PHP serialization and deserialization detailed

This article introduces the knowledge about serialization and deserialization in PHP. Have a good reference value, follow the small series together to see it

Compress complex data types into a string

Serialize () encodes variables and their values into textual form

Unserialize () restore the original variable

eg

$stooges = Array (' Moe ', ' Larry ', ' Curly '); $new = Serialize ($stooges);p rint_r ($new); echo "<br/>";p rint_r ( Unserialize ($new));

Results: a:3:{i:0;s:3: "Moe"; I:1;s:5: "Larry"; I:2;s:5: "Curly";}

Array ([0] = Moe [1] = Larry [2] = Curly)

When you place these serialized data in a URL and pass between pages, you need to call UrlEncode () on the data to ensure that the URL metacharacters in it are processed:

$shopping = Array (' Poppy seed bagel ' = 2, ' Plain bagel ' =>1, ' Lox ' =>4); Echo ' <a href= ' next.php?cart= '. Urlenco De (Serialize ($shopping)). ' Rel= ' external nofollow ' >next</a> ';

The settings of the MARGIC_QUOTES_GPC and Magic_quotes_runtime configuration items affect the data that is passed to Unserialize ().

If the MAGIC_QUOTES_GPC entry is enabled, the data passed in the URL, post variables, and cookies must be processed with stripslashes () before deserialization:

$new _cart = unserialize (stripslashes ($cart)); If MAGIC_QUOTES_GPC is turned on $new_cart = Unserialize ($cart);

If Magic_quotes_runtime is enabled, it must be processed with addslashes () before writing the serialized data to the file, and must be processed with stripslashes () before reading them:

$fp = fopen ('/tmp/cart ', ' W '), Fputs ($FP, Addslashes (serialize ($a))), fclose ($FP);//If Magic_quotes_runtime is turned on $new_cat = Unserialize (Stripslashes (file_get_contents ('/tmp/cart '));//If magic_quotes_runtime is off $new_cat = unserialize (file _get_contents ('/tmp/cart '));

In the case of Magic_quotes_runtime enabled, reading serialized data from the database must also be processed by stripslashes (), and the serialized data saved to the database must be processed by addslashes () so that it can be stored appropriately.

mysql_query ("INSERT INTO cart (Id,data) VALUES (1, '". Addslashes (Serialize ($cart)). "); $rs = mysql_query (' Select data from cart where id=1 '); $ob = Mysql_fetch_object ($RS);//If Magic_quotes_runtime is turned on $new_cart = Unserialize (stripslashes ($ob->data));//if magic_quotes_runtime off $new_cart = unserialize ($ob->data);

When an object is deserialized, PHP automatically calls its __wakeup () method. This allows the object to reestablish various states that could not be persisted when serializing. For example: Database connections, and so on.

The above is the whole content of this article, I hope that everyone's study has helped.