Thoughts on data validation
- You cannot "validate" data without knowing what "valid" means.
- Do not confuse "validation" with "escaping".(e.g. for presentation
in html, or for presentation to a database.)
- Escaping at multiple removes - arbitrary (potentially malicious) text
hard. Do you know of an easy way?