Module development and code questions

Hello all:

I am very new to Drupal development, so forgive me if I don't phrase everything in my question quite right. 

I am developing a Drupal 8 module with a multistep form / wizard that will allow students to select courses based on their preferences (answered through questions in the first stage of the wizard). Since I don't necessarily want the high school to worry about creating user accounts for all students, these users will typically be anonymous.

Hi, 

I just had a security audit done of my Drupal 7 site and they were able to demonstrate the ability to run a theoretical XSS attack from a plain text field using Java Script. I have plain text fields on a node that I am altering with JS in my module to validate input but not to change display.  If you do a search for the node the JS will execute and in their example will show a pop-up. 

I must be missing something here because plain text should be escaping JavaScript. Right?

Thanks,

Josh

Greetings,

  I've started the processes of converting my Drupal 7 site into Drupal 8.  I'm having a lot of trouble finding the documentation for displaying a list of nodes with my custom module.  I'm able to find the list of node ids and I can pass them to loadMultiple like this:

$nodes = \Drupal::entityTypeManager()->getStorage('node')->loadMultiple($nodeIds);

My attempt is to pass an array of these nodes to the twig template to be rendered.  I'm trying to implement it like this:

I'm looking to update the page title for the homepage of a site (running d7). Currently it's just displaying the site name as the page title and I filled in the page title in the backend but it's getting overwritten by something. I tried disabling Global: Front Page and Global but neither work. As well, I tried overwriting the page title in Global: Front Page.

Would any have any idea how I could go about correcting this issue?

I have a content type to add youtube videos on the site by just adding the link. From within the theme file for that view, I retrieve the number of likes for each video. Is it possible to sort the view based on the number of likes?

I'm rebuilding a D7 module which allows my customer to build a secondary menu that changes depending on a node attribute. I've used the Menu API to dynamically create a custom menu. Using those custom menus, I've created MenuLinkContent successfully that are attached to them, but they don't appear on the page in the SecondaryMenuBlock I've assigned to the page.