PHP filter_var（） - FILTER_VALIDATE_URL

Question

The FILTER_VALIDATE_URL filter seems to have some trouble validating non-ASCII URLs:

var_dump(filter_var('http://pt.wikipedia.org/wiki/', FILTER_VALIDATE_URL)); // http://pt.wikipedia.org/wiki/
var_dump(filter_var('http://pt.wikipedia.org/wiki/Guimarães', FILTER_VALIDATE_URL)); // false

Why isn't the last URL correctly validated? And what are the possible workarounds? Running PHP 5.3.0.

I'd also like to know where I can find the source code of the FILTER_VALIDATE_URL validation filter.

Answer 1

Technically that is not a valid URL according to section 5 of RFC 1738. Browsers will automatically encode the ã character to %C3%A3 before sending the request to the server. The technically valid full url here is: http://pt.wikipedia.org/wiki/Guimar%C3%A3es Pass that to the VALIDATE_URL filter and it will work fine. The filter only validates according to spec, it doesn't try to fix/encode characters for you.

Answer 2

The parsing starts here:
http://svn.php.net/viewvc/php/php-src/trunk/ext/filter/logical_filters.c?view=markup

and is actually done in /trunk/ext/standard/url.c

At a first glance I can't see anything that purposely rejects non-ASCII characters, so it's probably just lack of unicode support. PHP is not good in handling non-ASCII characters anywhere. :(

Answer 3

The following code uses filter_var but encode non ascii chars before calling it. Hope this helps someone.

<?php

function validate_url($url) {
    $path = parse_url($url, PHP_URL_PATH);
    $encoded_path = array_map('urlencode', explode('/', $path));
    $url = str_replace($path, implode('/', $encoded_path), $url);

    return filter_var($url, FILTER_VALIDATE_URL) ? true : false;
}

// example
if(!validate_url("http://somedomain.com/some/path/file1.jpg")) {
    echo "NOT A URL";
}
else {
    echo "IS A URL";
}