Menu
What's the best way to determine whether or not a string is the result of the serialize() function?
https://www.php.net/manual/en/function.serialize
960
String serialization is the process of writing a state of object into a byte stream. In python, the “pickle” library is used for enabling serialization. This module includes a powerful algorithm for serializing and de-serializing a Python object structure.
The serialize() function converts a storable representation of a value. To serialize data means to convert a value to a sequence of bits, so that it can be stored in a file, a memory buffer, or transmitted across a network.
Developers often choose to store specific information in the database like theme options, or settings. Typically this data is serialized in the database so it can be copied or restored easily without compromising the integrity of the information.
I'd say, try to unserialize it ;-)
Quoting the manual :
In case the passed string is not unserializeable, FALSE is returned and E_NOTICE is issued.
So, you have to check if the return value is false or not (with === or !==, to be sure not to have any problem with 0 or null or anything that equals to false, I'd say).
Just beware the notice : you might want/need to use the @ operator.
For instance :
$str = 'hjkl'; $data = @unserialize($str); if ($data !== false) { echo "ok"; } else { echo "not ok"; } Will get you :
not ok
EDIT : Oh, and like @Peter said (thanks to him!), you might run into trouble if you are trying to unserialize the representation of a boolean false :-(
So, checking that your serialized string is not equal to "b:0;" might be helpful too ; something like this should do the trick, I suppose :
$data = @unserialize($str); if ($str === 'b:0;' || $data !== false) { echo "ok"; } else { echo "not ok"; } testing that special case before trying to unserialize would be an optimization -- but probably not that usefull, if you don't often have a false serialized value.
128
From WordPress core functions:
<?php function is_serialized( $data, $strict = true ) { // If it isn't a string, it isn't serialized. if ( ! is_string( $data ) ) { return false; } $data = trim( $data ); if ( 'N;' === $data ) { return true; } if ( strlen( $data ) < 4 ) { return false; } if ( ':' !== $data[1] ) { return false; } if ( $strict ) { $lastc = substr( $data, -1 ); if ( ';' !== $lastc && '}' !== $lastc ) { return false; } } else { $semicolon = strpos( $data, ';' ); $brace = strpos( $data, '}' ); // Either ; or } must exist. if ( false === $semicolon && false === $brace ) { return false; } // But neither must be in the first X characters. if ( false !== $semicolon && $semicolon < 3 ) { return false; } if ( false !== $brace && $brace < 4 ) { return false; } } $token = $data[0]; switch ( $token ) { case 's': if ( $strict ) { if ( '"' !== substr( $data, -2, 1 ) ) { return false; } } elseif ( false === strpos( $data, '"' ) ) { return false; } // Or else fall through. case 'a': case 'O': return (bool) preg_match( "/^{$token}:[0-9]+:/s", $data ); case 'b': case 'i': case 'd': $end = $strict ? '$' : ''; return (bool) preg_match( "/^{$token}:[0-9.E+-]+;$end/", $data ); } return false; } If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
