Workaround for Unserialize return false in PHP
PHP provides serialize (serialization) and Unserialize (deserialization) methods.
Once serialized using serialize, the original data can be obtained using unserialize deserialization.
Let's take a look at the following program examples:
1 2 3 4 5 6 7 8 9 10 11 12 13 |
$arr = Array ( ' Name ' = ' Fdipzone ', ' Gender ' = ' male ' ); $str = serialize ($arr); Serialization of Echo ' Serialize str: '. $str. " \r\n\r\n "; $content = Unserialize ($STR); Deserialization echo "Unserialize str:\r\n"; Var_dump ($content); ?> |
Output:
1 2 3 4 5 6 7 8 9 |
Serialize str:a:2:{s:4: "Name"; S:8: "Fdipzone"; s:6: "Gender"; s:4: "Male";} Unserialize STR: Array (2) { ["Name"]=> String (8) "Fdipzone" ["Gender"]=> String (4) "Male" } |
But the following example deserializes returns false
1 2 3 4 |
$str = ' a:9:{s:4: ' time '; i:1405306402;s:4: "Name"; S:6: "New Morning"; s:5: "url"; s:1: "-"; s:4: "word"; s:1: "-"; S:5: "RPage"; s:29: " Http://www.baidu.com/test.html "; s:5:" Cpage "; s:1:"-"; s:2:" IP "; s:15:" 117.151.180.150 "; s:7:" Ip_city "; s:31:" Beijing, China Beijing mobile "; s:4:" Miao "; s:1:" 5 ";} '; Var_dump (Unserialize ($STR)); BOOL (FALSE) ?> |
Check the serialized string and discover that the problem is in two places:
S:5: "url"
s:29: "Http://www.baidu.com/test.html"
These two places should be
S:3: "url"
S:30: "Http://www.baidu.com/test.html"
This problem occurs because the encoding when serializing the data is inconsistent with the encoding when deserializing, for example, the database is latin1 and the UTF-8 character length is not the same.
There is also the possibility of a single double quotation mark, the ASCII character "\" is resolved to ' Terminator ', in C is the string is equal to Chr (0), error parsing after 2 characters.
\ r also causes problems when calculating the length.
Here's how to fix it:
1 2 3 4 5 6 7 8 9 10 11 12 13 |
Utf8 function mb_unserialize ($serial _str) { $serial _str= preg_replace ('!s: (\d+): "(. *?)";! Se ', ' s: '. strlen (' $ "). ': \ ' $2\ "; '", $serial _str); $serial _str= str_replace ("\ R", "", $serial _str); Return Unserialize ($serial _str); } Ascii function asc_unserialize ($serial _str) { $serial _str = preg_replace ('!s: (\d+): "(. *?)";! Se ', ' "s:". strlen ("$"). ": \" $2\ ";" ', $serial _str); $serial _str= str_replace ("\ R", "", $serial _str); Return Unserialize ($serial _str); } |
Example:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
Echo ' ; Utf8 function mb_unserialize ($serial _str) { $serial _str= preg_replace ('!s: (\d+): "(. *?)";! Se ', ' s: '. strlen (' $ "). ': \ ' $2\ "; '", $serial _str); $serial _str= str_replace ("\ R", "", $serial _str); Return Unserialize ($serial _str); } $str = ' a:9:{s:4: ' time '; i:1405306402;s:4: "Name"; S:6: "New Morning"; s:5: "url"; s:1: "-"; s:4: "word"; s:1: "-"; S:5: "RPage"; s:29: " Http://www.baidu.com/test.html "; s:5:" Cpage "; s:1:"-"; s:2:" IP "; s:15:" 117.151.180.150 "; s:7:" Ip_city "; s:31:" Beijing, China Beijing mobile "; s:4:" Miao "; s:1:" 5 ";} '; Var_dump (Unserialize ($STR)); False Var_dump (Mb_unserialize ($STR)); That's right |
The Mb_unserialize method of filtering \ R can be successfully deserialized using a single double-quote process.
Using unserialize:
BOOL (FALSE)
Using Mb_unserialize
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
Array (9) { ["Time"]=> Int (1405306402) ["Name"]=> String (6) "New Morning" ["url"]=> String (1) "-" ["word"]=> String (1) "-" ["RPage"]=> String ("http://www.baidu.com/test.html") ["Cpage"]=> String (1) "-" ["IP"]=> String (15) "117.151.180.150" ["Ip_city"]=> String (31) "Mobile", Beijing, Beijing, China ["Miao"]=> String (1) "5" } |
http://www.bkjia.com/PHPjc/882699.html www.bkjia.com true http://www.bkjia.com/PHPjc/882699.html techarticle PHP unserialize return False resolution PHP provides serialize (serialization) and Unserialize (deserialization) methods. After using serialize serialization, and then using Unserialize deserialization, you can ...