PHP Serialize Function - Adding serialized data to mysql and then fetch and display

Posted by Abhilash Shukla on Stack Overflow See other posts from Stack Overflow or by Abhilash Shukla
Published on 2012-03-21T05:13:03Z Indexed on 2012/03/21 5:30 UTC
Read the original article Hit count: 308

I want to know whether the PHP serialize function is 100% secure, also if we store serialized data into a database and want to do something after fetching it, will it be a nice way.

For example:- I have a website with different user privileges, now i want to store the permissions settings for a particular privilege to my database (This data i want to store is to be done through php serialize function), now when a user logs in i want to fetch this data and set the privilege for the customer.

Now i am ok to do this thing, what i want to know is, whether it is the best way to do or something more efficient can be done.

Also, i was going through php manual and found this code, can anybody explain me a bit what's happening in this code:- [Specially why base64_encode is used?]

<?php 
mySerialize( $obj ) { 
return base64_encode(gzcompress(serialize($obj))); 
} 

myUnserialize( $txt ) { 
return unserialize(gzuncompress(base64_decode($txt))); 
} 
?>

Also if somebody can provide me their own code to show me to do this thing in the most efficient manner.

Thanks.

© Stack Overflow or respective owner

Related posts about php

Related posts about mysql