PHP 在偏移处反序列化错误,适用于某些服务器,而不适用于其他服务器
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/4149030/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
PHP unserialize error at offset, works on some servers, not others
提问by Sam Newnam
I have code that works on a handful of servers, but not others which is coming up with serialised data. I call a page like this:
我的代码可以在少数服务器上运行,但不能在其他提供序列化数据的服务器上运行。我这样称呼一个页面:
http://domain/index.php/sales/Drilldowns?params=a:12:{s:13:"selectionType";s:8:"facility";s:8:"dateType";s:5:"daily";s:10:"dateOption";s:9:"drilldown";s:6:"metric";s:13:"bookingAmount";s:9:"companyFK";s:2:"11";s:10:"facilityFK";s:0:"";s:7:"classFK";s:0:"";s:15:"customDateStart";s:4:"null";s:7:"newDate";s:10:"2010-11-01";s:10:"metricName";s:10:"Bookings%20$";s:16:"currentDateRange";s:10:"11/01/2010";s:23:"currentMetricNavigation";s:8:"DELDELTE";}&getExcel=0
This is the code I'm using:
这是我正在使用的代码:
protected function getRequestVariables(){
if(isset($_REQUEST['params'])){
var_dump($_REQUEST['params']);
echo 'length:'.strlen($_REQUEST['params']);
$vars = unserialize($_REQUEST['params']);
var_dump($vars);
} else {
$vars = $_REQUEST;
// unset saved drilldown options
$this->ci->session->svar_set('postVars', null);
}
This is a var_dumpoutput:
这是一个var_dump输出:
string(447) "a:12:{s:13:\"selectionType\";s:8:\"facility\";s:8:\"dateType\";s:5:\"daily\";s:10:\"dateOption\";s:9:\"drilldown\";s:6:\"metric\";s:13:\"bookingAmount\";s:9:\"companyFK\";s:2:\"11\";s:10:\"facilityFK\";s:0:\"\";s:7:\"classFK\";s:0:\"\";s:15:\"customDateStart\";s:4:\"null\";s:7:\"newDate\";s:10:\"2010-11-01\";s:10:\"metricName\";s:10:\"Bookings $\";s:16:\"currentDateRange\";s:10:\"11/01/2010\";s:23:\"currentMetricNavigation\";s:8:\"DELDELTE\";}"
When that gets processed I get the following error:
当它被处理时,我收到以下错误:
A PHP Error was encountered
Severity: Notice Message: unserialize() [function.unserialize]: Error at offset 6 of 447 bytes
Filename: plugins/Drilldowns.php
Line Number: 93
遇到 PHP 错误
严重性:通知消息:unserialize() [function.unserialize]:在 447 字节的偏移量 6 处出错
文件名:plugins/Drilldowns.php
行号:93
I'm trying this on 5.2.13 - works on some Linux, some OS X, not others. Have checked php.ini, charset (I think) - I can't figure it out for the life of me. I've tried things as simple as
我正在 5.2.13 上尝试这个 - 在一些 Linux、一些 OS X 上工作,而不是在其他人上。检查过 php.ini、字符集(我认为) - 我一辈子都搞不清楚。我已经尝试过简单的事情
string(18) "a:1:{s:3:\"sam\";}" length:18
and it still errors. Any clue as to why?
它仍然错误。关于为什么的任何线索?
回答by Pekka
It's the backslashes in front of the quotes: \"
这是引号前面的反斜杠: \"
When you remove them, it works.
当您删除它们时,它会起作用。
var_dump(unserialize('a:12:{s:13:"selectionType";s:8:"facility";s:8:"dateType";s:5:"daily";s:10:"dateOption";s:9:"drilldown";s:6:"metric";s:13:"bookingAmount";s:9:"companyFK";s:2:"11";s:10:"facilityFK";s:0:"";s:7:"classFK";s:0:"";s:15:"customDateStart";s:4:"null";s:7:"newDate";s:10:"2010-11-01";s:10:"metricName";s:10:"Bookings $";s:16:"currentDateRange";s:10:"11/01/2010";s:23:"currentMetricNavigation";s:8:"DELDELTE";}"'));
The servers this works on, probably have magic quotesturned on.
这个工作的服务器,可能打开了魔术引号。
回答by the_wizard
I had this problem and it took me a while to solve it. I just couldn't find any good solution but this is what I did to solve my situation:
我遇到了这个问题,我花了一段时间才解决它。我只是找不到任何好的解决方案,但这就是我为解决我的情况所做的:
base64_encode(serialize($User)); // make sure to encode the serialized object
unserialize(base64_decode($User)); // decode it before unserializing
