Never display user data back to the user unfiltered. " method="POST"> Your name:
Your age:
]]>