I'm a little bit confused about Filtering and Validation, particularly the sequence that should be used.
When you are processing user generated data to be stored in Database, do you filter first, then validate, or the other way around?
Filtering may correct the error that would make data valid, so if you filter first, the invalid data may become valid but it differs from the original user input.
If you validate first, and you know data is valid for sure, then why even bother filtering it?
