I found a good resource on validating user input on Channel9. You can reach that resource by following this link: http://channel9.msdn.com/wiki/default.aspx/SecurityWiki.RegExInputValCode2
The page contains a set of utility methods to help you in validating the inputs for your web application. The technique used is "whitelisting" technique in a sense that the user input is validated against a pattern that is known to be good using Regular Expressions.
Hope you will benefit from this page!