473,406 Members | 2,769 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > unserialize(), arrays, and newlines = error

Join Bytes to post your question to a community of 473,406 software developers and data experts.

unserialize(), arrays, and newlines = error

Greetings:

So, I've got a real problem in that PHP doesn't seem to be able to
unserialize() an array that has an element containing a newline. Of
course, I've used htmlentities() to protect the serialized data.

Here's a simple example that demonstrates the problem:
-----
<?php

$blah = array("I like\nnewlines");

echo '<html>';
echo '<body>';

if (isset($_POST['blah'])) {
if (unserialize(html_entity_decode($_POST['blah'])) === FALSE)
echo '<p>Unserialize failed.</p>';
else
echo '<p>Unserialize worked.</p>';
}

echo '<form method="POST" enctype="multipart/form-data"
action="test.php">';

echo '<input type="hidden"';
echo ' name="blah"';
echo ' value="';
echo htmlentities(serialize($blah));
echo '"';
echo '/>';

echo '<input type="submit" name="doink" value="Submit" />';

echo '</form>';

echo '</body>';
echo '</html>';

?>
Jul 17 '05 #1
3 8104
Mark wrote:
So, I've got a real problem in that PHP doesn't seem to be able to
unserialize() an array that has an element containing a newline. Of
course, I've used htmlentities() to protect the serialized data.

Here's a simple example that demonstrates the problem:
two small changes, just to remove that newline

[...]if (isset($_POST['blah'])) { if (unserialize(stripcslashes(html_entity_decode($_PO ST['blah'])))
=== FALSE) echo '<p>Unserialize failed.</p>'; [...]echo ' value="'; echo htmlentities(addcslashes(serialize($blah), "\n"));echo '"';

[...]
Depending on the contents of your "blah" field you may want to add
more characters to be added cslashes.
HTH

--
I have a spam filter working.
To mail me include "urkxvq" (with or without the quotes)
in the subject line, or your mail will be ruthlessly discarded.
Jul 17 '05 #2
Greetings:

Pedro <he****@hotpop.com> wrote in message news:<3b********************************@4ax.com>. ..
two small changes, just to remove that newline
[...]
Depending on the contents of your "blah" field you may want to add
more characters to be added cslashes.


Thanks for the suggestion Pedro. PHP only seems to have problems when
the serialize()d data is coming from a form. If I just serialize()
and htmlentities() the array, and then do the reverse without going
through the form, everything is just fine.

So obviously this isn't a bug with PHP, rather it's something in how
the form data is handled, and not necessarily a bug. In any case, it
certainly caught me off guard.

Thanks again.

Mark A. Fox
Jul 17 '05 #3
Greetings:

Pedro led me to the final and general (I think) solution to this
problem: Use addcslashes() to slashify all non-ASCII characters.
This is important in my case (but not the example below), because I'm
dealing with what could be binary data.

Here's the final updated example:

-----
<?php

$blah = array("I like\nnewlines");

echo '<html>';
echo '<body>';

if (isset($_POST['blah'])) {
if (unserialize(html_entity_decode(stripcslashes($_PO ST['blah'])))
=== FALSE)
echo '<p>Unserialize failed.</p>';
else
echo '<p>Unserialize worked.</p>';
}

echo '<form method="POST" enctype="multipart/form-data"
action="test.php">';

echo '<input type="hidden"';
echo ' name="blah"';
echo ' value="';
echo htmlentities(addcslashes(serialize($blah),
"\0..\37!@\@\177..\377"));
echo '"';
echo '/>';

echo '<input type="submit" name="doink" value="Submit" />';

echo '</form>';

echo '</body>';
echo '</html>';

?>
Jul 17 '05 #4
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

0
On the strange behaviour of serialize & unserialize with recursive objects.
by: James Sleeman | last post by:
Hi all, i just spent an hour rifling through code to find the cause of a problem only to find it's an oddity with serialization and recursive objects, so figured I'd post for the next person who...
PHP
2
Serialize / Unserialize
by: Andrew | last post by:
Some have suggested that using serialize() and unserialize is faster than reading/writing an array to disk as a simple text file using $array = file('numbers.txt'); Can anyone justify this? ...
PHP
7
Unserialize a single array element in a constant?
by: richbl | last post by:
Hello all, I have a question about unserializing a single array element from a serialized array. Can this be done, or must I first unserialize the array, and then access the element? For...
PHP
5
unserialize
by: Mike | last post by:
I finally got serialize to work but now I cannot get unserialize to work. Here is my code. $settings = serialize($settings_array); echo "<INPUT TYPE='Hidden' NAME='settings'...
PHP
1
Mysterious missing newlines ...
by: dbee | last post by:
Hi, So I'm having a problem with disappearing newlines. I import the newlines from a file into my shell script fine. But then I process the text and the url_encode comes out the other end with...
PHP
4
help: output arrays into file as column
by: bei | last post by:
Hi, I am trying to write several arrays into one file, with one arrays in one column. Each array (column) is seperated by space. ie. a= b= c= 1 5 9 2 6 10 3 7 11 4 8 12
Python
7
serialize() and unserialize()
by: powellgg | last post by:
I've just taken over a PHP website and am converting it to ASP.NET (don't shoot!). I'm not a PHP guy so I'm doing a lot of searching for things that I aren't obvious, and I'm hoping I'll be able...
PHP
0
The1corrupted
Serialze/Unserialize do not work
by: The1corrupted | last post by:
I have tried over and over but I acnnot get serialized arrays in php to unserialize and register.
PHP
0
php unserialize is not returning anything.
by: kigoobe | last post by:
Hi friends I am using serialize to store a multidimensional array to the db, which looks like the following on printing directly from the database ...
PHP
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!