<?php if (isset($_POST['name'])){ $str = trim($_POST['name']); //清理空格 $str = strip_tags($str); //过滤html标签 $str = htmlspecialchars($str); //将字符内容转化为html实体 $str = addslashes($str); echo $str; } ?> <form method="post" action=""> <input name="name" type="text"> <input type="submit" value="提交" > </form>