<input type="hidden" name="myresume" value="<?php echo $row_rs['myresume']; ?>">

since the stored data is in an html format, it displays the resume data in the
hidden field on the page.... not desired.
I do not want to strip the html out of if I have to, but do know how to do
this. Any other ideas?

..oO(jsteinmann)

><input type="hidden" name="myresume" value="<?php echo $row_rs['myresume']; ?>">
>
> since the stored data is in an html format, it displays the resume data in the
>hidden field on the page.... not desired.
> I do not want to strip the html out of if I have to, but do know how to do
>this. Any other ideas?

htmlspecialchars()

But the data and the hidden input shouldn't be there at all for various
reasons. Have a look at sessions instead to transfer data from one page
to another without having to send it forth and back between the server
and the client.

The above not only complicates things, it could also become a security
problem, dependent on what you want to do with the data. Everything sent
from the client can be faked and manipulated, even the content of hidden
or disabled form fields. You would always have to revalidate the data on
the server, over and over again. With sessions you can avoid that.

Micha

I know what you mean. In this case it's in a "member only area" and it's
basically just inserting their profiles resume when they are registering for a
job fair on the job fair registration page, and it knows which resumes based on
the session of whos logged in.

Thanks! i'll give the htmlspecialchars a try...

htmlspecialchars() is a god idea thank you very much

yup... it works