Jump to content

Recommended Posts

Hello, I'm working on a script for my chat software that will convert an array into a string and then can easily later on be put back into an array, I've already done this but when I did it I didn't think of sub-arrays.

 

For example of an array:

$user_info = array(
'username' => 'test',
'other_info' => array(
  'var' => 'value',
  'var2' => 'value2'
)
);

 

and that would change into something like this:

user_info:{username:test, other_info:{var:value,var2:value2}}

 

I do not care what the string looks like, above was just an example, any separators can be used. I just can't have it messed up by user input (a username with a character of a separator or something).

 

The code I have works for this:

 

$user_info = array('id' => 1, 'username' => 2);

 

and it outputs this as the string

 

id=1&username=2&

 

The code I use is:

 

function strtoarray($str)
{
	$info = explode("&", $str);
	if (is_array($info))
		foreach ($info as $data)
		{
			$data = explode("=", $data);
			if (is_array($data))
			{
				if (!empty($data[0]))
				{
					if ($array[$data[0]])
					{
						if (!is_array($array[$data[0]]))
						{
							$array[$data[0]] = array($array[$data[0]]);
						}
						$array[$data[0]][] = stripslashes(urldecode($data[1]));
					}
					else
					{
						$array[$data[0]] = stripslashes(urldecode($data[1]));
					}
				}
			}
		}
	return $array;
}
function arraytostr($array)
{
	foreach ($array as $key => $value)
	{
		$str .= $key . "=" . addslashes(urlencode($value)) . "&";
	}
	return $str;
}

 

I'm really not sure if regex is the way to go with this or what and that's really why I'm asking for help. I know I could do this with more explodes and what not but I feel as if there's probably a better way to do this and I'm just over complicating it.

 

Thank you in advance.

Link to comment
https://forums.phpfreaks.com/topic/236835-converting-strings-and-arrays/
Share on other sites

<?php
$user_info = array('id' => 1, 'username' => 2);
/*
convert to a string
*/
$user_info = implode('&', $user_info);
echo 'String: '.$user_info.'<br />';
/*
convert from a string to an array
*/
$user_info = explode('&', $user_info);
echo 'Array:<br /><pre>';
print_r($user_info);
echo '</pre>';


?>

Yes.

I'm making a chat room and instead of having 9 fields in the message table I have a couple and then user_info which consists of username=mrdhood&user_color=aa0000&message_color=aa0000 well the function I posted works great. Except now I got the idea to pass "actions" the same way except that one is gonna require arrays to be passed instead of strings.

Then all you need to do is serialize & unserialize the data.

 

/*
save data
*/
$array = serialize($array):
mysql_query("INSERT INTO table SET id=1, text='".mysql_real_escape_string($array)."'");

 

/*
retrieve data
*/
$res = mysql_query("SELECT text FROM table WHERE id=1");
$row = mysql_fetch_assoc($res);
/*
unserialize data
*/
$array = unserialize($row['text']);
echo "<pre>";
print_r($array);
echo "</pre>";

 

http://uk2.php.net/serialize

http://uk2.php.net/manual/en/function.unserialize.php

How can I assure that no user-submitted data messes with these functions? I use mysql_real_escape(), anything else?

You may want to use strip_tags() to remove any HTML.

You could also use prepared statements to prevent SQL injection as opposed to mysql_real_escape_string()

 

http://stackoverflow.com/questions/60174/best-way-to-stop-sql-injection-in-php

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.