I made a simple base64 decoder form, which takes in an input through a textarea. I assume the input is base64 encoded. If it isn’t base64 input, and there’s a PHP error or garbage is returned, I don’t mind at the moment However, from a security perspective do I need to do any validation or sanitation on this input?

The page is called error-decoder.php, and it submits to itself, and doesn’t interact with a database or anything else. Here is the whole thing:

<!DOCTYPE html>
<html lang="en">
    <head>
        <meta charset="utf-8" />
        <title></title>
    </head>
    <body>
        <div id="container" style="width: 80%; margin: 0 auto; font-family: sans-serif;">

            <form name="error-decoder" action="error-decoder.php" method="post">
                <textarea name="error-text-area" style="width: 100%; height: 400px;">
                    <?php if(!empty($_POST['error-text-area'])){ echo $_POST['error-text-area']; } ?>
                </textarea>
                <button type="submit" style="float: right;">Decode</button>
            </form>

            <?php
            if(!empty($_POST['error-text-area'])){
            ?>
                <p>Output:</p>
                <hr>
                <div id="error-output">
                <br />
            <?php
                echo base64_decode($_POST['error-text-area']) . "</div>";
            }
            ?>

        </div>

    </body>
</html>

Is there anything that needs to be done to make this safe either for the user or for my server? Are there important php.ini settings I need to worry about that would affect your answer? I don’t care about errors or garbage except how it might affect security. Thanks for any info on this!