Fixing Cross-site Scripting in PHP

Note: This post is part of our series on “How to Fix Cross-site Scripting Vulnerabilities“. The series contains examples on how to fix Cross-site Scripting Vulnerabilities in various programming languages.

“Htmlspecialchars” Convert special characters to HTML entities

<?php
$name = htmlspecialchars($_POST['name'], ENT_QUOTES);
echo $name;
?>