Ok, I'm working on the customer registration page and when the user clicks on the submit button it sends an email to the address specifiec where they can click a link. This link is has the user's information coded into it as parameters and I know the php variable values are not null, but when it goes to the confirmation page the parameters are empty. I'm sure they are present in the URL. Here's a snippet of the url, could someone can tell me if it looks right.
You are vulnerable to XSS injection. Any input you are displaying should be passed through htmlspecialchars().
Secondly, your html is malformed. Remove the single quotes around $name and $address?
I was reading alittle more into the php website and I found html_entity_decode(). On the page that I'm sending to should I use this to decode the data then put it in the database?