Sanitize IN Controller

Does anyone have a suggestion for a good method to Sanitize user input
before it is used by a controller? I am aware of the sanitize method,
but it is part of ActionView and not available to my controllers.
This seems like a basic security protocol but I can't seem to find a
good method. Thanks!

In this case I am wanting to sanitize search queries. But I also
would like a safety net for all user generated content.

sanitize_params is a method of my own design? I am hoping to find a
framework to adapt as I am not aware of every possible thing, and I
know there are folks out there who have covered this problem.

Any suggestions?

There's not a general-purpose solution here. Different uses of data
require different techniques. For example:

   * passing to a query
   * sending to a view
   * sending an email
   * executing a shell command
   * using Ruby's eval() method

There is no one way to "sanitize" data for all of these situations.
You have to apply the appropriate techniques to the appropriate uses.