How to properly filter data on your code to avoid XSS on Drupal
So… you need to write some code, in which you collect data from somewhere (user’s input, database data or an external source of some kind etc..) and display them to your Drupal website in HTML output (for example in a custom block or page).
There are those Friday mornings, that your day starts when you receive a call from a very desperate client because she doesn’t remember what her Drupal password is and of course she doesn’t know what her username or email. OK nothing to worry about, you (think you) possess the admin credentials and you are 3-4 clicks away from resetting her password. But somehow the development team forget to sent you or write down the administrator password. So, you are in the bad position not only to unlock the admin account, but to ultimate help the client before ruining your morning.