Re: [PHP] looping through a $_POST variable

Sun, 30 Dec 2007 17:35:10 -0800 

looks like that is my problem it is not separating the emails
string(67) "[EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]" array(1) { [0]=> string(67) "[EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]" } 

$array = explode(' ', $_POST['emails']);
what should I use for spaces or next line to separate them



Okay.

Now var_dump($array) and see what it has.

On Sun, December 30, 2007 6:34 pm, Richard Kurth wrote:

  

When I do a var_dump($_POST['emails']); it has all the emails in it
string(65) "[EMAIL PROTECTED] [EMAIL PROTECTED]
[EMAIL PROTECTED]"
I will validate the emails after I get the loop to work
$memberid comes from a part of the script I did not show you
$memberid
=$_POST["members_id"];
safe_query  is a function that I call that does query stuff

function safe_query ($query = ""){
     include ("dataconf.inc.php");
     dbconnect($dbname,$rootusername,$rootpassword,$roothostname);
    global    $query_debug;

    if (empty($query)) { return FALSE; }

    if (!empty($query_debug)) { print "<pre>$query</pre>\n"; }

    $result = mysql_query($query)
        or die("Query Failed: "
            ."<li>errorno=".mysql_errno(). "<br>"
            ."<li>error=".mysql_error(). "<br><br>"
            ."<li>query=".$query
        );
    return $result;
}


    

On Sun, December 30, 2007 5:29 pm, Richard Kurth wrote:


      

I am trying to loop through a $_POST variable.   It comes  from a
text
area and it will have data like many email address or just one
listed
with a space or on a new line. I can't seam to get the data to
extract
properly. I have tried this below

$array = explode(' ', $_POST['emails']);


        

//see what you have.
//maybe it's not hat you think
var_dump($_POST['emails']);




      

foreach ($array as $value) {


        

//you should probably validate the emails using:

http://php.net/imap_rfc822_parse_adrlist

$value_sql = mysql_real_escape_string($value);



      

$sql = "SELECT id FROM contacts where emailaddress = '$value' AND
members_id = '$memberid'";


        

Use '$value_sql' here.

And I dunno where $memberid came from, but maybe it should be
escaped
as well.



      

$sql_result=safe_query($sql);


        

I'm not sure what "safe_query" is doing, and maybe you think it can
escape the data you embedded into the SQL, but I don't see how you
can
do that...  Sort of a Humpty-Dumpty problem...



      

while ($row=mysql_fetch_array($sql_result)){
$id = $row["id"];
$sql1="UPDATE contacts SET emailstatus ='Unsubscribed' WHERE id =
'$id'";
safe_query($sql1);
}}


        



      

    




  


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php























					Reply via email to