what is the point of escaping quotation marks in php

Posted by Jacksta on Stack Overflow See other posts from Stack Overflow or by Jacksta
Published on 2010-04-18T07:43:36Z Indexed on 2010/04/18 7:53 UTC
Read the original article Hit count: 345

Filed under:
|

Here is a validation script from a book I am learning, Why is escaping the quotation marks necassery? e.g. <option value=\"char\">char</option>

<?php
//validate important input
if ((!$_POST[table_name]) || (!$_POST[num_fields])) {
    header( "location: show_createtable.html");
           exit;
}

//begin creating form for display
$form_block = "
<form action=\"do_createtable.php\" method=\"post\">
<input name=\"table_name\" type=\"hidden\" value=\"$_POST[table_name]\">
<table cellspacing=\"5\" cellpadding=\"5\">
  <tr>
    <th>Field Name</th><th>Field Type</th><th>Table Length</th>
  </tr>";

//count from 0 until you reach the number fo fields
for ($i = 0; $i <$_POST[num_fields]; $i++) {
  $form_block .="
  <tr>
  <td align=center><input type=\"texr\" name=\"field name[]\"
  size=\"30\"></td>
  <td align=center>
    <select name=\"field_type[]\">
        <option value=\"char\">char</option>
        <option value=\"date\">date</option>
        <option value=\"float\">float</option>
        <option value=\"int\">int</option>
        <option value=\"text\">text</option>
        <option value=\"varchar\">varchar</option>
        </select>
  </td>
  <td align=center><input type=\"text\" name=\"field_length[]\" size=\"5\">
  </td>
</tr>";
}

//finish up the form 
$form_block .= "
<tr>
    <td align=center colspan=3><input type =\"submit\" value=\"create table\">
    </td>
</tr>
</table>
</form>";

?>

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Create a database table: Step 2</title>
</head>

<body>
<h1>defnie fields for <? echo "$_POST[table_name]"; ?> 
</h1>
<? echo "$form_block"; ?>

</body>
</html>

© Stack Overflow or respective owner

Related posts about php

Related posts about beginner