如何修复被错误字节计数长度损坏的序列化字符串?
如何修复被错误字节计数长度损坏的序列化字符串?
提问于 2012-04-14 18:34:44
我正在使用Hotaru CMS和图片上传插件,如果我尝试将图片附加到帖子上,我会收到这个错误,否则没有错误:
unserialize() function.unserialize:偏移量出错
有问题的代码(错误指向**行):
/**
* Retrieve submission step data
*
* @param $key - empty when setting
* @return bool
*/
public function loadSubmitData($h, $key = '')
{
// delete everything in this table older than 30 minutes:
$this->deleteTempData($h->db);
if (!$key) { return false; }
$cleanKey = preg_replace('/[^a-z0-9]+/','',$key);
if (strcmp($key,$cleanKey) != 0) {
return false;
} else {
$sql = "SELECT tempdata_value FROM " . TABLE_TEMPDATA . " WHERE tempdata_key = %s ORDER BY tempdata_updatedts DESC LIMIT 1";
$submitted_data = $h->db->get_var($h->db->prepare($sql, $key));
**if ($submitted_data) { return unserialize($submitted_data); } else { return false; }**
}
}表中的数据,请注意末尾有图像信息,我不是PHP专家,所以我想知道你们/女孩们会怎么想?
tempdata_value:
a:10:{s:16:"submit_editorial";b:0;s:15:"submit_orig_url";s:13:"www.bbc.co.uk";s:12:"submit_title";s:14:"No title found";s:14:"submit_content";s:12:"dnfsdkfjdfdf";s:15:"submit_category";i:2;s:11:"submit_tags";s:3:"bbc";s:9:"submit_id";b:0;s:16:"submit_subscribe";i:0;s:15:"submit_comments";s:4:"open";s:5:"image";s:19:"C:fakepath100.jpg";}编辑:我想我已经找到了序列化的位...
/**
* Save submission step data
*
* @return bool
*/
public function saveSubmitData($h)
{
// delete everything in this table older than 30 minutes:
$this->deleteTempData($h->db);
$sid = preg_replace('/[^a-z0-9]+/i', '', session_id());
$key = md5(microtime() . $sid . rand());
$sql = "INSERT INTO " . TABLE_TEMPDATA . " (tempdata_key, tempdata_value, tempdata_updateby) VALUES (%s,%s, %d)";
$h->db->query($h->db->prepare($sql, $key, serialize($h->vars['submitted_data']), $h->currentUser->id));
return $key;
}回答 17
Stack Overflow用户
回答已采纳
发布于 2012-04-14 18:48:13
由于长度无效,unserialize() [function.unserialize]: Error at offset应归因于invalid serialization data
快速修复
您可以做的是对序列化数组中的元素进行recalculating the length
您当前的序列化数据
$data = 'a:10:{s:16:"submit_editorial";b:0;s:15:"submit_orig_url";s:13:"www.bbc.co.uk";s:12:"submit_title";s:14:"No title found";s:14:"submit_content";s:12:"dnfsdkfjdfdf";s:15:"submit_category";i:2;s:11:"submit_tags";s:3:"bbc";s:9:"submit_id";b:0;s:16:"submit_subscribe";i:0;s:15:"submit_comments";s:4:"open";s:5:"image";s:19:"C:fakepath100.jpg";}';不重新计算的示例
var_dump(unserialize($data));输出
Notice: unserialize() [function.unserialize]: Error at offset 337 of 338 bytesRecalculating
$data = preg_replace('!s:(\d+):"(.*?)";!e', "'s:'.strlen('$2').':\"$2\";'", $data);
var_dump(unserialize($data));输出
array
'submit_editorial' => boolean false
'submit_orig_url' => string 'www.bbc.co.uk' (length=13)
'submit_title' => string 'No title found' (length=14)
'submit_content' => string 'dnfsdkfjdfdf' (length=12)
'submit_category' => int 2
'submit_tags' => string 'bbc' (length=3)
'submit_id' => boolean false
'submit_subscribe' => int 0
'submit_comments' => string 'open' (length=4)
'image' => string 'C:fakepath100.jpg' (length=17)Recommendation ..我
而不是使用这种快速修复方法。我会建议你用以下方式更新问题
- 如何序列化数据
- 如何保存数据..
================================编辑1个===============================
The Error
由于使用了双引号"而不是单引号',因此生成了该错误,这就是将C:\fakepath\100.png转换为C:fakepath100.jpg的原因
修复错误的
您需要将$h->vars['submitted_data']从(请注意单个相当于' )更改为
替换
$h->vars['submitted_data']['image'] = "C:\fakepath\100.png" ;使用
$h->vars['submitted_data']['image'] = 'C:\fakepath\100.png' ;附加过滤器
您也可以在调用serialize之前添加这个简单的过滤器
function satitize(&$value, $key)
{
$value = addslashes($value);
}
array_walk($h->vars['submitted_data'], "satitize");如果您有UTF字符,您还可以运行
$h->vars['submitted_data'] = array_map("utf8_encode",$h->vars['submitted_data']);如何在未来的序列化数据中检测问题
findSerializeError ( $data1 ) ;输出
Diffrence 9 != 7
-> ORD number 57 != 55
-> Line Number = 315
-> Section Data1 = pen";s:5:"image";s:19:"C:fakepath100.jpg
-> Section Data2 = pen";s:5:"image";s:17:"C:fakepath100.jpg
^------- The Error (Element Length)findSerializeError函数
function findSerializeError($data1) {
echo "<pre>";
$data2 = preg_replace ( '!s:(\d+):"(.*?)";!e', "'s:'.strlen('$2').':\"$2\";'",$data1 );
$max = (strlen ( $data1 ) > strlen ( $data2 )) ? strlen ( $data1 ) : strlen ( $data2 );
echo $data1 . PHP_EOL;
echo $data2 . PHP_EOL;
for($i = 0; $i < $max; $i ++) {
if (@$data1 {$i} !== @$data2 {$i}) {
echo "Diffrence ", @$data1 {$i}, " != ", @$data2 {$i}, PHP_EOL;
echo "\t-> ORD number ", ord ( @$data1 {$i} ), " != ", ord ( @$data2 {$i} ), PHP_EOL;
echo "\t-> Line Number = $i" . PHP_EOL;
$start = ($i - 20);
$start = ($start < 0) ? 0 : $start;
$length = 40;
$point = $max - $i;
if ($point < 20) {
$rlength = 1;
$rpoint = - $point;
} else {
$rpoint = $length - 20;
$rlength = 1;
}
echo "\t-> Section Data1 = ", substr_replace ( substr ( $data1, $start, $length ), "<b style=\"color:green\">{$data1 {$i}}</b>", $rpoint, $rlength ), PHP_EOL;
echo "\t-> Section Data2 = ", substr_replace ( substr ( $data2, $start, $length ), "<b style=\"color:red\">{$data2 {$i}}</b>", $rpoint, $rlength ), PHP_EOL;
}
}
}保存到数据库的更好方法:
$toDatabse = base64_encode(serialize($data)); // Save to database
$fromDatabase = unserialize(base64_decode($data)); //Getting Save Format Stack Overflow用户
发布于 2014-01-28 03:05:02
我没有足够的名气来评论,所以我希望使用上面“正确”答案的人能看到这一点:
从PHP5.5开始,preg_replace()中的/e修饰符已经被完全弃用,上面的preg_match将会出错。php文档建议使用preg_match_callback来代替它。
请找到以下解决方案作为上述提议的preg_match的替代方案。
$fixed_data = preg_replace_callback ( '!s:(\d+):"(.*?)";!', function($match) {
return ($match[1] == strlen($match[2])) ? $match[0] : 's:' . strlen($match[2]) . ':"' . $match[2] . '";';
},$bad_data );Stack Overflow用户
发布于 2013-12-27 16:54:54
unserialize()失败还有另一个原因,因为您没有正确地将序列化的数据放入数据库中,请在这里查看Official Explanation。由于serialize()返回的是二进制数据,而php变量并不关心编码方法,因此将其放入文本中会导致此错误。
解决方案:将序列化数据存储到表中的BLOB中。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/10152904
复制相关文章
相似问题