When is it best to sanitize user input?

Question

User equals untrustworthy. Never trust untrustworthy user\'s input. I get that. However, I am wondering when the best time to sanitize input is. For example, do you blindly

Answer 1

User input should always be treated as malicious before making it down into lower layers of your application. Always handle sanitizing input as soon as possible and should not for any reason be stored in your database before checking for malicious intent.