Pro-tip: Escape all user input either when it's going into the system or when it's going back out to be displayed!