<html>
<head>
<title>Example</title>
</head>
<body>
Name: <?php echo htmlentities($_GET['name']); ?>
</body>
</html>
http://example.com/script.php?name=derick
Name: derick
:-)
http://example.com/script.php?name=<script>alert('!');</script>
<script>alert('!');</script>