From phpguru.org today, there is a new posting that I think every beginning PHP developer out there could stand reading - Cleaning Input Data.

There are just too many scripts out there that just accept the input data as something that can be trusted. Unfortunately, there are just too many malicious forces out there to trust it like this.

If you don't read the phpsec list, then you wouldn't have seen the post from Jared Williams (iirc) regarding using SPL, and specifically ArrayAccess. I basically was asking opinions on a set of classes for cleaning the "tainted GET/POST/COOKIE arrays

Personally, I think this is over engineering for this particular issue, and not only that, but it has the potential to hamper your applications performance.

He gives a suggestion:cleaning an array with stripslashes (as well as subarrays). While it's really one of many ways to ensure the integrity of your input data, it can protect against some of the more common attacks, including SQL injections.