I’ve recently been using PHPs filter_var() function to validate input on forms. Instead of having to remember a decent regular expression or create my own I can now reference one of the validation filters available. There are also sanitize filters which can be used to (wait for it) sanitise input. I know they don’t cover every eventuality but I’d rather use them than a regular expression, and definitely for sanitising input. Using filter_var() is also faster than doing a regular expression with say preg_match() which is good, but doesn’t really make that much difference on the scale that I generally use it.