Page 1 of 1

Unserialize?

Posted: Fri Jan 23, 2009 12:44 pm
by dragonsmistress
I had someone write a script for my website and he used serialize and unserialize to get file contents. What I want to do is allow the user to pull up their "scrollname" and info in the database. This is the script that I used:
<?php
if(isset($_POST['submit'])){
if(isset($_GET['go'])){
if(preg_match("/^[ a-zA-Z]+/", $_POST['name'])){
$name=$_POST['name'];
//connect to the database
$db=mysql_connect ("localhost", "user_name", "user_password") or die ('I cannot connect to the database because: ' . mysql_error());
//-select the database to use
$mydb=mysql_select_db("hdragons_newsite");
//-query the database table
$sql="SELECT id, scrollname, eggs, hatchlings, icu FROM scrolls WHERE scrollname LIKE '%" . $name . "%'";
//-run the query against the mysql query function
$result=mysql_query($sql);
//-create while loop and loop through result set
while($row=mysql_fetch_array($result)){
$scrollname =$row['scrollname'];
$eggs =$row['eggs'];
$hatchlings =$row['hatchlings'];
$icu =$row['icu'];
$id=$row['id'];

//-display the result of the array
echo $scrollname . "<br>\n";
echo $eggs . "<br>\n";
echo $hatchlings . "<br>\n";
echo $icu . "<br>\n";
}
}
else{
echo "<p>Please enter a search query</p>";
}
}
}
?>
And it pulls this from the database...
dragonsmistress
a:4:{i:0;s:4:"DXFP";i:1;s:4:"IpZb";i:2;s:4:"5ygz";i:3;s:4:"bq4k";}
a:1:{i:0;s:4:"wPOE";}
a:0:{}

I need to know how to make those 4 digit codes ie: DXFP, IpZb, 5ygz, bq4k, and wPOE come up as images.
The address form the images is http://dragcave.net/image/"4 digit code here"

Re: Unserialize?

Posted: Fri Jan 23, 2009 2:26 pm
by dragonsmistress
Ok I think I'm getting somewhere but still not getting the correct output. I changed the code to this
<?php
if(isset($_POST['submit'])){
if(isset($_GET['go'])){
if(preg_match("/^[ a-zA-Z]+/", $_POST['name'])){
$name=$_POST['name'];
//connect to the database
$db=mysql_connect ("localhost", "user_name", "user_password") or die ('I cannot connect to the database because: ' . mysql_error());
//-select the database to use
$mydb=mysql_select_db("hdragons_newsite");
//-query the database table
$sql="SELECT id, scrollname, eggs, hatchlings, icu FROM scrolls WHERE scrollname LIKE '%" . $name . "%'";
//-run the query against the mysql query function
$result=mysql_query($sql);
//-create while loop and loop through result set
while($row=mysql_fetch_array($result)){
$scrollname =$row['scrollname'];
$eggs =$row['eggs'];
$hatchlings =$row['hatchlings'];
$icu =$row['icu'];
$id=$row['id'];

$arr = unserialize(urldecode($hatchlings));
var_dump($arr);

//-display the result of the array
echo $scrollname . "<br>\n";
echo $eggs . "<br>\n";
echo $array[0] = "<img src=\"http://dragcave.net/image/" .unserialize(urldecode($hatchlings)). ">\n";
echo $array[1] = "<img src=\"http://dragcave.net/image/" .unserialize(urldecode($hatchlings)). ">\n";
echo $array[2] = "<img src=\"http://dragcave.net/image/" .unserialize(urldecode($hatchlings)). ">\n";
echo $array[3] = "<img src=\"http://dragcave.net/image/" .unserialize(urldecode($hatchlings)). ">\n";
echo $array[4] = "<img src=\"http://dragcave.net/image/" .unserialize(urldecode($hatchlings)). ">\n";
echo $array[5] = "<img src=\"http://dragcave.net/image/" .unserialize(urldecode($hatchlings)). ">\n";
echo $icu . "<br>\n";
}
}
else{
echo "<p>Please enter a search query</p>";
}
}
}
?>
And now i'm getting this
array(3) {
[0]=>
string(4) "dmLk"
[1]=>
string(4) "eHlJ"
[2]=>
string(4) "wPOE"
}
dragonsmistress<br>
a:0:{}<br>
<img src="http://dragcave.net/image/Array>
<img src="http://dragcave.net/image/Array>
<img src="http://dragcave.net/image/Array>
<img src="http://dragcave.net/image/Array>
<img src="http://dragcave.net/image/Array>
<img src="http://dragcave.net/image/Array>
a:0:{}<br>

Re: Unserialize?

Posted: Fri Jan 23, 2009 2:36 pm
by Mark Baker
Recommend that you blat out your database connection details from your post, unless you want every reader of these forums to know your password

Re: Unserialize?

Posted: Fri Jan 23, 2009 2:41 pm
by dragonsmistress
Mark Baker wrote:Recommend that you blat out your database connection details from your post, unless you want every reader of these forums to know your password
I edited it (: Thanks!!

Re: Unserialize?

Posted: Fri Jan 23, 2009 3:56 pm
by dragonsmistress
I'm soooo proud of myself (: I at least got it working. Here is what I have.....
<?php
if(isset($_POST['submit'])){
if(isset($_GET['go'])){
if(preg_match("/^[ a-zA-Z]+/", $_POST['name'])){
$name=$_POST['name'];
//connect to the database
$db=mysql_connect ("localhost", "username", "pw") or die ('I cannot connect to the database because: ' . mysql_error());
//-select the database to use
$mydb=mysql_select_db("database");
//-query the database table
$sql="SELECT scrollname, hatchlings FROM scrolls WHERE scrollname LIKE '%" . $name . "%'";
//-run the query against the mysql query function
$result=mysql_query($sql);
//-create while loop and loop through result set
while($row=mysql_fetch_array($result)){
$scrollname =$row['scrollname'];
$hatchlings =$row['hatchlings'];



$arr = unserialize(urldecode($hatchlings));
var_dump($arr);

//-display the result of the array
echo $scrollname . "<br>";
echo "<img src=\"http://dragcave.net/image/$arr[0]\">";
echo "<img src=\"http://dragcave.net/image/$arr[1]\">";
echo "<img src=\"http://dragcave.net/image/$arr[2]\">";
echo "<img src=\"http://dragcave.net/image/$arr[3]\">";
echo "<img src=\"http://dragcave.net/image/$arr[4]\"><br>";

}
}
else{
echo "<p>Please enter a search query</p>";
}
}
}
?>
Only thing now is how do I get it to not show a broken image if there aren't 5 arrays?

Re: Unserialize?

Posted: Fri Jan 23, 2009 4:15 pm
by requinix
You familiar with foreach?

Re: Unserialize?

Posted: Fri Jan 23, 2009 4:20 pm
by dragonsmistress
Yes I am but I just did this:
if ($arr[0] == true)
echo "<img src=\"http://dragcave.net/image/$arr[0]\">";

if ($arr[1] == true)
echo "<img src=\"http://dragcave.net/image/$arr[1]\">";

if ($arr[2] == true)
echo "<img src=\"http://dragcave.net/image/$arr[2]\">";

if ($arr[3] == true)
echo "<img src=\"http://dragcave.net/image/$arr[3]\">";

if ($arr[4] == true)
echo "<img src=\"http://dragcave.net/image/$arr[4]\"><br>";
that seemed to do the trick. But before each array it's showing this:
array(4) { [0]=> string(4) "vCBe" [1]=> string(4) "hVza" [2]=> string(4) "zsNr" [3]=> string(4) "YwJV" }
How can I get that not to show?

Re: Unserialize?

Posted: Fri Jan 23, 2009 4:39 pm
by requinix
Tried removing the var_dump yet?

Anyway, foreach saves you from writing a bunch of if statments.

Code: Select all

foreach ($arr as $img)
echo "<img src=\"http://dragcave.net/image/$img\">";

Re: Unserialize?

Posted: Fri Jan 23, 2009 4:44 pm
by dragonsmistress
LOL.... did that right before you posted!! Thanks so much for your help and the time saver (: