Are you accepting user input and you really need to be sure it comes in in a sanitized format? This can easily be accomplished by using our sanitization libraries:
Basic HTML Special Character Encoding
h($request->request->get('maliciousParameter'));
The POST variable 'maliciousParameter' will be run through htmlspecialchars.
Special Sanitize Methods
Use the sanitizing service to sanitize based on types:
Retrieve the Service
$service = \Core::make('helper/security');
Then you can run all the sanitize methods found in Concrete\Core\Validation\SanitizeService
print $service->sanitizeInt($request->request->get('maliciousInt'));
Or email:
print $service->sanitizeEmail($request->request->get('maliciousInt'));
These methods will only validate integers and emails through.