Re: validation of posted data.

The best thing to do, as CERT recommends, is to "sanitize" and only allow what you need:

$_ = "the\\/bad\$dataStuff"; # your data of course :)
$OK_CHARS='-a-zA-Z0-9_.@'; # allowed characters
s/[^$OK_CHARS]/_/go; # replace invalid chars with _
$user_data = $_; # sanitized version
print $user_data;
# output: the__bad_dataStuff
[download]

Excellent article from CERT.

Comment on Re: validation of posted data. Download Code