Okay I know the answer to an all in one data cleaning strategy do not do it. My question is: Are there any standard actions that should be taken to secure form data right off the bat? Asides from doing my own form validation (ie Email, phone, etc).
As of currently this is in relation to a WebApp (HTML, PHP and MYSQL) but I would not say this should be limited to that I want to know best practices. From what I have read the only time anything should be done is when in as a data cleansing step is before a particular action is taken with that data (ie before storing in my database use mysql_real_escape_string).
EDIT:
Asides from SQL injection what are other malicious attacks that can occure from not cleaning data?