Explaining Serialization

[TomTees]

Would someone please explain what serialization is?

I read up on it online, but still don't really understand it.

And related to wanting a generic definition, what would this code do exactly??

Code:

$shoppingList = unserialize($session['purchases']);

TomTees

[Immerse]

Serializing is the conversion of any PHP variable to a string representation of that variable.
Such strings can be stored in a database, session etc.

Let's take a array as an example:

Code:

array (
  'key1' => 'value1',
  'key2' => 'value2',
)

A serialized version of that array might look like:

Code:

a:2:{s:4:"key1";s:6:"value1";s:4:"key2";s:6:"value2";}

You don't really need to be able to read this, but know that it can be stored.

unserializing that string would give us:

Code:

array (
  'key1' => 'value1',
  'key2' => 'value2',
)

Your example: it shows an application that has stored a serialized version of a shopping cart in the session (and then retrieved it and unserialized it). Which is kinda silly, as you can store unserialized data in $_SESSION as well.

[AnthonySterling]

Check out Wikipedia...

In computer science, in the context of data storage and transmission, serialization is the process of converting a data structure or object into a sequence of bits so that it can be stored in a file or memory buffer, or transmitted across a network connection link to be "resurrected" later in the same or another computer environment

Or the PHP Manual for a more focused explanation.

Generates a storable representation of a value. This is useful for storing or passing PHP values around without losing their type and structure.

So, applying this to PHP...

PHP Code:

<?php
error_reporting(-1);
ini_set('display_errors', true);

$array = array(
  'user'  => 'AnthonySterling',
  'fname' => 'Anthony',
  'lname' => 'Sterling',
  'age'   => 30
);

/*
  Let's serialize it, convert it into a structured string.
*/
$serialized_array = serialize($array);

echo $serialized_array;
/*
  a:4:{s:4:"user";s:15:"AnthonySterling";s:5:"fname";s:7:"Anthony";s:5:"lname";s:8:"Sterling";s:3:"age";i:30;}
*/

/*
  Let's unserialize the string, back to an array
*/
$array = unserialize($serialized_array);
?>

[TomTees]

Serializing is the conversion of any PHP variable to a string representation of that variable.

And why do you need to do that?

Such strings can be stored in a database, session etc.

Why can't unserialized data be stored in a database, session, etc?

Your example: it shows an application that has stored a serialized version of a shopping cart in the session (and then retrieved it and unserialized it). Which is kinda silly, as you can store unserialized data in $_SESSION as well.

Not my example!


TomTees

[TomTees]

Quote:
In computer science, in the context of data storage and transmission, serialization is the process of converting a data structure or object into a sequence of bits so that it can be stored in a file or memory buffer, or transmitted across a network connection link to be "resurrected" later in the same or another computer environment

Why would you have to convert data to binary to store it in a file?

And why would data need to be converted into binary to transmit it?

When you submit an HTML form using GET, you send data as a long text string over the Internet, right? (And you don't need to convert it to binary first?!)


TomTees

[sk89q]

When you submit an HTML form using GET, you send data as a long text string over the Internet, right? (And you don't need to convert it to binary first?!)

When you do that, you lose the original data types. Say the input box required a number -- now you receive it as a string. If you have a date field, then that's even more work to convert back.

Serialization handles types and so you can easily restore everything back. I assume you've used PHP sessions before -- it stores those to disk usually. Wouldn't it be annoying if you manually had to convert numbers back to numbers and arrays back to arrays every time?

[AnthonySterling]

Why would you have to convert data to binary to store it in a file?

You're not converting it to binary, you're serializing it. Essentially, transforming it into a transportable structure. In this case, a simple string.

And why would data need to be converted into binary to transmit it?

Who's transmitting stuff?

When you submit an HTML form using GET, you send data as a long text string over the Internet, right? (And you don't need to convert it to binary first?!)

Your browser performs this transformation for you, it serialises the form data and sends it to the server in the HTTP request. PHP then unserializes this and makes it available in the GET and POST superglobals.

[TomTees]

When you do that, you lose the original data types. Say the input box required a number -- now you receive it as a string. If you have a date field, then that's even more work to convert back.

Serialization handles types and so you can easily restore everything back. I assume you've used PHP sessions before -- it stores those to disk usually. Wouldn't it be annoying if you manually had to convert numbers back to numbers and arrays back to arrays every time?

I'm a newbie, so, no, I haven't worked with much of anything yet!


TomTees

[TomTees]

You're not converting it to binary, you're serializing it. Essentially, transforming it into a transportable structure. In this case, a simple string.

Sending it with a "decoder ring" like in my breakfast cereal?!

Who's transmitting stuff?

The example said, "And when sending data over the network..."

Your browser performs this transformation for you, it serialises the form data and sends it to the server in the HTTP request. PHP then unserializes this and makes it available in the GET and POST superglobals.

So when you submit data in an HTML form to the PHP server, you don't need to "serialize"/"unserialize" anything manually?



TomTees

[AnthonySterling]

Whilst not the best example, sadly, maybe this and this from the manual will help you with handling form data.