Potablog 1338.at Header

When serialize()ing an array containing the data of the last created blogpost there was no error at first.
But if the data were fetched from the database and the script tried to unserialize() them the following error occured:
ZitatNotice: unserialize() [function.unserialize]: Error at offset 51 of 66 bytes in somefile.php

So why is this?
Lets say you have an array with 3 indizes containing 2 strings and one integer.

Code$somearray[0] = "test";
$somearray[1] = "he hasn\'t eaten anything";
$somearray[2] = 36;

As you can see the single quote in the second array-element is escaped by a backslash.
If you now serialize the data you get the following string
Codea:3:{i:0;s:4:"test";i:1;s:25:"he hasn\'t eaten anything";i:2;i:36;}

If this string is now written to the database the backslashes disappears and the field contains the following data:
Codea:3:{i:0;s:4:"test";i:1;s:25:"he hasn't eaten anything";i:2;i:36;}

As the considerate reader might have discovered the length of the highlighted string was first 25 characters and is after inserting into the database 24 characters long.
So if PHP tries to unserialize the string it thinks it has to read 25 characters but there are only 24. This throws the above error.

So how can you circumvent this?
Code$somearray[0] = "test";
$somearray[1] = "he hasn\'t eaten anything";
$somearray[2] = 36;
foreach($somearray as $key=>$value){
$somearray[$key] = stripslashes($value);
$serialized_data = addslashes(serialize($somearray));

So the backslashes are removed before serializing the data and added afterwards to prevent database malfunctions or errors.
Direktlink  Kommentare: 0 geschrieben von potassium am Donnerstag, 27.08.2009, 22:33

Es wurden noch keine (öffentlichen) Kommentare eingetragen.

Kommentar hinzufügen

E-Mail-Adresse*: (Wird nicht veröffentlicht!)

Text *:

HTML ist in den Kommentaren deaktiviert, alternativ können Sie aber (ausgewählte) bbCode-Befehle benutzen.

Privater Kommentar (Ist nur für den Autor des Eintrags lesbar.)
Benachrichtige mich, wenn es Antworten auf meinen Kommentar gibt.
Meine Eingaben merken.

Bitte geben Sie folgenden Antibot-Code ein: