Nolongerused3921 Posted February 1, 2007 Share Posted February 1, 2007 I can't seem to unserialize an array I had previously serialized, that had 's in it... It doesn't do anything, just makes the variable I assign it to blank.... The string: a:6:{s:4:"name";s:14:"asd'f'asdf'";s:5:"alias";s:14:"'asdf'asdf'";s:5:"hours";s:14:"'asdf'asdf'";s:10:"experience";s:12:"as'dfas'df";s:8:"why_hire";s:14:"'asdf'asdf'";s:9:"positions";a:1:{i:0;s:1:"3";}} I've tried walking through the array prior to serialization, but that doesn't help... Quote Link to comment Share on other sites More sharing options...
Nolongerused3921 Posted February 2, 2007 Author Share Posted February 2, 2007 Well... I've figured out that its not my $_POST parsing code, but rather serialization... I looked into it more and its not the $_POST portion, its the serialization portion... It doesn't see slashes when it tries to serialize, possibly because of magical_quotes.... I can clearly see the slashes when I print, but when I serialize it, it doesn't save them... It just counts them when it serializes, so the count is always 1 higher for every escapable character, then the actual value. So basically... A string like: I'm annoyed Would be counted as 12 instead of 11, since theres a '... Serialize's count sees ' as \', but saves it as ' So... Er, how do I fix this? Quote Link to comment Share on other sites More sharing options...
stu10576 Posted February 3, 2007 Share Posted February 3, 2007 I have the same error like you before, instead of using serialize() and unserialize I am using other way to store data and retrive them out. For example if I have multiple value to store instead of using serialize() and unserialize I do at the query like this INSERT into table( a, b, c) Values( '$x1, $y1, $z1', '$x2,$y2,$z2', '$h') Quote Link to comment Share on other sites More sharing options...
hitman6003 Posted February 3, 2007 Share Posted February 3, 2007 If you are using serialize and unserialize, use addslashes (http://www.php.net/addslashes) before you serialize, then use stripslashes (http://www.php.net/stripslashes) after you unserialize. If you are using an SQL query, assuming you are using MySQL, use mysql_real_escape_string (http://www.php.net/mysql_real_escape_string) on the data before you insert it into your query. $query = "INSERT INTO table (a, b, c) VALUES ('" . mysql_real_escape_string($x1) . "', '" . mysql_real_escape_string($x2) . "', '" . mysql_real_escape_string($x3) . "') Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.