Why is better to use filter_input()?

Question

This should be a elementary question but why is better to use something like this:

$pwd = filter_input(INPUT_POST, \'pwd\');

Instead of jus

Answer 1

Any data which is sent from the client (such as POST data) should be sanitized and escaped (and even better, sanity-checked) to ensure that it isn't going to kill your website.

SQL Injection and Cross-site scripting are the two largest threats for failing to sanitize your user-sent data.