Sanitize filters

**List of filters for sanitization**
ID	Name	Flags	Description
`FILTER_SANITIZE_EMAIL`	"email"		Remove all characters except letters, digits and !#$%&'*+-=?^_`{\|}~@.[].
`FILTER_SANITIZE_ENCODED`	"encoded"	`FILTER_FLAG_STRIP_LOW`, `FILTER_FLAG_STRIP_HIGH`, `FILTER_FLAG_STRIP_BACKTICK`, `FILTER_FLAG_ENCODE_LOW`, `FILTER_FLAG_ENCODE_HIGH`	URL-encode string, optionally strip or encode special characters.
`FILTER_SANITIZE_MAGIC_QUOTES`	"magic_quotes"		Apply addslashes. (DEPRECATED as of PHP 7.3.0 and REMOVED as of PHP 8.0.0, use `FILTER_SANITIZE_ADD_SLASHES` instead.)
`FILTER_SANITIZE_ADD_SLASHES`	"add_slashes"		Apply addslashes. (Available as of PHP 7.3.0)
`FILTER_SANITIZE_NUMBER_FLOAT`	"number_float"	`FILTER_FLAG_ALLOW_FRACTION`, `FILTER_FLAG_ALLOW_THOUSAND`, `FILTER_FLAG_ALLOW_SCIENTIFIC`	Remove all characters except digits, `+-` and optionally `.,eE`.
`FILTER_SANITIZE_NUMBER_INT`	"number_int"		Remove all characters except digits, plus and minus sign.
`FILTER_SANITIZE_SPECIAL_CHARS`	"special_chars"	`FILTER_FLAG_STRIP_LOW`, `FILTER_FLAG_STRIP_HIGH`, `FILTER_FLAG_STRIP_BACKTICK`, `FILTER_FLAG_ENCODE_HIGH`	HTML-encode `'"<>&` and characters with ASCII value less than 32, optionally strip or encode other special characters.
`FILTER_SANITIZE_FULL_SPECIAL_CHARS`	"full_special_chars"	`FILTER_FLAG_NO_ENCODE_QUOTES`	Equivalent to calling htmlspecialchars with `ENT_QUOTES` set. Encoding quotes can be disabled by setting `FILTER_FLAG_NO_ENCODE_QUOTES`. Like htmlspecialchars, this filter is aware of the default_charset and if a sequence of bytes is detected that makes up an invalid character in the current character set then the entire string is rejected resulting in a 0-length string. When using this filter as a default filter, see the warning below about setting the default flags to 0.
`FILTER_SANITIZE_STRING`	"string"	`FILTER_FLAG_NO_ENCODE_QUOTES`, `FILTER_FLAG_STRIP_LOW`, `FILTER_FLAG_STRIP_HIGH`, `FILTER_FLAG_STRIP_BACKTICK`, `FILTER_FLAG_ENCODE_LOW`, `FILTER_FLAG_ENCODE_HIGH`, `FILTER_FLAG_ENCODE_AMP`	Strip tags and HTML-encode double and single quotes, optionally strip or encode special characters. Encoding quotes can be disabled by setting `FILTER_FLAG_NO_ENCODE_QUOTES`. (Deprecated as of PHP 8.1.0, use htmlspecialchars instead.)
`FILTER_SANITIZE_STRIPPED`	"stripped"		Alias of "string" filter. (Deprecated as of PHP 8.1.0, use htmlspecialchars instead.)
`FILTER_SANITIZE_URL`	"url"		Remove all characters except letters, digits and $-_.+!*'(),{}\|\\^~[]`<>#%";/?:@&=.
`FILTER_UNSAFE_RAW`	"unsafe_raw"	`FILTER_FLAG_STRIP_LOW`, `FILTER_FLAG_STRIP_HIGH`, `FILTER_FLAG_STRIP_BACKTICK`, `FILTER_FLAG_ENCODE_LOW`, `FILTER_FLAG_ENCODE_HIGH`, `FILTER_FLAG_ENCODE_AMP`	Do nothing, optionally strip or encode special characters. This filter is also aliased to `FILTER_DEFAULT`.

Warning

When using one of these filters as a default filter either through your ini file or through your web server's configuration, the default flags is set to FILTER_FLAG_NO_ENCODE_QUOTES. You need to explicitly set filter.default_flags to 0 to have quotes encoded by default. Like this:

Example #1 Configuring the default filter to act like htmlspecialchars

filter.default = full_special_chars
filter.default_flags = 0

Changelog

Version	Description
8.1.0	`FILTER_SANITIZE_STRING` and `FILTER_SANITIZE_STRIPPED` have been deprecated.
8.0.0	`FILTER_SANITIZE_MAGIC_QUOTES` has been removed.
7.3.0	`FILTER_SANITIZE_ADD_SLASHES` was added as a replacement for `FILTER_SANITIZE_MAGIC_QUOTES`
7.3.0	`FILTER_SANITIZE_MAGIC_QUOTES` has been deprecated.