Page 1 of 1

Fail store object in cookie

Posted: Mon May 31, 2010 10:55 am
by saxontse
Hi all, I have a question about object that stored in cookie. The following is the example that I want to do:

a.php

Code: Select all

<?
class a
{ public $a;
    function __construct($a)
    { $this->a=$a;
    }
}
$A=new a("kk");
setcookie("A",serialize($A));
?>
b.php

Code: Select all

<?
class a
{ public $a;
    function __construct($a)
    { $this->a=$a;
    }
}
$A=unserialize($_COOKIE['A']);
echo $A->a;
?>
I want to stored a object in cookie in a.php, and show the object in b.php. It is success when I done in my PC, but when I upload to web hosting, it fail. Can anyone help me? Is that any problem(s) that I write? And can anyone tell me how to fix it? Thank you very much!!

Re: Fail store object in cookie

Posted: Mon May 31, 2010 11:03 am
by Weirdan
Hi all, I have a question about object that stored in cookie.
Running unserialize on user-supplied data is bad idea. See http://www.sektioneins.com/de/advisorie ... index.html for example.