Jump to content

serialize()/unserialize() not working with strings that have '

Nolongerused3921

By Nolongerused3921
in PHP Coding Help

 Share

Recommended Posts

Nolongerused3921 Member

Nolongerused3921

Posted
Posted

I can't seem to unserialize an array I had previously serialized, that had 's in it... It doesn't do anything, just makes the variable I assign it to blank....

The string:

a:6:{s:4:"name";s:14:"asd'f'asdf'";s:5:"alias";s:14:"'asdf'asdf'";s:5:"hours";s:14:"'asdf'asdf'";s:10:"experience";s:12:"as'dfas'df";s:8:"why_hire";s:14:"'asdf'asdf'";s:9:"positions";a:1:{i:0;s:1:"3";}}

 

I've tried walking through the array prior to serialization, but that doesn't help...

Link to comment
Share on other sites
Nolongerused3921 Member

Nolongerused3921

Posted
  • Author
Posted

Well... I've figured out that its not my $_POST parsing code, but rather serialization...

 

I looked into it more and its not the $_POST portion, its the serialization portion... It doesn't see slashes when it tries to serialize, possibly because of magical_quotes.... I can clearly see the slashes when I print, but when I serialize it, it doesn't save them... It just counts them when it serializes, so the count is always 1 higher for every escapable character, then the actual value.

 

So basically... A string like:

I'm annoyed

 

Would be counted as 12 instead of 11, since theres a '... Serialize's count sees ' as \', but saves it as '

 

So... Er, how do I fix this?

Link to comment
Share on other sites
stu10576 Newbie

stu10576

Posted
Posted

I have the same error like you before, instead of using serialize() and unserialize I am using other way to store data and retrive them out. For example if I have multiple value to store instead of using serialize() and unserialize I do at the query like this  INSERT into table( a, b, c) Values( '$x1, $y1, $z1', '$x2,$y2,$z2', '$h')

Link to comment
Share on other sites
hitman6003 Newbie

hitman6003

Posted
Posted

If you are using serialize and unserialize, use addslashes (http://www.php.net/addslashes) before you serialize, then use stripslashes (http://www.php.net/stripslashes) after you unserialize.

 

If you are using an SQL query, assuming you are using MySQL, use mysql_real_escape_string (http://www.php.net/mysql_real_escape_string) on the data before you insert it into your query.

 

$query = "INSERT INTO table (a, b, c)
VALUES ('" . mysql_real_escape_string($x1) . "', '" . mysql_real_escape_string($x2) . "', '" . mysql_real_escape_string($x3) . "')

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.