Only MCrypt. The directory where the mode can be found. If not set it defaults to the path set within the Mcrypt extension.
package: Only OpenSSL. If the envelope key should be packed with the encrypted value. Default is FALSE.
private: Only OpenSSL. Your private key which will be used for encrypting the content. Also the private key can be either a filename with path of the key file, or just the content of the key file itself.
public: Only OpenSSL. The public key of the user whom you want to provide the encrpted content. You can give multiple public keys by using an array. You can eigther provide the path and filename of the key file, or just the content of the key file itself.
salt: Only MCrypt. If the key should be used as salt value. The key used for encryption will then itself also be encrypted. Default is FALSE.
vector: Only MCrypt. The initialization vector which shall be used. If not set it will be a random vector.

Adapter usage

As these two encryption methodologies work completely different, also the usage of the adapters differ. You have to select the adapter you want to use when initiating the filter.

// Use the Mcrypt adapter
$filter1 = new Zend_Filter_Encrypt(array('adapter' => 'mcrypt'));

// Use the OpenSSL adapter
$filter2 = new Zend_Filter_Encrypt(array('adapter' => 'openssl'));

To set another adapter you can also use setAdapter(), and the getAdapter() method to receive the actual set adapter.

// Use the Mcrypt adapter
$filter = new Zend_Filter_Encrypt();
$filter->setAdapter('openssl');

Nota

When you do not supply the adapter option or do not use setAdapter(), then the Mcrypt adapter will be used per default.

Encryption with Mcrypt

When you have installed the Mcrypt extension you can use the Mcrypt adapter. If you provide a string instead of an array of options, this string will be used as key.

You can get and set the encryption values also afterwards with the getEncryption() and setEncryption() methods.

Nota

Note that you will get an exception if the mcrypt extension is not available in your environment.

Nota

You should also note that all settings which be checked when you create the instance or when you call setEncryption(). If mcrypt detects problem with your settings an exception will be thrown.

You can get or set the encryption vector by calling getVector() and setVector(). A given string will be truncated or padded to the needed vector size of the used algorithm.

Nota

Note that when you are not using an own vector, you must get the vector and store it. Otherwise you will not be able to decode the encoded string.

// Use the default blowfish settings
$filter = new Zend_Filter_Encrypt('myencryptionkey');

// Set a own vector, otherwise you must call getVector()
// and store this vector for later decryption
$filter->setVector('myvector');
// $filter->getVector();

$encrypted = $filter->filter('text_to_be_encoded');
print $encrypted;

// For decryption look at the Decrypt filter

Decryption with Mcrypt

For decrypting content which was previously encrypted with Mcrypt you need to have the options with which the encryption has been called.

There is one eminent difference for you. When you did not provide a vector at encryption you need to get it after you encrypted the content by using the getVector() method on the encryption filter. Without the correct vector you will not be able to decrypt the content.

As soon as you have provided all options decryption is as simple as encryption.

// Use the default blowfish settings
$filter = new Zend_Filter_Decrypt('myencryptionkey');

// Set the vector with which the content was encrypted
$filter->setVector('myvector');

$decrypted = $filter->filter('encoded_text_normally_unreadable');
print $decrypted;

Nota

Note that you will get an exception if the mcrypt extension is not available in your environment.

Nota

You should also note that all settings which be checked when you create the instance or when you call setEncryption(). If mcrypt detects problem with your settings an exception will be thrown.

Encryption with OpenSSL

When you have installed the OpenSSL extension you can use the OpenSSL adapter. You can get or set the public keys also afterwards with the getPublicKey() and setPublicKey() methods. The private key can also be get and set with the related getPrivateKey() and setPrivateKey() methods.

// Use openssl and provide a private key
$filter = new Zend_Filter_Encrypt(array(
    'adapter' => 'openssl',
    'private' => '/path/to/mykey/private.pem'
));

// of course you can also give the public keys at initiation
$filter->setPublicKey(array(
    '/public/key/path/first.pem',
    '/public/key/path/second.pem'
));

Nota

Note that the OpenSSL adapter will not work when you do not provide valid keys.

When you want to encode also the keys, then you have to provide a passphrase with the setPassphrase() method. When you want to decode content which was encoded with a passphrase you will not only need the public key, but also the passphrase to decode the encrypted key.

// Use openssl and provide a private key
$filter = new Zend_Filter_Encrypt(array(
    'adapter' => 'openssl',
    'private' => '/path/to/mykey/private.pem'
));

// of course you can also give the public keys at initiation
$filter->setPublicKey(array(
    '/public/key/path/first.pem',
    '/public/key/path/second.pem'
));
$filter->setPassphrase('mypassphrase');

At last, when you use OpenSSL you need to give the receiver the encrypted content, the passphrase when have provided one, and the envelope keys for decryption.

This means for you, that you have to get the envelope keys after the encryption with the getEnvelopeKey() method.

So our complete example for encrypting content with OpenSSL look like this.

// Use openssl and provide a private key
$filter = new Zend_Filter_Encrypt(array(
    'adapter' => 'openssl',
    'private' => '/path/to/mykey/private.pem'
));

// of course you can also give the public keys at initiation
$filter->setPublicKey(array(
    '/public/key/path/first.pem',
    '/public/key/path/second.pem'
));
$filter->setPassphrase('mypassphrase');

$encrypted = $filter->filter('text_to_be_encoded');
$envelope  = $filter->getEnvelopeKey();
print $encrypted;

// For decryption look at the Decrypt filter

Simplified usage with Openssl

As seen before, you need to get the envelope key to be able to decrypt the previous encrypted value. This can be very annoying when you work with multiple values.

To have a simplified usage you can set the package option to TRUE. The default value is FALSE.

// Use openssl and provide a private key
$filter = new Zend_Filter_Encrypt(array(
    'adapter' => 'openssl',
    'private' => '/path/to/mykey/private.pem',
    'public'  => '/public/key/path/public.pem',
    'package' => true
));

$encrypted = $filter->filter('text_to_be_encoded');
print $encrypted;

// For decryption look at the Decrypt filter

Now the returned value contains the encrypted value and the envelope. You don't need to get them after the compression. But, and this is the negative aspect of this feature, the encrypted value can now only be decrypted by using Zend_Filter_Encrypt.

Compressing the content

Based on the original value, the encrypted value can be a very large string. To reduce the value Zend_Filter_Encrypt allows the usage of compression.

The compression option can eighter be set to the name of a compression adapter, or to an array which sets all wished options for the compression adapter.

// Use basic compression adapter
$filter1 = new Zend_Filter_Encrypt(array(
    'adapter'     => 'openssl',
    'private'     => '/path/to/mykey/private.pem',
    'public'      => '/public/key/path/public.pem',
    'package'     => true,
    'compression' => 'bz2'
));

// Use basic compression adapter
$filter2 = new Zend_Filter_Encrypt(array(
    'adapter'     => 'openssl',
    'private'     => '/path/to/mykey/private.pem',
    'public'      => '/public/key/path/public.pem',
    'package'     => true,
    'compression' => array('adapter' => 'zip', 'target' => '\usr\tmp\tmp.zip')
));

Decryption with same settings

When you want to decrypt a value which is additionally compressed, then you need to set the same compression settings for decryption as for encryption. Otherwise the decryption will fail.

Decryption with OpenSSL

Decryption with OpenSSL is as simple as encryption. But you need to have all data from the person who encrypted the content. See the following example:

// Use openssl and provide a private key
$filter = new Zend_Filter_Decrypt(array(
    'adapter' => 'openssl',
    'private' => '/path/to/mykey/private.pem'
));

// of course you can also give the envelope keys at initiation
$filter->setEnvelopeKey(array(
    '/key/from/encoder/first.pem',
    '/key/from/encoder/second.pem'
));

Nota

Note that the OpenSSL adapter will not work when you do not provide valid keys.

Optionally it could be necessary to provide the passphrase for decrypting the keys themself by using the setPassphrase() method.

// Use openssl and provide a private key
$filter = new Zend_Filter_Decrypt(array(
    'adapter' => 'openssl',
    'private' => '/path/to/mykey/private.pem'
));

// of course you can also give the envelope keys at initiation
$filter->setEnvelopeKey(array(
    '/key/from/encoder/first.pem',
    '/key/from/encoder/second.pem'
));
$filter->setPassphrase('mypassphrase');

At last, decode the content. Our complete example for decrypting the previously encrypted content looks like this.

// Use openssl and provide a private key
$filter = new Zend_Filter_Decrypt(array(
    'adapter' => 'openssl',
    'private' => '/path/to/mykey/private.pem'
));

// of course you can also give the envelope keys at initiation
$filter->setEnvelopeKey(array(
    '/key/from/encoder/first.pem',
    '/key/from/encoder/second.pem'
));
$filter->setPassphrase('mypassphrase');

$decrypted = $filter->filter('encoded_text_normally_unreadable');
print $decrypted;

HtmlEntities

Returns the string $value, converting characters to their corresponding HTML entity equivalents where they exist.

Supported options for Zend_Filter_HtmlEntities

The following options are supported for Zend_Filter_HtmlEntities:

quotestyle: Equivalent to the PHP htmlentities native function parameter quote_style. This allows you to define what will be done with 'single' and "double" quotes. The following constants are accepted: ENT_COMPAT, ENT_QUOTES ENT_NOQUOTES with the default being ENT_COMPAT.
charset: Equivalent to the PHP htmlentities native function parameter charset. This defines the character set to be used in filtering. Unlike the PHP native function the default is 'UTF-8'. See "http://php.net/htmlentities" for a list of supported character sets.

Nota

This option can also be set via the $options parameter as a Zend_Config object or array. The option key will be accepted as either charset or encoding.
doublequote: Equivalent to the PHP htmlentities native function parameter double_encode. If set to false existing html entities will not be encoded. The default is to convert everything (true).

Nota

This option must be set via the $options parameter or the setDoubleEncode() method.

Basic usage

See the following example for the default behaviour of this filter.

$filter = new Zend_Filter_HtmlEntities();

print $filter->filter('<');

Quote Style

Zend_Filter_HtmlEntities allows changing the quote style used. This can be useful when you want to leave double, single, or both types of quotes un-filtered. See the following example:

$filter = new Zend_Filter_HtmlEntities(array('quotestyle' => ENT_QUOTES));

$input  = "A 'single' and " . '"double"';
print $filter->filter($input);

The above example returns A 'single' and "double". Notice that 'single' as well as "double" quotes are filtered.

$filter = new Zend_Filter_HtmlEntities(array('quotestyle' => ENT_COMPAT));

$input  = "A 'single' and " . '"double"';
print $filter->filter($input);

The above example returns A 'single' and "double". Notice that "double" quotes are filtered while 'single' quotes are not altered.

$filter = new Zend_Filter_HtmlEntities(array('quotestyle' => ENT_NOQUOTES));

$input  = "A 'single' and " . '"double"';
print $filter->filter($input);

The above example returns A 'single' and "double". Notice that neither "double" or 'single' quotes are altered.

Helper Methods

To change or retrieve the quotestyle after instantiation, the two methods setQuoteStyle() and getQuoteStyle() may be used respectively. setQuoteStyle() accepts one parameter $quoteStyle. The following constants are accepted: ENT_COMPAT, ENT_QUOTES, ENT_NOQUOTES

$filter = new Zend_Filter_HtmlEntities();

$filter->setQuoteStyle(ENT_QUOTES);
print $filter->getQuoteStyle(ENT_QUOTES);

To change or retrieve the charset after instantiation, the two methods setCharSet() and getCharSet() may be used respectively. setCharSet() accepts one parameter $charSet. See "http://php.net/htmlentities" for a list of supported character sets.

$filter = new Zend_Filter_HtmlEntities();

$filter->setQuoteStyle(ENT_QUOTES);
print $filter->getQuoteStyle(ENT_QUOTES);

To change or retrieve the doublequote option after instantiation, the two methods setDoubleQuote() and getDoubleQuote() may be used respectively. setDoubleQuote() accepts one boolean parameter $doubleQuote.

$filter = new Zend_Filter_HtmlEntities();

$filter->setQuoteStyle(ENT_QUOTES);
print $filter->getQuoteStyle(ENT_QUOTES);

Int

Zend_Filter_Int allows you to transform a sclar value which contains into an integer.

Supported options for Zend_Filter_Int

There are no additional options for Zend_Filter_Int.

Basic usage

A basic example of usage is below:

$filter = new Zend_Filter_Int();

print $filter->filter('-4 is less than 0');

This will return '-4'.

LocalizedToNormalized and NormalizedToLocalized

These two filters can change given localized input to it's normalized representation and reverse. They use in Background Zend_Locale to do this transformation for you.

Supported options for Zend_Filter_LocalizedToNormalized and Zend_Filter_NormalizedToLocalized

The following options are supported for Zend_Filter_LocalizedToNormalized and Zend_Filter_NormalizedToLocalized:

date_format: This sets the date format to use for normalization and to detect the localized date format
locale: This sets the locale to use for normalization and to detect the localized format
precision: This sets the precision to use for number conversion

Workflow

Normalization allows your user to enter informations in his own language notation, and you can then store the normalized value into your database for example. Localization on the other hand allows you to display normalized informations in a localized manner to your user.

Nota

Please note that normalization and localization is not equal to translation. These filters can not translate strings from one language into another like you could expect with months or names of days.

The following input types can be normalized and localized:

integer: Integer numbers. Normalization returns the english notation
float: Float numbers. Normalization returns the english notation
numbers: Other numbers, like real. Normalization returns the english notation
time: Time values. The normalized value is a named array
date: Date values. The normalized value is a named array

Any other input will be returned as is, without changing it.

Nota

You should note that normalized output is always given as string. Otherwise your environment would transfer the normalized output automatically to the notation used by the locale your environment is set to.

Normalization for numbers

Any given number like integer, float or real value, can be normalized. Note, that numbers in scientific notation, can actually not be handled by this filter.

So how does this normalization work in detail for numbers:

// Initiate the filter
$filter = new Zend_Filter_LocalizedToNormalized();
$filter->filter('123.456,78');
// returns the value '123456.78'

Let's expect you have set the locale 'de' as application wide locale. Zend_Filter_LocalizedToNormalized will take the set locale and use it to detect which sort of input you gave. In our example it was a value with precision. Now the filter will return you the normalized representation for this value as string.

You can also control how your normalized number has to look like. Therefor you can give all options which are also used by Zend_Locale_Format. For details about available options take a look into this Zend_Locale chapter.

Below is a example with defined precision so you can see how options work:

// Numeric Filter
$filter = new Zend_Filter_LocalizedToNormalized(array('precision' => 2));

$filter->filter('123.456');
// returns the value '123456.00'

$filter->filter('123.456,78901');
// returns the value '123456.79'

Normalization for date and time

Input for date and time values can also be normalized. All given date and time values will be returned as array, where each date part is given within a own key.

// Initiate the filter
$filter = new Zend_Filter_LocalizedToNormalized();
$filter->filter('12.April.2009');
// returns array('day' => '12', 'month' => '04', 'year' => '2009')

Let's expect you have set the locale 'de' again. Now the input is automatically detected as date, and you will get a named array in return.

Of course you can also control how your date input looks like with the date_format and the locale option.

// Date Filter
$filter = new Zend_Filter_LocalizedToNormalized(
    array('date_format' => 'ss:mm:HH')
);

$filter->filter('11:22:33');
// returns array('hour' => '33', 'minute' => '22', 'second' => '11')

Localization for numbers

Any given number like integer, float or real value, can be localized. Note, that numbers in scientific notation, can actually not be handled by this filter.

So how does localization work in detail for numbers:

// Initiate the filter
$filter = new Zend_Filter_NormalizedToLocalized();
$filter->filter(123456.78);
// returns the value '123.456,78'

Let's expect you have set the locale 'de' as application wide locale. Zend_Filter_NormalizedToLocalized will take the set locale and use it to detect which sort of output you want to have. In our example it was a value with precision. Now the filter will return you the localized representation for this value as string.

You can also control how your localized number has to look like. Therefor you can give all options which are also used by Zend_Locale_Format. For details about how these options are used take a look into this Zend_Locale chapter.

Below is a example with defined precision so you can see how options work:

// Numeric Filter
$filter = new Zend_Filter_NormalizedToLocalized(array('precision' => 2));

$filter->filter(123456);
// returns the value '123.456,00'

$filter->filter(123456.78901);
// returns the value '123.456,79'

Localization for date and time

Normalized for date and time values can also be localized. All given date and time values will be returned as string, with the format defined by the set locale.

// Initiate the filter
$filter = new Zend_Filter_NormalizedToLocalized();
$filter->filter(array('day' => '12', 'month' => '04', 'year' => '2009');
// returns '12.04.2009'

Let's expect you have set the locale 'de' again. Now the input is automatically detected as date, and will be returned in the format defined by the locale 'de'.

Of course you can also control how your date input looks like with the date_format, and the locale option.

// Date Filter
$filter = new Zend_Filter_LocalizedToNormalized(
    array('date_format' => 'ss:mm:HH')
);

$filter->filter(array('hour' => '33', 'minute' => '22', 'second' => '11'));
// returns '11:22:33'

Null

This filter will change the given input to be NULL if it meets specific criteria. This is often necessary when you work with databases and want to have a NULL value instead of a boolean or any other type.

Supported options for Zend_Filter_Null

The following options are supported for Zend_Filter_Null:

type: The variable type which should be supported.

Default behaviour for Zend_Filter_Null

Per default this filter works like PHP's empty() method; in other words, if empty() returns a boolean TRUE, then a NULL value will be returned.

$filter = new Zend_Filter_Null();
$value  = '';
$result = $filter->filter($value);
// returns null instead of the empty string

This means that without providing any configuration, Zend_Filter_Null will accept all input types and return NULL in the same cases as empty().

Any other value will be returned as is, without any changes.

Changing behaviour for Zend_Filter_Null

Sometimes it's not enough to filter based on empty(). Therefor Zend_Filter_Null allows you to configure which type will be converted and which not.

The following types can be handled:

boolean: Converts a boolean FALSE value to NULL.
integer: Converts an integer 0 value to NULL.
empty_array: Converts an empty array to NULL.
string: Converts an empty string '' to NULL.
zero: Converts a string containing the single character zero ('0') to NULL.
all: Converts all above types to NULL. (This is the default behavior.)

There are several ways to select which of the above types are filtered. You can give one or multiple types and add them, you can give an array, you can use constants, or you can give a textual string. See the following examples:

// converts false to null
$filter = new Zend_Filter_Null(Zend_Filter_Null::BOOLEAN);

// converts false and 0 to null
$filter = new Zend_Filter_Null(
    Zend_Filter_Null::BOOLEAN + Zend_Filter_Null::INTEGER
);

// converts false and 0 to null
$filter = new Zend_Filter_Null( array(
    Zend_Filter_Null::BOOLEAN,
    Zend_Filter_Null::INTEGER
));

// converts false and 0 to null
$filter = new Zend_Filter_Null(array(
    'boolean',
    'integer',
));

You can also give an instance of Zend_Config to set the wished types. To set types afterwards use setType().

PregReplace

Zend_Filter_PregReplace performs a search using regular expressions and replaces all found elements.

Supported options for Zend_Filter_PregReplace

The following options are supported for Zend_Filter_PregReplace:

match: The pattern which will be searched for.
replace: The string which is used as replacement for the matches.

Basic usage

To use this filter properly you must give two options:

The option match has to be given to set the pattern which will be searched for. It can be a string for a single pattern, or an array of strings for multiple pattern.

To set the pattern which will be used as replacement the option replace has to be used. It can be a string for a single pattern, or an array of strings for multiple pattern.

$filter = new Zend_Filter_PregReplace(array('match' => '/bob/',
                                            'replace' => 'john'));
$input  = 'Hy bob!';

$filter->filter($input);
// returns 'Hy john!'

You can use getMatchPattern() and setMatchPattern() to set the matching pattern afterwards. To set the replacement pattern you can use getReplacement() and setReplacement().

$filter = new Zend_Filter_PregReplace();
$filter->setMatchPattern(array('bob', 'Hy'))
       ->setReplacement(array('john', 'Bye'));
$input  = 'Hy bob!";

$filter->filter($input);
// returns 'Bye john!'

For a more complex usage take a look into PHP's PCRE Pattern Chapter.

RealPath

This filter will resolve given links and pathnames and returns canonicalized absolute pathnames.

Supported options for Zend_Filter_RealPath

The following options are supported for Zend_Filter_RealPath:

exists: This option defaults to TRUE which checks if the given path really exists.

Basic usage

For any given link of pathname its absolute path will be returned. References to '/./', '/../' and extra '/' characters in the input path will be stripped. The resulting path will not have any symbolic link, '/./' or '/../' character.

Zend_Filter_RealPath will return FALSE on failure, e.g. if the file does not exist. On BSD systems Zend_Filter_RealPath doesn't fail if only the last path component doesn't exist, while other systems will return FALSE.

$filter = new Zend_Filter_RealPath();
$path   = '/www/var/path/../../mypath';
$filtered = $filter->filter($path);

// returns '/www/mypath'

Non existing paths

Sometimes it is useful to get also paths when they don't exist, f.e. when you want to get the real path for a path which you want to create. You can then either give a FALSE at initiation, or use setExists() to set it.

$filter = new Zend_Filter_RealPath(false);
$path   = '/www/var/path/../../non/existing/path';
$filtered = $filter->filter($path);

// returns '/www/non/existing/path'
// even when file_exists or realpath would return false

StringToLower

This filter converts any input to be lowercased.

Supported options for Zend_Filter_StringToLower

The following options are supported for Zend_Filter_StringToLower:

encoding: This option can be used to set an encoding which has to be used.

Basic usage

This is a basic example:

$filter = new Zend_Filter_StringToLower();

print $filter->filter('SAMPLE');
// returns "sample"

Different encoded strings

Per default it will only handle characters from the actual locale of your server. Characters from other charsets would be ignored. Still, it's possible to also lowercase them when the mbstring extension is available in your environment. Simply set the wished encoding when initiating the StringToLower filter. Or use the setEncoding() method to change the encoding afterwards.

// using UTF-8
$filter = new Zend_Filter_StringToLower('UTF-8');

// or give an array which can be useful when using a configuration
$filter = new Zend_Filter_StringToLower(array('encoding' => 'UTF-8'));

// or do this afterwards
$filter->setEncoding('ISO-8859-1');

Setting wrong encodings

Be aware that you will get an exception when you want to set an encoding and the mbstring extension is not available in your environment.

Also when you are trying to set an encoding which is not supported by your mbstring extension you will get an exception.

StringToUpper

This filter converts any input to be uppercased.

Supported options for Zend_Filter_StringToUpper

The following options are supported for Zend_Filter_StringToUpper:

encoding: This option can be used to set an encoding which has to be used.

Basic usage

This is a basic example for using the StringToUpper filter:

$filter = new Zend_Filter_StringToUpper();

print $filter->filter('Sample');
// returns "SAMPLE"

Different encoded strings

Like the StringToLower filter, this filter handles only characters from the actual locale of your server. Using different character sets works the same as with StringToLower.

$filter = new Zend_Filter_StringToUpper(array('encoding' => 'UTF-8'));

// or do this afterwards
$filter->setEncoding('ISO-8859-1');

StringTrim

This filter modifies a given string such that certain characters are removed from the beginning and end.

Supported options for Zend_Filter_StringTrim

The following options are supported for Zend_Filter_StringTrim:

charlist: List of characters to remove from the beginning and end of the string. If this is not set or is null, the default behavior will be invoked, which is to remove only whitespace from the beginning and end of the string.

Basic usage

A basic example of usage is below:

$filter = new Zend_Filter_StringTrim();

print $filter->filter(' This is (my) content: ');

The above example returns 'This is (my) content:'. Notice that the whitespace characters have been removed.

Default behaviour for Zend_Filter_StringTrim

$filter = new Zend_Filter_StringTrim(':');
// or new Zend_Filter_StringTrim(array('charlist' => ':'));

print $filter->filter(' This is (my) content:');

The above example returns 'This is (my) content'. Notice that the whitespace characters and colon are removed. You can also provide an instance of Zend_Config or an array with a 'charlist' key. To set the desired character list after instantiation, use the setCharList() method. The getCharList() return the values set for charlist.

StripNewLines

This filter modifies a given string and removes all new line characters within that string.

Supported options for Zend_Filter_StripNewLines

There are no additional options for Zend_Filter_StripNewLines.

Basic usage

A basic example of usage is below:

$filter = new Zend_Filter_StripNewLines();

print $filter->filter("This is (my)\n\rcontent: ');

The above example returns 'This is (my) content:'. Notice that all newline characters have been removed.

StripTags

This filter can strip XML and HTML tags from given content.

Zend_Filter_StripTags is potentially unsecure

Be warned that Zend_Filter_StripTags should only be used to strip all available tags.

Using Zend_Filter_StripTags to make your site secure by stripping some unwanted tags will lead to unsecure and dangerous code.

Zend_Filter_StripTags must not be used to prevent XSS attacks. This filter is no replacement for using Tidy or HtmlPurifier.

Supported options for Zend_Filter_StripTags

The following options are supported for Zend_Filter_StripTags:

allowAttribs: This option sets the attributes which are accepted. All other attributes are stripped from the given content
allowTags: This option sets the tags which are accepted. All other tags will be stripped from the given content

Basic usage

See the following example for the default behaviour of this filter:

$filter = new Zend_Filter_StripTags();

print $filter->filter('<B>My content</B>');

As result you will get the stripped content 'My content'.

When the content contains broken or partitial tags then the complete following content will be erased. See the following example:

$filter = new Zend_Filter_StripTags();

print $filter->filter('This contains <a href="http://example.com">no ending tag');

The above will return 'This contains' with the rest being stripped.

Allowing defined tags

Zend_Filter_StripTags allows stripping of all but defined tags. This can be used for example to strip all tags but links from a text.

$filter = new Zend_Filter_StripTags(array('allowTags' => 'a'));

$input  = "A text with <br/> a <a href='link.com'>link</a>";
print $filter->filter($input);
// returns: A text with a <a href='link.com'>link</a>

The above example strips all tags but the link. By providing an array you can set multiple tags at once.

Aviso

Do not use this feature to get a probably secure content. This component does not replace the use of a proper configured html filter.

Allowing defined attributes

It is also possible to strip all but allowed attributes from a tag.

$filter = new Zend_Filter_StripTags(array('allowAttribs' => 'src'));

$input  = "A text with <br/> a <img src='picture.com' width='100'>picture</img>";
print $filter->filter($input);
// returns: A text with a <img src='picture.com'>picture</img>

The above example strips all tags but img. Additionally from the img tag all attributes but src will be stripped. By providing an array you can set multiple attributes at once.