Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5
  1. #1
    Regular Coder
    Join Date
    Dec 2006
    Location
    In the wilderness
    Posts
    106
    Thanks
    9
    Thanked 5 Times in 5 Posts

    Question Unserailizing cookies values?

    Hi, I am trying to learn a bit about cookies and sessions and at the moment how to store array values into a cookie using serialize. I have a simple form (nothing fancy) where im serializing the $_POST values and putting them into the setcookie value. This works ok, the cookie gets written, however when I try to retrieve the cookie information by unserializing it on the next page. I get the following message:

    Code:
    Notice: unserialize() [function.unserialize]: Error at offset 9 of 60 bytes in C:\Program Files\xampp\htdocs\sites\testsite\checksession.php on line 24
    string(60) "a:3:{i:0;s:8:\"karlosio\";i:1;s:6:\"123456\";i:2;s:1:\"1\";}"
    Here is my code:

    Page 1 (with form):

    PHP Code:
    <?php
    session_start
    ();
    if(isset(
    $_POST['submit']))
    {
        
    $username $_POST['username'];
        
    $password $_POST['password'];
        
    $remember $_POST['rem'];
        
        if(
    $remember == 1)
        {
            
    $arr[] = $username;
            
    $arr[] = $password;
            
    $arr[] = $remember;
            
    $s serialize($arr);
            
    setcookie("Mysite"$stime() + 86400);
        }
        
        
    $_SESSION['username'] = $username;
        
    $_SESSION['password'] = $password;
        
    header("Location: checksession.php");
    }
    ?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>Untitled Document</title>
    </head>

    <body>
    <?php
    if(isset($_GET['do']) && $_GET['do'] == "loggedout")
    {
        echo 
    "<p>You have logged out.</p>";
    }
    ?>
    <form action="" method="post">
    Username:<input type="text" name="username" /><br />
    Password:<input type="password" name="password" /><br />
    Remember Me:<input type="checkbox" name="rem" value="1" />
    <input type="submit" name="submit" value="Login" />
    </form>
    </body>
    </html>
    Page 2:

    PHP Code:
    <?php
    session_start
    ();
    if(isset(
    $_GET['do']) && $_GET['do'] == "logout")
    {
        
    setcookie("Mysite"''time() - 86400);
        
    $_SESSION = array();
        
    session_destroy();
        
    header("Location: cookies_sessions.php?do=loggedout");
    }
    ?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>Untitled Document</title>
    </head>

    <body>
    <?php
    if(isset($_SESSION['username']) && isset($_COOKIE['Mysite']))
    {
        echo 
    "<p>Welcome " $_SESSION['username'] . " Your password is " $_SESSION['password'] . "</p>";
        
    unserialize($_COOKIE['Mysite']);
        
    var_dump($_COOKIE['Mysite']);
    ?>
    <a href="checksession.php?do=logout">Logout</a>
    <?php
    } else {
    ?>
    Welcome Guest
    <?php
    }
    ?>
    </body>
    </html>
    "The advantage of computers is that they do exactly what you tell them to do. The disadvantage of computers, on the other hand, is that they do exactly what you tell them to do."

    Excellent resource for learning PHP here

  • #2
    Senior Coder CFMaBiSmAd's Avatar
    Join Date
    Oct 2006
    Location
    Denver, Colorado USA
    Posts
    3,108
    Thanks
    2
    Thanked 326 Times in 318 Posts
    magic_quotes_gpc appears to be on and is escaping the special characters in the incoming cookie data. If magic_quotes_gpc is on, use stripslashes() on the data first.
    If you are learning PHP, developing PHP code, or debugging PHP code, do yourself a favor and check your web server log for errors and/or turn on full PHP error reporting in php.ini or in a .htaccess file to get PHP to help you.

  • #3
    Regular Coder
    Join Date
    Dec 2006
    Location
    In the wilderness
    Posts
    106
    Thanks
    9
    Thanked 5 Times in 5 Posts
    I've tried stripslashes on it but to no effect, I still get the same message.

    PHP Code:
    if(get_magic_quotes_gpc())
        {
            
    stripslashes($_COOKIE['Mysite']);
        }
        
    unserialize($_COOKIE['Mysite']);
        
    var_dump($_COOKIE['Mysite']); 
    "The advantage of computers is that they do exactly what you tell them to do. The disadvantage of computers, on the other hand, is that they do exactly what you tell them to do."

    Excellent resource for learning PHP here

  • #4
    Senior Coder CFMaBiSmAd's Avatar
    Join Date
    Oct 2006
    Location
    Denver, Colorado USA
    Posts
    3,108
    Thanks
    2
    Thanked 326 Times in 318 Posts
    Both stripslashes and unserialize return the result of their operation -

    PHP Code:
    if(get_magic_quotes_gpc())
        {
            
    $_COOKIE['Mysite'] = stripslashes($_COOKIE['Mysite']);
        }
        
    $your_array unserialize($_COOKIE['Mysite']);
        
    var_dump($your_array); 
    If you are learning PHP, developing PHP code, or debugging PHP code, do yourself a favor and check your web server log for errors and/or turn on full PHP error reporting in php.ini or in a .htaccess file to get PHP to help you.

  • Users who have thanked CFMaBiSmAd for this post:

    karlosio (10-22-2009)

  • #5
    Regular Coder
    Join Date
    Dec 2006
    Location
    In the wilderness
    Posts
    106
    Thanks
    9
    Thanked 5 Times in 5 Posts
    Quote Originally Posted by CFMaBiSmAd View Post
    Both stripslashes and unserialize return the result of their operation -

    PHP Code:
    if(get_magic_quotes_gpc())
        {
            
    $_COOKIE['Mysite'] = stripslashes($_COOKIE['Mysite']);
        }
        
    $your_array unserialize($_COOKIE['Mysite']);
        
    var_dump($your_array); 
    I see, never thought of that (something so simple). Thanks a lot
    "The advantage of computers is that they do exactly what you tell them to do. The disadvantage of computers, on the other hand, is that they do exactly what you tell them to do."

    Excellent resource for learning PHP here


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •