XSS - how to fix?

Hi!

http://www.phpalbum.net/demo3/main.php?cmd=setup&var1=user&var3=1%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E

how do I fix this?

you also can include imgs and iframes


style="display:inline-block;width:468px;height:60px"
data-ad-client="ca-pub-8698264690166658"
data-ad-slot="4417389723">