Hi. On Monday 31 December 2007 00:34, Richard Kurth wrote: > When I do a var_dump($_POST['emails']); it has all the emails in it > string(65) "rkurth@xxxxxxxxxxxxxx ckurth@xxxxxxxxxxxxxx > tkurth@xxxxxxxxxxxxxx" Then this simple regex should do you; just use it instead of explode: $AddressList = preg_split('/\s+/', $_POST['emails']); > I will validate the emails after I get the loop to work An better idea might be to do that INSIDE the loop (the following assumes your $memberid is a number, adjust to suit if this is not the case): foreach ($AddressList as $emailaddress) { // Escape the data before letting it near the db $SAFE_emailaddress = mysql_real_escape_string($emailaddress); $SAFE_memberid = intval($_POST["members_id"]); // Build the query $sql = "SELECT id FROM contact WHERE emailaddress = '$SAFE_emailaddress' AND members_id = '$SAFE_memberid'"; // etc. etc. } > safe_query is a function that I call that does query stuff That is a *terrible* name for that function, as it does nothing at all to make the query safe. You might consider renaming it to run_query or something. Remember, other people may have to make sense of your code one day. Hope this helps, Mark -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php