|
Posted by Marek Kilimajer on 10/07/42 11:13
Dasmeet Singh wrote:
> Hi!
> I am trying to unserialize a serialized array stored in cookie...
>
> I am using following code :
>
> echo("Welcome to Members Area<br>");
> echo("<br>$login<br>");
> $m_l_d=unserialize($login);
> echo $m_l_d;
> echo("$m_l_d[0], $m_l_d[1], $m_l_d[2]");
>
> However the output is:
>
> Welcome to Members Area
>
> a:4:{i:0;s:1:\"h\";i:1;s:1:\"2\";i:2;s:1:\"1\";i:3;s:1:\"g\";}
> , ,
>
> that means $login exists and it echos properly..
> but why isnt it unserializing?
>
magic_quotes_gpc is on, so the cookie is quoted. Use first:
$login = (ini_get('magic_quotes_gpc') ? stripslashes($_COOKIE['login'])
: $_COOKIE['login']);
then unserialize.
!!!WARNING!!!
array elements in $m_l_d are NOT quoted, don't use them directly in sql
queries, validate them first
Navigation:
[Reply to this message]
|