Jump to content

serialize


freelance84

Recommended Posts

Ok my previous post on this issue began to get a bit ugly (http://www.phpfreaks.com/forums/index.php/topic,297061.0.html).

 

So, I've typed out a simple version of the problem:

 

<?php
$test= array('pig1','pig2','pig3');
$test_s = serialize($test);

echo <<<_END
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>DeRep - Class Reports</title>
<link href="css styles.css" rel="stylesheet" type="text/css" />
</head>

<body>
<form action="test2.php" method="post">
<input type="hidden" name="test_s" value="$test_s" />
<button id="button-submit_4"  name="view" type="submit">view</button>
</form>
</body>

</html>
_END;
?>

 

The above is a simple test of the serialize($array)

 

The above page sends the data to the following php:

<?php
if($_POST){
print_r(unserialize($_POST['test_s']));
}
?>

 

However the result is:

Notice: unserialize() [function.unserialize]: Error at offset 9 of 13 bytes in S:\000 Testing\learn\test2.php on line 3

 

Any help here would be very much appreciated. I'm guessing I've made some glaringly obvious mistake somewhere.

 

N.B I am testing php with "EasyPHP 3.0"

Link to comment
https://forums.phpfreaks.com/topic/200912-serialize/
Share on other sites

It works in a $_SESSION and prints the following:

Array ( [ 0] => pig1 [1] => pig2 [2] => pig3 )

 

I did the following:

test1.php

<?php
$test= array('pig1','pig2','pig3');
$test_s = serialize($test);

session_start();
$_SESSION['ID'] = $test_s;
echo "<a href=\"test2.php\">go</a>";
?>

 

test2.php

<?php
session_start();
$u = $_SESSION['ID'];

print_r(unserialize($u));
?>

 

 

Why doesn't it work through POST?  :shrug:

 

Also, is it not best to keep all SESSION data for the login?

Link to comment
https://forums.phpfreaks.com/topic/200912-serialize/#findComment-1054195
Share on other sites

Why doesn't it work through POST?

It doesn't work via POST because the serialized value has double quotes in it which are terminating the value in the HTML. This can be seen if you show the source. There are two ways to fix this, either use single quotes:

<?php
echo <<<_END
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>DeRep - Class Reports</title>
<link href="css styles.css" rel="stylesheet" type="text/css" />
</head>

<body>
<form action="test2.php" method="post">
<input type="hidden" name="test_s" value='$test_s' />
<button id="button-submit_4"  name="view" type="submit">view</button>
</form>
</body>

</html>
_END;
?>

which would break if there are single quotes in the array, or use urlencode on the value before passing it and urldecode in the processing file.

 

Ken

Link to comment
https://forums.phpfreaks.com/topic/200912-serialize/#findComment-1054271
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.