Just wondering ... is there a PHP equivalent of Perl Taint Mode? I do not think there is, but thought I would ask.
You may be interested in: http://wiki.php.net/rfc/taint
Looks like a patch was made ...
http://blog.php-security.org/archives/92-CORE-GRASP-PHP-Tainted-Mode.html