Page 1 of 1
how to send a serialized object via post in a form?
Posted: Tue Aug 17, 2004 2:35 pm
by jasongr
Hello
I would like to serialize an object of one of my custom classes and send it (as a serialized string) to another page and then to deserialize it and reuse the object.
I am using the serialize() function to generate a string representation of the object.
The problem is that I am having a problem deserializing it back.
It seems as if the format of the string was modified when send it via post.
Do I need to take care of some special characters that might appear in the serialized string? if so what transformation should I run the string through before sending it via a post form?
regards
Jason
Posted: Tue Aug 17, 2004 2:52 pm
by Draco_03
Quote from
php.net
The cookie mechanism for the webserver adds the slashes automatically. instead of just dumping strings into the cookie, make sure you base64_encode them first - to protect the cookie's content from escape characters.
Of course, this means that when retrieving the cookie, you'll need to base64_decode the string.
Posted: Tue Aug 17, 2004 2:56 pm
by jasongr
what cookie are you refering to?
I am talking about sending the serialized object as part of a POST form.
I would like generate the following form:
Code: Select all
<form name="name" target="_blank" method="POST" action="page.php">
<input type="submit" value="Click here">
<input type="hidden" name="object" value='<?php print $serializedObject; ?>'>
</form>
when the user will click the button, the form will send to page.php where I will unserialize the content of the $_POST['object'] variable
Posted: Tue Aug 17, 2004 3:48 pm
by feyd
use sessions to pass the object.
Posted: Tue Aug 17, 2004 8:26 pm
by protokol
If you want to send the object via post, then [php_man]serialize[/php_man] it. This will make a string version of the object. Then when you want to use it on the page you POST to, just [php_man]unserialize[/php_man] it.
If you want to use a [php_man]session[/php_man] then just assign the object to a session variable. This will automagically take care of serialization and unserialization on each page you use it.
Posted: Tue Aug 17, 2004 8:31 pm
by feyd
and with sessions, they don't have an easy time modifying anything they want in your internal objects..
Posted: Wed Aug 18, 2004 1:17 am
by jasongr
The problem is that I cannot use sessions.
My application must be cluster safe so I am not using sessions at all
I will use base64_encode to encode the serialized string before passing it to the form and base64_decode to decode it back before unserializing it.
could there be a chance that the object will not be unserialized correctly?
Posted: Wed Aug 18, 2004 1:44 am
by protokol
Nah, just make sure that you unserialize and decode in the opposite order that you serialize and encode.
Code: Select all
$o = new Object();
$s = serialize($o);
$e = base64_encode($s);
// blah blah
$d = base64_decode($e);
$u = unserialize($d);
Posted: Wed Aug 18, 2004 2:50 am
by jasongr
Yes, that did the trick