Re: looping through a $_POST variable

[dg <daneane@xxxxxxxxxxxxx>]

You might want to check the loop alone and check each value of $value:

$array = explode(' ', $_POST['emails']);
foreach($array as $value) {
	print "'$value'<br>";
}

if it works that way, at least you narrow down the possibilities of  
weirdness.

On Dec 30, 2007, at 5:34 PM, Richard Kurth wrote:

> When I do a var_dump($_POST['emails']); it has all the emails in it
> string(65) "rkurth@xxxxxxxxxxxxxx ckurth@xxxxxxxxxxxxxx tkurth@xxxxxxxxxxxxxx 
> "
> I will validate the emails after I get the loop to work
> $memberid comes from a part of the script I did not show you   
> $memberid =$_POST["members_id"];
> safe_query  is a function that I call that does query stuff
>
> function safe_query ($query = ""){
>    include ("dataconf.inc.php");
>    dbconnect($dbname,$rootusername,$rootpassword,$roothostname);
>   global    $query_debug;
>
>   if (empty($query)) { return FALSE; }
>
>   if (!empty($query_debug)) { print "<pre>$query</pre>\n"; }
>
>   $result = mysql_query($query)
>       or die("Query Failed: "
>           ."<li>errorno=".mysql_errno(). "<br>"
>           ."<li>error=".mysql_error(). "<br><br>"
>           ."<li>query=".$query
>       );
>   return $result;
> }
>
> > On Sun, December 30, 2007 5:29 pm, Richard Kurth wrote:
> >
> > > I am trying to loop through a $_POST variable.   It comes  from a  
> > > text
> > > area and it will have data like many email address or just one  
> > > listed
> > > with a space or on a new line. I can't seam to get the data to  
> > > extract
> > > properly. I have tried this below
> > >
> > > $array = explode(' ', $_POST['emails']);
> >
> > //see what you have.
> > //maybe it's not hat you think
> > var_dump($_POST['emails']);
> >
> >
> >
> > > foreach ($array as $value) {
> >
> > //you should probably validate the emails using:
> >
> > http://php.net/imap_rfc822_parse_adrlist
> >
> > $value_sql = mysql_real_escape_string($value);
> >
> >
> > > $sql = "SELECT id FROM contacts where emailaddress = '$value' AND
> > > members_id = '$memberid'";
> >
> > Use '$value_sql' here.
> >
> > And I dunno where $memberid came from, but maybe it should be escaped
> > as well.
> >
> >
> > > $sql_result=safe_query($sql);
> >
> > I'm not sure what "safe_query" is doing, and maybe you think it can
> > escape the data you embedded into the SQL, but I don't see how you  
> > can
> > do that...  Sort of a Humpty-Dumpty problem...
> >
> >
> > > while ($row=mysql_fetch_array($sql_result)){
> > > $id = $row["id"];
> > > $sql1="UPDATE contacts SET emailstatus ='Unsubscribed' WHERE id =
> > > '$id'";
> > > safe_query($sql1);
> > > }}
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php