Hello !

• Enter your name in the field below and this page will say hello to you.
• Now, copy paste <script>alert('You are a fu..... m..... f..... !!')</script> in the field and enjoy what happens ...
• Even worse, copy paste <img src='hard.jpg'/>
• A last example, <script>window.location='http://www.badlocation.com/'</script>

What if the injected value does not come from you but from a not trustworthy user? Congratulations, your PHP programs allows cross-side scripting attacks (XSS) ! Don't know what it means ? Use the form !

<script>window.open('http://www.google.com/search?q=XSS+attack','','')</script>