Whenever you’re printing user-input to a page – even something as simple as re-populating an input from a previous page via cookie – someone’s bound to try to exploit it.

Here’s a simple function to help sanitize user input: