Geek Answers Handbook

Problem with unserialize PHP

Why doesn't unserialize restore my array? See code below ..

// prints a:1:{s:8:"txn_type";s:32:"recurring_payment_profile_cancel";} echo $item['response']; // prints nothing print_r(unserialize($item['response']));

I understand why print_r ($ response) gives me nothing

** edit - I noticed this

Note: unserialize () [function.unserialize]: error with an offset of 6 out of 2797 bytes in / home / reitinve / public _html / action / doc.php on line 13

What does it mean?

+6
php serialization
source share
4 answers

Is it possible that $item['response'] contains spaces before or after it?

Check strlen($item['response']) gives you 61.

Edit: It looks like it works with a space at the end, but a space at the beginning will make it uneserialized.

Edit: this error message means you have a lot of spaces (almost 2 KB), or $item['response'] changes between echo and unserialize

+3
source share

works for me just fine. are you sure $item['response'] is a string? Yes, it seems like leading spaces.

and on your server-server php should never give you "nothing". It must be configured to receive all errors, warnings and notifications. also you can use http://php.net/var_dump instead of print_r as it gives you more information.

+1
source share

This is why I had this problem and how I developed it:

I stored an array in my input like this:

 value="<?php echo htmlspecialchars(serialize(array($a, $b))); ?>"

Here I had to use htmlspecialchars() due to possible parsing errors.

Then, when I tried to perform non-serialization, he gave me this error Error at offset X of Y bytes in ... I printed a non-serialized string on the screen, I realized that the html equivalents of some characters cause an error.

To be more clear, the double quote mark of %22 html codes caused this error. So I replaced them with quotes and worked.

 unserialize(str_replace('%22', '"', $_POST['serialized']));

So it’s better to check if there are any html codes in the serialized string and replace them with the original characters.

0
source share

Also be careful if you try to put a serialized array in a text box to end up passing it somewhere else through Ajax, you might run into problems with special characters like Ampersand (&) that will be converted to "&" , and this is enough so that your "serialized" array is not restored.

I found the use of rawurlencode and rawurldecode very useful to make my serialization bulletproof, no matter how it gets carried through my scripts;

 $myArray = array("Bugs Bunny", "Tom & Jerry"); $serialized = rawurlencode(serialize($myArray)); $myUnserializedArray = rawurldecode(unserialize($serialized));
0
source share

More articles:


All Articles