Basic php process for html

Question

When using this php process for html forms I only get a response of just "Hello, ". Here is a link to where I have the file uploaded maybe it is a problem on my end break.hostoi.com the php code it self

<?php
    $name = $_POST["$name"];
    echo "Hello, " . $name;
?>

and here is the html if needed

<html>
<head><title>Hello World</title></head>
<body>

<form action="process.php" method="post">
    Enter your name' <input name="name" type="text">
    <input type="submit">
</form>

</body>
</html>

Answer 1

Change

$name = $_POST["$name"];

to

$name = $_POST["name"];

the dollar sign shouldn't be in there

["$name"]
  ^-- // remove this

Add error reporting to the top of your file(s) right after your opening <?php tag

<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);
// rest of code

Having done this, would've thrown an error similar to this:

Notice: Undefined variable: name in...(path of file) on line X

To learn more on error reporting, visit:

• http://php.net/manual/en/function.error-reporting.php

Also, go through the PHP.net website. http://php.net

You can browse through their website where examples are shown. No better way to start than in the manuals themselves.

PHP forms on PHP.net

• http://php.net/manual/en/tutorial.forms.php

---

Footnotes:

Also, you are open to XSS attacks (Cross-site scripting).

Use the following (PHP) filter function: FILTER_SANITIZE_FULL_SPECIAL_CHARS

$name = filter_var($_POST['name'], FILTER_SANITIZE_FULL_SPECIAL_CHARS);

Equivalent to calling htmlspecialchars() with ENT_QUOTES set. Encoding quotes can be disabled by setting.

---

Edit:

As per Jeremy1026's comment:

"by doing $_POST["$name"] you are basically doing, $name = foo; $_POST['foo'];"

Thank you for the additional comment in order to improve the answer.