Hi.
On Monday 31 December 2007 00:34, Richard Kurth wrote:
> When I do a var_dump($_POST['emails']); it has all the emails in it
> string(65) "rkurth@xxxxxxxxxxxxxx ckurth@xxxxxxxxxxxxxx
> tkurth@xxxxxxxxxxxxxx"
Then this simple regex should do you; just use it instead of explode:
$AddressList = preg_split('/\s+/', $_POST['emails']);
> I will validate the emails after I get the loop to work
An better idea might be to do that INSIDE the loop (the following assumes
your $memberid is a number, adjust to suit if this is not the case):
foreach ($AddressList as $emailaddress) {
// Escape the data before letting it near the db
$SAFE_emailaddress = mysql_real_escape_string($emailaddress);
$SAFE_memberid = intval($_POST["members_id"]);
// Build the query
$sql = "SELECT id
FROM contact
WHERE emailaddress = '$SAFE_emailaddress'
AND members_id = '$SAFE_memberid'";
// etc. etc.
}
> safe_query is a function that I call that does query stuff
That is a *terrible* name for that function, as it does nothing at all to
make the query safe. You might consider renaming it to run_query or
something. Remember, other people may have to make sense of your code one
day.
Hope this helps,
Mark
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
