htmlspecialchars

$name = $_GET['name'];
echo "Welcome to our website, " . htmlspecialchars($name, ENT_QUOTES, 'UTF-8') . "!";

This will convert any special characters from being injected maliciously into your URL path.