<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="utf-8">
  <title>Safe PHP</title>
</head>
<body>
<?php

if ( $_POST )
{

?>
<h1>Hi <?php echo htmlspecialchars($_POST['name']); ?></h1>

<?php

}
else
{

?>

<form method="post">
<p>Enter your name: <input type="text" name="name"></p>
</form>

<?php

} /* endif */
 
?>
</body>
</html>