On the NETTUTS.com website today there's a new tutorial looking at a very important (but often forgotten) part of any good web application - sanitizing and filtering data.

Data validation is an integral part of working with forms. Not only can invalid submitted data lead to security problems, but it can also break your webpage. Today, we'll take a look at how to remove illegal characters and validate data by using the "filter_var" function.

Using filter_var they create a simple form with email and URL input fields. Their script runs these through the FILTER_SANITIZE_EMAIL and FILTER_SANITIZE_URL respectively to see if they are valid. Later they add on a name and message field to make it into an email form (performing the checks on these with the FILTER_SANITIZE_STRING).

A link to download the source is also included.