Page 2 of 2

Posted: Tue Sep 18, 2007 7:02 pm
by maliskoleather
volka wrote:You mean you made up a fairy tale string?
no. I did a var_dump on the wrong result at first. then i noticed the string wasnt the same, and re-copied it. when i copied the new one, i just copied the second half of the string.

what i gave you is exactly what is getting passed to unserialize.

Posted: Tue Sep 18, 2007 7:06 pm
by volka
Which version of php do you use?

Posted: Tue Sep 18, 2007 7:08 pm
by maliskoleather
5.1.6 as CLI

Posted: Tue Sep 18, 2007 7:12 pm
by volka

Code: Select all

<?php
error_reporting(E_ALL);
ini_set('display_errors', true);

echo phpversion();
$s = 'a:3:{s:1:"1";s:4:"OPEN";s:2:"24";s:4:"OPEN";s:1:"9";s:4:"OPEN"}';
$a = unserialize($s);
5.1.6
Notice: unserialize(): Error at offset 64 of 63 bytes in [...]

Posted: Tue Sep 18, 2007 7:31 pm
by maliskoleather
fixed that. there was a javascript error that wasnt adding the last semicolon.

however, it doesnt seem to have fixed the issue.

most recent var_dump on $string is
string(64) "a:3:{s:1:"1";s:4:"OPEN";s:2:"24";s:4:"OPEN";s:1:"9";s:4:"OPEN";}"
i can only seem to re-create this issue on multiple pages, using $_SESSION. if i do a mockup page, it works just fine. :?

Posted: Tue Sep 18, 2007 7:41 pm
by volka

Code: Select all

$a = array('1234567'=>'xyz');
echo serialize($a);
a:1:{i:1234567;s:3:"xyz";}
Although I passed a string as index it is stored as integer.

Code: Select all

$s = 'a:3:{i:1;s:4:"OPEN";i:24;s:4:"OPEN";i:9;s:4:"OPEN";}';
$a = unserialize($s);
var_dump($a);
echo $a['1'];
array(3) {
[1]=>
string(4) "OPEN"
[24]=>
string(4) "OPEN"
[9]=>
string(4) "OPEN"
}
OPEN
Don't ask me why...

Posted: Tue Sep 18, 2007 7:49 pm
by maliskoleather
i guess they do an intval type thing on it to allow for calling non-associative type arrays by the offset...

Posted: Tue Sep 18, 2007 8:10 pm
by volka
Yes. There's code in zend_hash.h taking care of that.

Code: Select all

#define HANDLE_NUMERIC(key, length, func) {												\
	register char *tmp=key;																\
																						\
	if (*tmp=='-') {																	\
		tmp++;																			\
	}																					\
	if ((*tmp>='0' && *tmp<='9')) do { /* possibly a numeric index */					\
		char *end=key+length-1;															\
		long idx;																		\
																						\
		if (*tmp++=='0' && length>2) { /* don't accept numbers with leading zeros */	\
			break;																		\
		}																				\
		while (tmp<end) {																\
			if (!(*tmp>='0' && *tmp<='9')) {											\
				break;																	\
			}																			\
			tmp++;																		\
		}																				\
		if (tmp==end && *tmp=='\0') { /* a numeric index */	
[...]
Your javascript code has to take care of that, too.
a suitable regular expression could be something like ^-?[1-9][0-9]*$


btw: You might also be interested in http://de2.php.net/json