I notice that you use the "nickname" variable in order to achieve the injection. How does one find the existence of this variable. I loaded the PHP script up in Kali and tried to attempt to see if I could see the "nickname" variable somehow. I was unable to. I did not try a HTTP file browser but if I was tasked at discovering and getting HTML injection with this htmli.php file, how can I find the variable available to test with?