andymike07 Posted July 4, 2007 Share Posted July 4, 2007 Hi everyone, I"m working on an app and I'm running into a little problem with unserialize() and the mysql data that I've previously serialize()d. The way the app works is it takes form data and converts this data into an array, then I used serialize() to convert it into something I could put in my database. Now I want to get the serialized data out of the database, and back into an array, so I use it. The data is in the database, and I can print it out without un-serializing it, but when I try to convert the data back to an array it just prints a blank page. When the data is submitted to the database: //Placeholder Array $placeholders = array("=", "--", "<b>", "</b>", "<i>", "</i>", "<blockquote>", "</blockquote>", "_", " "); //replace array $replacevals = array("", "", "[b]", "[/b]", "[i]", "[/i]", "[blockquote]", "[/blockquote]", "", ""); $ingr = serialize(explode("\n", addslashes(htmlentities(str_replace($placeholders, $replacevals, $_POST['ingredients']))))); Data from the database: $test = unserialize(html_entity_decode($ingr)); print $test; Result is a blank page. I've been trying for googling for a couple hours now and I can't figure out what I'm doing wrong. If anyone can give me some help finding what I'm doing wrong it would be much appreciated! Quote Link to comment Share on other sites More sharing options...
stoker Posted July 5, 2007 Share Posted July 5, 2007 What does unserialize return? Check it with === false as that would indicate the way you store or retrieve the data is not valid... The Addslashes seems misplaced if it is meant to make the data valid for an sql query? then you should use mysql_escape_string on the Whole string, not on each line.. Something like $placeholders = array("=", "--", "<b>", "</b>", "<i>", "</i>", "<blockquote>", "</blockquote>", "_", " "); $replacevals = array("", "", "[b]", "[/b]", "[i]", "[/i]", "[blockquote]", "[/blockquote]", "", ""); $ingredients = $_POST['ingredients']; // You need to clean this data $ingr = serialize(explode("\n", htmlentities(str_replace($placeholders, $replacevals, $ingredients)))); mysql_query ("INSERT INTO tablename (columnname) VALUES('".mysql_escape_string($ingr)."');"); mysql_query ("SELECT columnname FROM tablename;"); $row = mysql_fetch_assoc('columnname'); $test = unserialize(html_entity_decode($ingr)); print $test; or perhaps i missunderstood something here.. anyway, for testing do an unserialize right after the serialize to test it.. Quote Link to comment Share on other sites More sharing options...
andymike07 Posted July 5, 2007 Author Share Posted July 5, 2007 Hi Stoker, Thanks for the help. If I print the data in the database without unserializen()ing it it prints perfectly fine. I see the following: a:7:{i:0;s:49:"2 Whole breasts of chicken, cut into 1-in cubes ";i:1;s:25:"1 md Onion, sliced thick ";i:2;s:20:"1 tb Cognac or arak ";i:3;s:14:"1/2 ts Pepper ";i:4;s:23:"1/2 ts Ground cinnamon ";i:5;s:23:"1/4 ts Ground turmeric ";i:6;s:9:"1 ts Salt";} When I unserialize the data in the database nothing is printed to the page. It just returns blank space. You are correct about the addslashes(). I was using it to simply add backslashes before quotes. Quote Link to comment Share on other sites More sharing options...
sasa Posted July 5, 2007 Share Posted July 5, 2007 your 1st array element (index = 0) is string '2 Whole breasts of chicken, cut into 1-in cubes ";i:1;s:25:"1 md Onion, sliced thick ' it has 48 caracters but in your serialized variable is s:49 (string(49)) Quote Link to comment Share on other sites More sharing options...
andymike07 Posted July 8, 2007 Author Share Posted July 8, 2007 Thanks for your help guys. I figured out the problem was how i put the data in the database. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.