Home >Backend Development >PHP Tutorial >Questions about unserialize_PHP Tutorial

Questions about unserialize_PHP Tutorial

WBOY
WBOYOriginal
2016-07-13 17:36:33905browse

Special concept. ',
'uid' => 1,
'nickname' => 'Potato Man',
'site' => ”,
'sitetype' => 1,
'starttime' => 1191074174,
'lasttime' => 1191629784,
'totleviews' => 14,
'totleblogs' => 3
);

Since the program automatically determines magic_quotes_gpc and automatically escapes all POST and GET data (under addslashes), the $message[sitename] in the above array becomes a native tribe before entering the database. When the mysql database is saved, the saved content is still the native tribe (don't ask me 'how to enter the mysql library and it becomes'). This is the escaping feature of mysql, and most databases also rely on escaping. ), there is no problem at this time.


The problem arises when this field is found from the database and then unserialized. Since the value of the tribe is not escaped from the database, it will be unserialized. fail.

I thought of several solutions:
First, this array no longer exists in a field, and each key exists independently in a field. If this is excluded, the system is already running, and it is troublesome to change it. explain.
Second, addslashes the serialized array before storing the data in mysql. At this time, the data stored in mysql is the tribe, but the database finds that the data after unserialization is still the tribe, so it needs to be done again. Stripslashes this array one by one.
Third, give up the user experience :), do not allow '/" to appear, and it will be automatically replaced if it exists

www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/508223.htmlTechArticleSpecial concept. ', 'uid' = 1, 'nickname' = 'Potato Man', 'site' = ”, 'sitetype' = 1, 'starttime' = 1191074174, 'lasttime' = 1191629784, 'totleviews'...
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn