When I do a var_dump($_POST['emails']); it has all the emails in it
string(65) "[EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]"
I will validate the emails after I get the loop to work
$memberid comes from a part of the script I did not show you $memberid =$_POST["members_id"];
safe_query  is a function that I call that does query stuff

function safe_query ($query = ""){
    include ("dataconf.inc.php");
    dbconnect($dbname,$rootusername,$rootpassword,$roothostname);
   global    $query_debug;

   if (empty($query)) { return FALSE; }

   if (!empty($query_debug)) { print "<pre>$query</pre>\n"; }

   $result = mysql_query($query)
       or die("Query Failed: "
           ."<li>errorno=".mysql_errno(). "<br>"
           ."<li>error=".mysql_error(). "<br><br>"
           ."<li>query=".$query
       );
   return $result;
}

On Sun, December 30, 2007 5:29 pm, Richard Kurth wrote:
I am trying to loop through a $_POST variable.   It comes  from a text
area and it will have data like many email address or just one listed
with a space or on a new line. I can't seam to get the data to extract
properly. I have tried this below

$array = explode(' ', $_POST['emails']);

//see what you have.
//maybe it's not hat you think
var_dump($_POST['emails']);


foreach ($array as $value) {

//you should probably validate the emails using:

http://php.net/imap_rfc822_parse_adrlist

$value_sql = mysql_real_escape_string($value);

$sql = "SELECT id FROM contacts where emailaddress = '$value' AND
members_id = '$memberid'";

Use '$value_sql' here.

And I dunno where $memberid came from, but maybe it should be escaped
as well.

$sql_result=safe_query($sql);

I'm not sure what "safe_query" is doing, and maybe you think it can
escape the data you embedded into the SQL, but I don't see how you can
do that...  Sort of a Humpty-Dumpty problem...

while ($row=mysql_fetch_array($sql_result)){
$id = $row["id"];
$sql1="UPDATE contacts SET emailstatus ='Unsubscribed' WHERE id =
'$id'";
safe_query($sql1);
}}



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to