I am close to launching a website that i have been working on for some time now and i plan on carrying out a significant review of security .

I understand that one of the biggest areas of concern from a security point of view is how you handle user input (fields / forms etc.)

I don't expect anyone to reply with tonnes of information on each, as the internet is full of help and advice BUT the one downside of the internet is 'how up to date' the information is (don't want to use / implement out dated practices) or the 'integrity' of the advice, especially in relation to this subject'.

So what are your key best practices for each of the following:

1 - Validating Input

2 - Sanitizing Input

Thanks in advance for your help...