Okay.
Now var_dump($array) and see what it has.
On Sun, December 30, 2007 6:34 pm, Richard Kurth wrote:
> When I do a var_dump($_POST['emails']); it has all the emails in it
> string(65) "rkurth@xxxxxxxxxxxxxx ckurth@xxxxxxxxxxxxxx
> tkurth@xxxxxxxxxxxxxx"
> I will validate the emails after I get the loop to work
> $memberid comes from a part of the script I did not show you
> $memberid
> =$_POST["members_id"];
> safe_query is a function that I call that does query stuff
>
> function safe_query ($query = ""){
> include ("dataconf.inc.php");
> dbconnect($dbname,$rootusername,$rootpassword,$roothostname);
> global $query_debug;
>
> if (empty($query)) { return FALSE; }
>
> if (!empty($query_debug)) { print "<pre>$query</pre>\n"; }
>
> $result = mysql_query($query)
> or die("Query Failed: "
> ."<li>errorno=".mysql_errno(). "<br>"
> ."<li>error=".mysql_error(). "<br><br>"
> ."<li>query=".$query
> );
> return $result;
> }
>
>> On Sun, December 30, 2007 5:29 pm, Richard Kurth wrote:
>>
>>> I am trying to loop through a $_POST variable. It comes from a
>>> text
>>> area and it will have data like many email address or just one
>>> listed
>>> with a space or on a new line. I can't seam to get the data to
>>> extract
>>> properly. I have tried this below
>>>
>>> $array = explode(' ', $_POST['emails']);
>>>
>>
>> //see what you have.
>> //maybe it's not hat you think
>> var_dump($_POST['emails']);
>>
>>
>>
>>> foreach ($array as $value) {
>>>
>>
>> //you should probably validate the emails using:
>>
>> http://php.net/imap_rfc822_parse_adrlist
>>
>> $value_sql = mysql_real_escape_string($value);
>>
>>
>>> $sql = "SELECT id FROM contacts where emailaddress = '$value' AND
>>> members_id = '$memberid'";
>>>
>>
>> Use '$value_sql' here.
>>
>> And I dunno where $memberid came from, but maybe it should be
>> escaped
>> as well.
>>
>>
>>> $sql_result=safe_query($sql);
>>>
>>
>> I'm not sure what "safe_query" is doing, and maybe you think it can
>> escape the data you embedded into the SQL, but I don't see how you
>> can
>> do that... Sort of a Humpty-Dumpty problem...
>>
>>
>>> while ($row=mysql_fetch_array($sql_result)){
>>> $id = $row["id"];
>>> $sql1="UPDATE contacts SET emailstatus ='Unsubscribed' WHERE id =
>>> '$id'";
>>> safe_query($sql1);
>>> }}
>>>
>>
>>
>>
>
>
--
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/from/lynch
Yeah, I get a buck. So?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
