SitePoint Sponsor

User Tag List

Results 1 to 7 of 7
  1. #1
    SitePoint Enthusiast
    Join Date
    Jun 2007
    Posts
    45
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Cookie serialize issue

    Hi,
    I am starting to implement cookie management system for my application - a calendar and to remember the day, month and the TV post that the user selects.
    When it will come back on the site I will have the TV post and just adjust the date (today).
    I didn’t use cookies so far and I read some articles about how it works and the implementations, and the fact that I will never put the password in a cookie session.

    set_cookie.php
    Code PHP:
    $arr[‘test2’] = ‘val 1;
    $arr[‘test 1] = ‘val 2;
    $value = serialize($arr);
    $expire = time() + 3600;
    setcookie(‘name’,  $value, $expire);

    read_cookie.php
    Code PHP:
    $string = $_COOKIE['name'];
    $arr = array();
    $arr = unserialize($string);
     
    var_dump($arr);
     // bool (false)
     
    $arr = unserialize(stripslashes($string));
    // IT WORKS -

    Why the string that it is serialized it gets to the read_cookie.php with escaped string?

    Thanks !

  2. #2
    Chessplayer kleineme's Avatar
    Join Date
    Apr 2004
    Location
    Germany
    Posts
    608
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    you have magic_quotes_gpc set to ON in your php.ini
    Never ascribe to malice,
    that which can be explained by incompetence.
    Your code should not look unmaintainable, just be that way.

  3. #3
    rajug.replace('Raju Gautam'); bronze trophy Raju Gautam's Avatar
    Join Date
    Oct 2006
    Location
    Kathmandu, Nepal
    Posts
    4,013
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I think this may be the cause. Try out this:

    Code PHP:
    $arr['test2'] = 'val 1';
    $arr['test1'] = 'val 2';
    $value = serialize($arr);
    $expire = time() + 3600;
    setcookie('name',  $value, $expire);

    I think you can see the changes here. But i am not sure whether this solves your problem.
    Mistakes are proof that you are trying.....
    ------------------------------------------------------------------------
    PSD to HTML - SlicingArt.com | Personal Blog | ZCE - PHP 5

  4. #4
    SitePoint Wizard cranial-bore's Avatar
    Join Date
    Jan 2002
    Location
    Australia
    Posts
    2,634
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    From the PHP page on setcookie:
    Consider explode() to set one cookie with multiple names and values. It is not recommended to use serialize() for this purpose, because it can result in security holes.
    mikehealy.com.au
    diigital.com art, design . Latest WorkSaturday Morning

  5. #5
    SitePoint Enthusiast
    Join Date
    Jun 2007
    Posts
    45
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I don’t now haw to use implode, explode, I am very confuse. I use serialize because I need more variables to control the actions on the page, I strong verify all the variables that it comes back from the cookie? It is not enough? Can you explain, please, haw I can use implode?

    Thanks!

  6. #6
    SitePoint Enthusiast
    Join Date
    Jun 2007
    Posts
    45
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    rajug, that is not the case, I notice the '' I have put that by mistake because my English is not very good and I am writing in word and then I copy-paste to the message board, I know that it sounds lousy but it gets the job done.

  7. #7
    SitePoint Enthusiast
    Join Date
    Jun 2007
    Posts
    45
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    kleineme you are right, now is OFF. Thanks.

    rajug thanks!


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •