I guess the question you should be asking, why is unsafe data getting passed to subroutines/methods in the first place.
For example you are writing a web page, you need to validate the data when 'Submit' the form's data. All data errors should have been caught at the point of submission, not at the point you are passing data into your routines or methods. After that, you initialize your environment to process the data.
It is best to have one really strong layer for validating data and catch exceptions in modules with diagnostic code. Avoid having multiple layers of validations in your programs; you end will end up having multiple layers for error handling and having to decide whether an error is because of data submitted or because there was a fatal exception in that subroutine/module.
As for validating form data, I use DataForm::Validator, it can be tough to learn at first as the documentation is not so great, but it really is very flexible.
|