Fork me on GitHub


Inspekt is a PHP library that makes it easier to write secure web applications


Inspekt acts as a firewall API between user input and the rest of the application. It takes PHP superglobal arrays, encapsulates their data in an "cage" object, and destroys the original superglobal. Data can then be retrieved from the input data object using a variety of accessor methods that apply filtering, or the data can be checked against validation methods. Raw data can only be accessed via a 'getRaw()' method, forcing the developer to show clear intent.

Inspekt can also be used on arbitrary arrays, and provides static filtering and validation methods.

Inspekt works in PHP5, and has no external dependencies.

Inspekt is built upon Chris Shiflett’s original Zend_Filter_Input component (now deprecated) from the Zend Framework.

Initial development of Inspekt was funded by OWASP’s Spring of Code 2007 and preformed by Ed Finkler. You can read the original proposal on the Applications page


Read the User Documentation for more details. You can also browse the generated API Docs.


PHP 5+ (5.2 or higher suggested)


Current Release

Bleeding Edge

built with Jekyll