is that the complete code? if so you are missing some stuff.

$sql="select * from words";
$result = mysql_query($sql) or die (mysql_error());
while($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
    if (!strpos($thestring, $row['word'])) {
        continue;
    } else {
        echo "The word $row['word'] is not allowed";
        exit;
    }
}

What stuff am I missing Drew? I included only the important parts of the code in the posting.

Thank you for the code Hitman, but it did not work. It did the same thing my code does - doesn't find it. I think it has something to do with it being a variable in the strpos or eregi test. Like I orginally said, if I replace $row['word'] with a string such as "word", it will find the match if one exists in the table. I appreciate your efforts.

i just made this, should be similar since its an array, just modify to be in the while loop instead of foreach..

<?php

$words = array('fuck', 'shit', 'damn', 'ass');

$sentence = 'hello there this is so fucked man i cant beleive this shit!';

foreach($words as $word) {
	if (preg_match('/' . preg_quote($word) . '/i', $sentence, $match)) {
		echo 'bad word found!  you can\'t say ' . $match[1] . '!!!!!!';
                exit;
	}
}

?>

Thank you Drew, but unfortunately I am having the same problem as before. I have 1000 words in the table and want to search for each one. Your code, and the code I have included works great when the word to search for is manually coded like:
$words = array('fuck', 'shit', 'damn', 'ass');
I built a dynamic array from the query results, but no luck. $array printed out on the screen as "array('fuck', 'shit', 'damn', 'ass')", so I used the expression $words = $array;, which did not work either.

I also built an array with a key value, $counter, which didn't work as seen in the code below. If I use $array = array('shit', 'fuck', '420'); as also seen in this code, all three tests find the word. I don't understand why searching for a variable specified word doesn't work; it only works if the work being searched for is actually coded into the page. ??? Thanks again!

$thestring = "666 fuck shit cock 420";

	$sql="
	select word
	from words
	";
	$result = mysql_query($sql) or die (mysql_error());
	$counter = 0;
	while($row = mysql_fetch_array($result, MYSQL_ASSOC))
		{
					$fword = strtolower($row['word']);
					$array[$counter] = $fword;
					$counter++;
		}//end while

//$array = array('shit', 'fuck', '420');
foreach($array as $word)
{
if (preg_match('/' . preg_quote($word) . '/i', $thestring, $match))
{
echo 'bad word found! you can\'t say ' . $match[0] . '!!!!!!';

		} 

	 $test = strpos($thestring, $word);
		{
			if($test === false)
				{
				}
			else
				{
					print "word was found with strpos - $word";
				}
		} 

	 if(eregi($word, $thestring)) 
		{
			print "word found with eregi - $word";
		}
exit;

}

I gave in and put the badwords into the code instead of using the database table. I printed out all the words to the screen in an acceptable format for an array: 'shit', 'fuck', etc.... I copied all of them and pasted into the code. It works. Thank you all for your help.

Wouldn't something like
SELECT word FROM words WHERE '$thestring' LIKE CONCAT ('%', word, '%')
have been what you were originally looking for?

Btw, if you test for your badwords one by one, like in Drew's suggestion and your last code, a simple string function like stristr may be more appropriate than regex functions, I think.