PHP Serialize Function - Adding serialized data to mysql and then fetch and display
Posted
by
Abhilash Shukla
on Stack Overflow
See other posts from Stack Overflow
or by Abhilash Shukla
Published on 2012-03-21T05:13:03Z
Indexed on
2012/03/21
5:30 UTC
Read the original article
Hit count: 308
I want to know whether the PHP serialize function is 100% secure, also if we store serialized data into a database and want to do something after fetching it, will it be a nice way.
For example:- I have a website with different user privileges, now i want to store the permissions settings for a particular privilege to my database (This data i want to store is to be done through php serialize function), now when a user logs in i want to fetch this data and set the privilege for the customer.
Now i am ok to do this thing, what i want to know is, whether it is the best way to do or something more efficient can be done.
Also, i was going through php manual and found this code, can anybody explain me a bit what's happening in this code:- [Specially why base64_encode is used?]
<?php
mySerialize( $obj ) {
return base64_encode(gzcompress(serialize($obj)));
}
myUnserialize( $txt ) {
return unserialize(gzuncompress(base64_decode($txt)));
}
?>
Also if somebody can provide me their own code to show me to do this thing in the most efficient manner.
Thanks.
© Stack Overflow or respective owner