I take it that you are talking about a web application?

I have found that tasks that are too small to affect the performance of normal apps become massive overheads on web apps simply because of the amount of traffic a big site can have.

To give an example, my company stress tested one of our sites with varying numbers of simultaneous connections. The site was vastly more successful than was anticipated and we had to strip out some of the error reporting from our stored procedures in order to maintain performance. Under normal conditions this would have had no measurable affect, but with the sheer volumes of users it became an issue.

I would tend to put input validation in the client front end and in a middle tier on the web server probably enclosed within a DLL.

Validation of parameters (for web apps), once they have reached your database server should be kept as simple and as light weight as possible.