don said:
echo "<iframe class=\"iframe\" width=\"600px\" height=\"230px\"
src=\"search_table.php?description=\"" . $description . "\">";
Which will come out as something like:
<iframe class="iframe" width="600px" height="230px"
src="search_table.php?description="YOURDESCRIPTION">
So, you've mixed up your CSS tutorials and your HTML tutorials. The height
and width attributes take either an integer, or an integer followed by a
percentage sign - not an integer followed by the characters "px". (This
isn't something that validation could pick up).
What validation could have picked up, was the extra quotation mark in the
output, you could probably have picked that up just by looking at the code
your script was outputting.
Try:
?>
<iframe class="iframe" width="600" height="230"
src="search_table.php?description=<? php
echo htmlentities(urlencode($description));
?>">
Alternative content
</iframe>
<?php