I'm reading Chris Shiflett's Essential PHP Security. He suggests making sure all input is filtered by putting it in an array called $clean after it's filtered. This is a way to make sure you don't forget to filter any input, so that only filtered data enters the bowels of the application.
I like the idea, [...]