PHPackages                             tobento/service-sanitizer - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Validation &amp; Sanitization](/categories/validation)
4. /
5. tobento/service-sanitizer

ActiveLibrary[Validation &amp; Sanitization](/categories/validation)

tobento/service-sanitizer
=========================

Easily sanitizing data.

2.0(7mo ago)091MITPHPPHP &gt;=8.4

Since Jun 30Pushed 7mo ago1 watchersCompare

[ Source](https://github.com/tobento-ch/service-sanitizer)[ Packagist](https://packagist.org/packages/tobento/service-sanitizer)[ Docs](https://www.tobento.ch)[ RSS](/packages/tobento-service-sanitizer/feed)WikiDiscussions 2.x Synced 2d ago

READMEChangelog (2)Dependencies (4)Versions (4)Used By (1)

Sanitizer Service
=================

[](#sanitizer-service)

The Sanitizer Service provides an easy way to sanitize user input.

Table of Contents
-----------------

[](#table-of-contents)

- [Getting started](#getting-started)
    - [Requirements](#requirements)
    - [Highlights](#highlights)
    - [Simple Example](#simple-example)
- [Documentation](#documentation)
    - [Sanitizing](#sanitizing)
        - [Single value](#single-value)
        - [Multiple values](#multiple-values)
        - [Nested values](#nested-values)
        - [Using array for filters](#using-array-for-filters)
        - [Strict sanitation](#strict-sanitation)
        - [Sanitized data only](#sanitized-data-only)
    - [Filtering](#filtering)
        - [Default filters](#default-filters)
        - [Custom Default Filters](#custom-default-filters)
        - [Adding filters](#adding-filters)
        - [A note on FilterIf](#a-note-on-filterif)
        - [Parsing filters](#parsing-filters)
- [Credits](#credits)

---

Getting started
===============

[](#getting-started)

Add the latest version of the sanitizer service running this command.

```
composer require tobento/service-sanitizer

```

Requirements
------------

[](#requirements)

- PHP 8.4 or greater

Highlights
----------

[](#highlights)

- Framework-agnostic, will work with any project
- Decoupled design
- Extendable
- Nested value support
- Customize filters parsing

Simple Example
--------------

[](#simple-example)

Here is a simple example of how to use the Sanitizer Service.

```
use Tobento\Service\Sanitizer\Sanitizer;

$sanitizer = new Sanitizer();

// sanitize a single value.
$sanitized = $sanitizer->sanitizing('lorem ipsum', 'cast:string|stripTags|ucwords');

// sanitize multiple values.
$sanitized = $sanitizer->sanitize(
    [
        'name' => 'Thomas',
        'birthday' => '1982-10-30',
        'description' => 'Lorem ipsum',
    ],
    [
        'name' => 'cast:string',
        'birthday' => 'date:Y-m-d:d.m.Y',
        'description' => 'cast:string|stripTags',
    ]
);
```

Documentation
=============

[](#documentation)

Sanitizing
----------

[](#sanitizing)

### Single value

[](#single-value)

Easily sanitize a single value.

```
use Tobento\Service\Sanitizer\Sanitizer;

$sanitizer = new Sanitizer();

$sanitized = $sanitizer->sanitizing('lorem ipsum', 'stripTags|ucwords');

var_dump($sanitized); // string(11) "Lorem Ipsum"
```

### Multiple values

[](#multiple-values)

Sanitize multiple values.

```
use Tobento\Service\Sanitizer\Sanitizer;

$sanitizer = new Sanitizer();

$sanitized = $sanitizer->sanitize(
    [
        'name' => 'Thomas',
        'birthday' => '1982-10-30',
        'description' => 'Lorem ipsum',
    ],
    [
        'name' => 'cast:string',
        'birthday' => 'date:Y-m-d:d.m.Y',
        'description' => 'cast:string|stripTags',
    ]
);

/*Array
(
    [name] => Thomas
    [birthday] => 30.10.1982
    [description] => Lorem ipsum
)*/
```

### Nested values

[](#nested-values)

If the incoming values contains "nested" data, you may specify these attributes in your filters using "dot" syntax:

```
use Tobento\Service\Sanitizer\Sanitizer;

$sanitizer = new Sanitizer();

$sanitized = $sanitizer->sanitize(
    [
        'title' => 'Title',
        'author' => [
            'name' => 'Tom',
            'description' => 'Lorem ipsum',
        ],
    ],
    [
        'name' => 'cast:string',
        'author.name' => 'cast:string',
        'author.description' => 'cast:string|stripTags',
    ]
);
```

### Using array for filters

[](#using-array-for-filters)

Depending on the [FiltersParsers implementation](#parsing-filters) you may need to set the filters by an array as a parameter might need the parsing notation such as ":".

```
use Tobento\Service\Sanitizer\Sanitizer;

$sanitizer = new Sanitizer();

$sanitized = $sanitizer->sanitizing(
    '1982-10-30T19:30',
    [
        'date' => ['Y-m-d', 'Y.m.d H:i']
    ]
);

var_dump($sanitized); // string(11) "30.10.1982 19:30"
```

### Strict sanitation

[](#strict-sanitation)

If strict sanitation is used, filters will be applied even if the data does not exist.

```
use Tobento\Service\Sanitizer\Sanitizer;

$sanitizer = new Sanitizer();

$sanitized = $sanitizer->sanitize(
    [
        'name' => 'Thomas',
    ],
    [
        'age' => 'cast:int:21',
    ],
    strictSanitation: true,
);

/*Array
(
    [name] => Thomas
    [age] => 21
)*/
```

### Sanitized data only

[](#sanitized-data-only)

Sometimes it might be useful to get only the sanitized data:

```
use Tobento\Service\Sanitizer\Sanitizer;

$sanitizer = new Sanitizer();

$sanitized = $sanitizer->sanitize(
    [
        'name' => 'Thomas',
    ],
    [
        'age' => 'cast:int:21',
    ],
    strictSanitation: true,
    returnSanitizedOnly: true,
);

/*Array
(
    [age] => 21
)*/

$sanitized = $sanitizer->sanitize(
    [
        'name' => 'Thomas',
    ],
    [
        'age' => 'cast:int:21',
    ],
    strictSanitation: false,
    returnSanitizedOnly: true,
);

/*Array()*/
```

Filtering
---------

[](#filtering)

### Default filters

[](#default-filters)

The following filters are available out of the box:

FilterParametersDescription**cast:int:12**int, float, string, bool, arrayCasts a value into the given type. You might define a default value as the second parameter. This works only on [strict sanitation](#strict-sanitation) though.**date:Y-m-d:d.m.Y**Any DateTime formatsFormats the date from given to the target format.**remove:foo:bar**As many as you wantRemoves the parameters set from an array.**trim**Trims a string.**digit**Get only digit characters.**alphaStrict**Get only alpha characters \[a-zA-Z\].**stripTags**Strips any tags.**ucwords**Uppercase the first character of each word in a string.**lcfirst**Make a string's first character uppercase.**lowercase**Make a string lowercase.**uppercase**Make a string uppercase.**array**\['cast:string', 'cast:int'\]Filters each array data. You must use [array syntax for filters](#using-array-for-filters). The second parameter is optional and would be the filters for the array keys.**filterIf:attribute:value**Applies filters if an attribute exactly matches the value.> ⚠️ **Some filters like stripTags return the original value if the type is not a string. So you might add the cast:string filter in addition.**

### Custom Default Filters

[](#custom-default-filters)

If you want to set your own default filters you can do it by the following way:

```
use Tobento\Service\Sanitizer\Sanitizer;
use Tobento\Service\Sanitizer\SanitizerInterface;
use Tobento\Service\Sanitizer\FiltersInterface;

class CustomDefaultFilters implements FiltersInterface
{
    /**
     * Add the filters to the sanitizer.
     *
     * @param SanitizerInterface $sanitizer
     * @return void
     */
    public function addFilters(SanitizerInterface $sanitizer): void
    {
        $sanitizer->addFilter('cast', new \Tobento\Service\Sanitizer\Filter\Cast());
    }
}

$sanitizer = new Sanitizer(new CustomDefaultFilters());
```

### Adding filters

[](#adding-filters)

You can add your own filters by the following way. If the same filter key already exists it will overwrite the filter.

```
use Tobento\Service\Sanitizer\Sanitizer;
use Tobento\Service\Sanitizer\FilterInterface;

$sanitizer = new Sanitizer();

// By a callable.
$sanitizer->addFilter('trim', function(mixed $value, array $parameters): mixed
{
    return is_string($value) ? trim($value) : $value;
});

// By a class implementing the FilterInterface.
class TrimFilter implements FilterInterface
{
    /**
     * Apply the filter.
     *
     * @param mixed $value The value to sanitize
     * @param array $parameters The parameters set on the sanitation 'filter:foo:bar'
     * @return mixed The sanitized value
     * @throws FilterException If filter cannot handle sanitation
     */
    public function apply(mixed $value, array $parameters = []): mixed
    {
        return is_string($value) ? trim($value) : $value;
    }
}

$sanitizer->addFilter('trim', new TrimFilter());
```

### A note on FilterIf

[](#a-note-on-filterif)

The "filterIf" filter applies filters only if a value matches the given condition.

```
use Tobento\Service\Sanitizer\Sanitizer;

$sanitizer = new Sanitizer();

$sanitized = $sanitizer->sanitize(
    [
        'country' => 'CH',
        'phone' => '+41 76 123 45 67',
    ],
    [
        // filter phone only if country value is "CH"
        'phone' => 'filterIf:country:CH|digit',
    ],
    returnSanitizedOnly: true,
);

var_dump($sanitized);
// array(1) { ["phone"]=> string(11) "41761234567" }
```

You can easily add more FilterIf conditions by extending FilterIf class:

```
use Tobento\Service\Sanitizer\Sanitizer;
use Tobento\Service\Sanitizer\Filter\FilterIf;
use Tobento\Service\Collection\Collection;

// Filter only if the attributes defined are present.
class FilterIfPresent extends FilterIf
{
    /**
     * Apply the filter.
     *
     * @param mixed $value The value to sanitize
     * @param array $parameters The parameters set on the sanitation 'filter:foo:bar'
     * @return mixed The sanitized value
     * @throws FilterException If filter cannot handle sanitation
     */
    public function apply(mixed $value, array $parameters = []): mixed
    {
        // extract value and data.
        [$value, $data] = $value;

        if (! $data instanceof Collection)
        {
            return false;
        }

        return $data->has($parameters);
    }
}

$sanitizer = new Sanitizer();
$sanitizer->addFilter('filterIfPresent', new FilterIfPresent());

$sanitized = $sanitizer->sanitize(
    [
        'country' => 'CH',
        'locale' => 'de-CH',
        'phone' => '+41 76 123 45 67',
    ],
    [
        // filter phone only if country and locale is present.
        'phone' => 'filterIfPresent:country:locale|digit',
    ]
);

/*Array
(
    [country] => CH
    [locale] => de-CH
    [phone] => 41761234567
)*/
```

### Parsing filters

[](#parsing-filters)

You may change the behaviour of parsing the filters for sanitizing.

```
use Tobento\Service\Sanitizer\Sanitizer;
use Tobento\Service\Sanitizer\FiltersParserInterface;
use Tobento\Service\Sanitizer\ParsedFilter;

class CustomParser implements FiltersParserInterface
{
    /**
     * Parses the filters.
     *
     * @param string|array
     * @return array The parsed filters [ParsedFilter, ...]
     */
    public function parse(string|array $filters): array
    {
        // do your parsing strategy
        $parsedFilters = [];

        return $parsedFilters;
    }
}

$sanitizer = new Sanitizer(filtersParser: new CustomParser());
```

Credits
=======

[](#credits)

- [Tobias Strub](https://www.tobento.ch)
- [All Contributors](../../contributors)

###  Health Score

40

—

FairBetter than 88% of packages

Maintenance63

Regular maintenance activity

Popularity4

Limited adoption so far

Community9

Small or concentrated contributor base

Maturity71

Established project with proven stability

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~518 days

Total

4

Last Release

225d ago

Major Versions

1.x-dev → 2.02025-10-01

PHP version history (2 changes)1.0.0PHP &gt;=8.0

2.0PHP &gt;=8.4

### Community

Maintainers

![](https://www.gravatar.com/avatar/055d6a1b5c2384bb179c75ab0b55914231d898fdc4dffeb30770f81200e52206?d=identicon)[TOBENTOch](/maintainers/TOBENTOch)

---

Top Contributors

[![tobento-ch](https://avatars.githubusercontent.com/u/16684832?v=4)](https://github.com/tobento-ch "tobento-ch (7 commits)")

---

Tags

phppackagesanitizetobento

###  Code Quality

TestsPHPUnit

Static AnalysisPsalm

Type Coverage Yes

### Embed Badge

![Health badge](/badges/tobento-service-sanitizer/health.svg)

```
[![Health](https://phpackages.com/badges/tobento-service-sanitizer/health.svg)](https://phpackages.com/packages/tobento-service-sanitizer)
```

###  Alternatives

[ondrej-vrto/php-filename-sanitize

Removes all forbidden characters from the file name or path.

1120.6k1](/packages/ondrej-vrto-php-filename-sanitize)[erlandmuchasaj/sanitize

A package to sanitize your input.

146.0k](/packages/erlandmuchasaj-sanitize)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)