mysql and serialized php objects?Q

**Pedro Graca** · Jul 17 '05, 04:04 AM

Re: mysql and serialized php objects?Q

PeterF wrote:[color=blue]
> following problem: I use a mysql query string like
>
> $arg= " insert into ".$sometabl e;
> $arg.=" (id, col1) ";
> $arg.="values ( '$this->id', '$data' ) ";
> ^^^^^
> $data is a product of serialize($some _object)[/color]

Well, addslashes() to it, or mysql_escape_st ring() it

$data = addslashes($dat a);

/* OR */

$data = mysql_escape_st ring($data);

before building the sql query string.
--
--= my mail box only accepts =--
--= Content-Type: text/plain =--
--= Size below 10001 bytes =--

**Jochen Daum** · Jul 17 '05, 04:05 AM

Re: mysql and serialized php objects?Q

Hi Peter,

On Tue, 9 Mar 2004 17:57:18 +0100, "PeterF"
<NOSPAM_!!!_inf o@pf-webservices.de> wrote:
[color=blue]
>Hello,
>
>following problem: I use a mysql query string like
>
>$arg= " insert into ".$sometabl e;
>$arg.=" (id, col1) ";
>$arg.="value s ( '$this->id', '$data' ) ";
> ^^^^^^
> $data is a product of
>serialize($som e_object)[/color]

Try using mysql_escape_st ring() on the insert only. Also check out
get_magic_quote s_runtime() and stripslashes()

HTH, Jochen
[color=blue]
>
>The serialization has many different symbols and I experience problems from
>MySQL.
>I have tried to use just another string or the base64-variant of my
>serialized object and it works!
>
>So, is there some more elegant way of saving objects as strings than
>encoding them after serialization
>as base64?
>
>thanks
>-- Peter
>
>
>[/color]

--
Jochen Daum - Cabletalk Group Ltd.
PHP DB Edit Toolkit -- PHP scripts for building
database editing interfaces.

PHP DB Edit Toolkit

http://sourceforge.net/projects/phpdbedittk/

Download PHP DB Edit Toolkit for free. PHP DB Edit Toolkit is a set of PHP classes makes the generation of database edit interfaces easier and faster. The main class builds tabular and form views based on a data dictionary and takes over handling of insert/update/delete and user input.

**Andy Hassall** · Jul 17 '05, 04:05 AM

Re: mysql and serialized php objects?Q

On Tue, 9 Mar 2004 17:57:18 +0100, "PeterF" <NOSPAM_!!!_inf o@pf-webservices.de>
wrote:
[color=blue]
>following problem: I use a mysql query string like
>
>$arg= " insert into ".$sometabl e;
>$arg.=" (id, col1) ";
>$arg.="value s ( '$this->id', '$data' ) ";
> ^^^^^^
> $data is a product of
>serialize($som e_object)
>
>The serialization has many different symbols and I experience problems from
>MySQL.[/color]

What SORT of problems?

Errors? Which ones? What messages?
Corruption? How could you tell? What did you try?
Explosions? What colour was the smoke?
[color=blue]
>I have tried to use just another string or the base64-variant of my
>serialized object and it works!
>
>So, is there some more elegant way of saving objects as strings than
>encoding them after serialization
>as base64?[/color]

Some would say that saving it in a schema that itself represents the
attributes of the object is more elegant, rather than serialising and storing
in an unstructured column.

What column type are you using, anyway?

--
Andy Hassall <andy@andyh.co. uk> / Space: disk usage analysis tool
<http://www.andyh.co.uk > / <http://www.andyhsoftwa re.co.uk/space>

mysql and serialized php objects?Q

mysql and serialized php objects?Q

Comment

Comment

Comment