Inspekt, Input Filtering And Validation Library For PHP5

Written by on June 25, 2009 in Tools - 2 Comments

Inspekt is a PHP library that makes it easier to write secure web applications, and released under New BSD License. Inspekt acts as a sort of ‘firewall’ API between user input and the rest of the application. It takes PHP superglobal arrays, encapsulates their data in an “cage” object, and destroys the original superglobal. Data can then be retrieved from the input data object using a variety of accessor methods that apply filtering, or the data can be checked against validation methods. Raw data can only be accessed via a ‘getRaw()’ method, forcing the developer to show clear intent.

Inspekt is built upon Chris Shiflett’s original Zend_Filter_Input component (now deprecated) from the Zend Framework. Main features include :

  • ‘Cage’ objects that encapsulate input and require the coder to use the provided filtering and validation methods to access input data
  • Automatic application of filtering as defined in a configuration file
  • A library of static filtering and validation methods
  • A simple, clear API
  • No external dependencies

A sample usage of Inspekt :

2 Comments on "Inspekt, Input Filtering And Validation Library For PHP5"

  1. Matthew Weier O'Phinney June 26, 2009 at 11:18 pm · Reply

    Correction: Zend_Filter_Input is not deprecated, and is actively maintained. It was briefly deprecated prior to 1.0 due to the addition of Zend_Validate, but later refactored to use both that component and Zend_Filter internally.

  2. Hatem June 26, 2009 at 11:29 pm · Reply

    Thanks for the correction Matthew.

Leave a Comment