Posted by Dasmeet Singh on 10/03/12 11:13

Marek Kilimajer wrote:

> Dasmeet Singh wrote:
>
>> Hi!
>> I am trying to unserialize a serialized array stored in cookie...
>>
>> I am using following code :
>>
>> echo("Welcome to Members Area<br>");
>> echo("<br>$login<br>");
>> $m_l_d=unserialize($login);
>> echo $m_l_d;
>> echo("$m_l_d[0], $m_l_d[1], $m_l_d[2]");
>>
>> However the output is:
>>
>> Welcome to Members Area
>>
>> a:4:{i:0;s:1:\"h\";i:1;s:1:\"2\";i:2;s:1:\"1\";i:3;s:1:\"g\";}
>> , ,
>>
>> that means $login exists and it echos properly..
>> but why isnt it unserializing?
>>
>
> magic_quotes_gpc is on, so the cookie is quoted. Use first:
>
> $login = (ini_get('magic_quotes_gpc') ? stripslashes($_COOKIE['login'])
> : $_COOKIE['login']);
>
> then unserialize.
>
> !!!WARNING!!!
> array elements in $m_l_d are NOT quoted, don't use them directly in sql
> queries, validate them first

Yep! That is working :) Thanks!



http://hostwindow.info

[Back to original message]