Implode error

[clay1]

I have a form which inputs some fields into a table

 

It has some serialized variables like such:

 

$ss_important_traits = serialize($_POST['ss_important_traits']);

 

Records are then exported.

 

function contate($array){

return implode(",",$array);

}

 

contate(unserialize($row['social_situation']))

 

 

 

Most of the time everything works fine.

 

However occasionally when exporting errors will be produced saying invalid argument passed for implode and it screws up the exported file.

 

The data is in the table and appears to be fine.

 

Is there something that people filling out the form could be doing that causes this error?

[Russia]

Please put your code between

 

[code=php:0]

[/code]

 

tags.

[mikesta707]

perhaps there was an error in serializing/unserializing the data. However, without an example of good and bad data, I can't be of much assistance

[clay1]

perhaps there was an error in serializing/unserializing the data. However, without an example of good and bad data, I can't be of much assistance

 

If I just echo unserialized(variable) I get Array

 

This is one of the ones that isn't working(as stored in the table):

 

a:3:{i:0;s:22:"Lack of Communication";i:1;s:43:"Inability to be compassionate toward others";i:2;s:18:"Lack of self worth";}

 

If I copy that to another field in the table I get the same error. If I enter those answers in the form I don't get the error.

 

 

 

Again it only happens some of the time and not always the same field.

[mikesta707]

well unserialize it and use print_r on it so I can see that the array looks like.

 

post an example of good data also (both the serialized string, and the unserialized array)

[clay1]

Unserialized Romantic_Partner(good):

Array ( [0] => Over Jealous )

Serialized:

a:1:{i:0;s:12:"Over Jealous";}

Unserialized potential_Partner(bad):

Serialized:

a:3:{i:0;s:22:"Lack of Communication";i:1;s:43:"Inability to be compassionate toward others";i:2;s:18:"Lack of self worth";}

[mikesta707]

do you have magic_quotes_gpc off or on in your php.ini? that could be causing the problem

[clay1]

It's not my server, but I will try to find out.

 

Should it be off?

 

If it's on is there anyway to fix the problem without editing php.ini? I don't know that the owner of this site will want to risk breaking other pages/scripts by changing magic_quotes

 

Is there anyway I can get the data I already have, out of the table in a human readable format?

 

Thanks for your help this has been driving me insane

[mikesta707]

if its on, I suppose you could try using add_slashes on the user input, but to be completely honest, i'm not entirely sure. I have read about similar issues to yours, and the problem came from magic quotes being on.

[clay1]

OK

 

So with a bit more direction thanks to your help I found someone who had written a function that appears to work at extracting the serialized data.

 

Is there a way I can do a check where if there is an error unserializing such as:

 

If(!isset(unserialize($variable)

{ fixdatafunction($variable)}

[mikesta707]

From PHP.Net

In case the passed string is not unserializeable, FALSE is returned and E_NOTICE is issued. 

 

thus, you can just do

if (!unserialize($variable)){
echo "Error Unserializing variable";
}

[clay1]

I can not figure this out at all.

 

The most frustrating part is if I enter in the same answers in the form-- it works fine and the data appears exactly the same in the table. So what on earth could be causing the problem???

[mikesta707]

I would say magic quotes is causing the problem. try stripslashes?

[mikesta707]

I may have found something that pertains to your problem.

 

This can happen when magic quotes is turned on. If for example, you
were to read a string in from a file, serialize it, and store it in a
database, there is no way to then unserialize it:

file contents:                          O'Reilly
retrieved from file:            O\'Reilly
serialized:                                     s:9:"O\'Reilly";
stored in db:                           s:9:\"O\'Reilly\";
after stripslashes():           s:9:"O'Reilly";

If you pass the magic-quoted value to serialize, it will choke on the
escaped double quotes. If you run it through stripslashes(),
unserialize will choke on the string-too-short problem. You could maybe
work around it via regex, but...

I worked around it by turning off magic_quotes. Perhaps this is more of
a gotcha than a bug, but it would be nice to make unserialize smart
enough to deal with the possibility.   

 

[clay1]

Using the function here: http://shauninman.com/archive/2008/01/08/recovering_truncated_php_serialized_arrays

 

Seems to have worked on my test data. Still waiting for the owner of the site to test out the reworked file

[MadTechie]

you need to post some serialized data from your system directly after the input, then review anything you do that data (ie stripslashes)

 

with that said, I find it bad practice to use serialize to store data in a database, I would normally create 2 more tables, one for the comments and one to link the comments to the user.

[clay1]

There are a lot of problems with the script, it was coded overseas. I will at some point be able to improve it, but my priority right now is getting the data out that I need.

 

I think I tried stripslashes with no different result.

 

If there were a slash entered would the data look identical in the table? Right down to the a:0:i0:s44 etc?

 

I can't understand how there would be no discernible difference

[MadTechie]

I was not suggesting using stripslashes on the serialized data, infact quite the opposite, as that would mess it up..

okay this is some data with a problem

a:3:{i:0;s:22:"Lack of Communication";i:1;s:43:"Inability to be compassionate toward others";i:2;s:18:"Lack of self worth";}

Now the data is missing something.. but what ?

well this part

Lack of Communication

is too short, its missing 1 character.

 

the problem is the database doesn't care about that the data means, but serialize does..

Now just say you have some data like this

$arr = array("123","456",addslashes('It\'s a good day to die.'));

Now lets play around with it

<?php
$arr = array("123","456",addslashes('It\'s a good day to die.'));
$ser = serialize($arr);
$s_ser = stripslashes($ser);

echo "<pre>\n";
echo "serialized data\n";
var_dump($ser);
echo "usserialized data\n";
var_dump(unserialize($ser));
echo "\n\n";
echo "serialized stripped data\n";
var_dump($s_ser);
echo "unserialized stripped data\n";
var_dump(unserialize($s_ser));

 

Now that will return this

serialized data

string(70) "a:3:{i:0;s:3:"123";i:1;s:3:"456";i:2;s:24:"It\'s a good day to die.";}"

usserialized data

array(3) {

  [0]=>

  string(3) "123"

  [1]=>

  string(3) "456"

  [2]=>

  string(24) "It\'s a good day to die."

}

 

 

serialized stripped data

string(69) "a:3:{i:0;s:3:"123";i:1;s:3:"456";i:2;s:24:"It's a good day to die.";}"

unserialized stripped data

bool(false)

 

Notice that the string(69) of the serialized stripped data is 1 short and thus invalid,

this is way you need to check what changes are done to the serialized data.

 

its likely during the insert into or select from database

[clay1]

So I need to clean up the form/inserts basically?

 

It's pretty lacking in validation

 

Any good tips on validating a form with about 30 fields?

[MadTechie]

Not the form but from where the script gets the post and until the bit where it inserts..

 

without more info its very hard to give any truly useful help as it going to be generic and guess work

 

Any good tips on validating a form with about 30 fields?

 

Depends on the form are they all the same validation ? need more info

[clay1]

The posts are assigned to variables and then inserted:

 

 

$Name = $_POST['Name'];
$gender = $_POST['Gender'];
etc

$sql = "INSERT INTO table () ".
		"VALUES ('','".
		$partyid."', '".
		$Name

 

6 of the posts are serialized and then assigned to a variable, everything else is the same. I'd be fine with doing away with the serialized version if there is a better alternative.

 

I don't think a second table is necessary.

 

They are using serialize on form questions that have multiple text box answers

 

IE 'what are your 3 favorite bands: 1. Kenny G 2. Bob Rock 3. Fabio'

 

[MadTechie]

Theirs a few ways of setting up a multi-choice for from a database, serialized  answers would probably be my last option! But we are not getting into that.. what done is done..

 

okay that info you have giving doesn't help.. the part replaced with etc is the part you should be following for alterations to the serialized data,

some thing is changing the serialized data, from the part where its serialized to the part its unserialized..

 

[clay1]

 

okay that info you have giving doesn't help.. the part replaced with etc is the part you should be following for alterations to the serialized data,

some thing is changing the serialized data, from the part where its serialized to the part its unserialized..

 

 

The etc is just the list of posts being assigned to variables

 

For example one of the ones giving me trouble still--

 

One of the questions 'What is your social situation' has multiple check boxes.

 

It's assigned to the variable:

 

$ss_social_situation = serialize($_POST['ss_social_situation']);

After the list of the other posts literally the next line is the insert

 

The export script does a select all to an associative array

 

Then a series of echo statements.

 

The serialized fields used to be echo'd as such:

 

echo contate(unserialize($row['social_situation']))."\t";

 

But after I added the function previously mentioned I changed them all to this(obviously with the appropriate variable names):

 

		$data = @unserialize($row['social_situation']);
		if ($data === false) // could not unserialize
{	
	$data = repairSerializedArray($row['social_situation']);
		echo contate($data)."\t";
}
elseif(!unserialize($row['social_situation'])){echo "\t";}
else{
		echo contate(unserialize($row['social_situation']))."\t";
}

 

 

This has fixed the issue of having implode errors, but now some records are not lining up with the right columns. I am waiting on a sql dump to test those records.

 

 

 

[MadTechie]

The "fix" isn't a fix but a work around, I would recommend you re-think the design, as this is problem is probably only the first of many.

[clay1]

Like I said I am just trying to get the data out that is already in there.

 

I can visit changing the input later