[eluser]n0xie[/eluser]
[quote author="WanWizard" date="1292391485"]Ok, fair enough.
Just curious: where would you leave the type of methods I mentioned? In MY_Model? Even if they are substantial in size and not every model needs them?[/quote]
That is one of the toughest cookies to crack. Do I sanitize/validate inside the controller or inside the model? It's something I don't have a good answer for as of yet.
Personally I do all the validating and sanitizing inside the controller and keep the model 'dumb'. That's not adhering to thin controllers/fat models and actually breaks MVC (since the model should be application/data business logic), but this way I don't have to change both the controller and the model every time another field gets added to the form.
When doing the validating/ sanitizing inside your model, I would either put them in a base class or maybe pass a validation object as a parameter. If it would be cleaner to just load an library, I would just as easily do that, but I would at least consider the other options. The trouble is, that if you start this train of thought, you might as well add your 'security library' to the mix as well. After all it's 'just' data and it needs to be cleaned. Then maybe load an helper to format an array a specific way. The next step is that you just grab the POST array straight from your model and sooner or later you'll be in code spaghetti hell.
It's a slippery slope and you should be wary of it. Try to keep pieces of code as decoupled as possible without breaking DRY.
tl;dr: use whatever you think is appropriate :-P