Re: [PHP] serialize() function
Jochem: $_SESSION has another advantage - everything you stick in it is automagically serialized and unserialized at end/start of the request. I didn't know that. Thanks, now I have to figure out a way to store a $_SESSION in a cookie and read it back without inferring with what the user is currently doing in both post and get selections. I have myself overly confused at the moment with too much user activity. tedd -- http://sperling.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] serialize() function
tedd wrote: Jochem: $_SESSION has another advantage - everything you stick in it is automagically serialized and unserialized at end/start of the request. I didn't know that. Thanks, now I have to figure out a way to store a $_SESSION in a cookie and read it back without inferring with what the user is currently doing in both post and get selections. I have myself overly confused at the moment with too much user activity. no shit! (regarding the confusion). $_SESSION is populated when you call session_start(), it's contents are stored on the server. calling session_start() implicitly make php emit a cookie which contains not much other than the session id - it's this id (that the browser sends back in the form of a cookie again) that tell's php which chunk of serialized data that it saved onto disk (usually onto disk) at the end a previous request it should load up when you call session_start(). by default the session cookie is 'dropped' by the browser once you close it [the browser] try this, it might to help you see what's happening a bit (oh and don't forget the manual ;-): ?php session_start(); if (!isset($_SESSION['myObj'])) { echo INIT!br /; $_SESSION['myObj'] = new stdObject; $_SESSION['myObj']-counter = 1; } echo $_SESSION['myObj']-counter++; tedd -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] serialize() function
Nicholas Couloute wrote: Are there any tutorials and uses for serialize() ? I went to php.net and it isn't well documented as I would hope! ?php $o = new StdObject; $a = array(); $i = 1; $b = false; echo serialize($o),\n, serialize($a),\n, serialize($i),\n, serialize($b),\n, serialize(array(A=$o,B=$a,C=$i,D=$b)),\n, ? ... and yes there are uses for it. what do you want to do? ~Nick Couloute co-owner/Web Designer Sidekick2Music.Com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] serialize() function
Nicholas Couloute wrote: I was thinking of a news system with comments. fine. but what's that got to do with serialize() per se? or put another don't look at a function decide it might be useful and then force yourself to build an application with it cart before the horse and all that. On Thu, 13 Apr 2006 6:04 pm, Jochem Maas wrote: Nicholas Couloute wrote: Are there any tutorials and uses for serialize() ? I went to php.net and it isn't well documented as I would hope! ?php $o = new StdObject; $a = array(); $i = 1; $b = false; echo serialize($o),\n, serialize($a),\n, serialize($i),\n, serialize($b),\n, serialize(array(A=$o,B=$a,C=$i,D=$b)),\n, ? ... and yes there are uses for it. what do you want to do? ~Nick Couloute co-owner/Web Designer Sidekick2Music.Com ~Nick Couloute co-owner/Web Designer Sidekick2Music.Com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] serialize() function
At 12:04 AM +0200 4/14/06, Jochem Maas wrote: Nicholas Couloute wrote: Are there any tutorials and uses for serialize() ? I went to php.net and it isn't well documented as I would hope! ?php $o = new StdObject; $a = array(); $i = 1; $b = false; echo serialize($o),\n, serialize($a),\n, serialize($i),\n, serialize($b),\n, serialize(array(A=$o,B=$a,C=$i,D=$b)),\n, ? ... and yes there are uses for it. what do you want to do? Jochem: Not that you don't know -- because I'm sure you do -- but for the benefit of others. One example, each domain has a limit of cookies (20) and you can use them up pretty quickly. However, if you place your data in an array, you could then serialize the array and save it as one long string (i.e., the cookie). Then you can read it back from the cookie and un-serialize it back to the array. tedd -- http://sperling.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] serialize() function
tedd wrote: At 12:04 AM +0200 4/14/06, Jochem Maas wrote: Nicholas Couloute wrote: Are there any tutorials and uses for serialize() ? I went to php.net and it isn't well documented as I would hope! ?php $o = new StdObject; $a = array(); $i = 1; $b = false; echo serialize($o),\n, serialize($a),\n, serialize($i),\n, serialize($b),\n, serialize(array(A=$o,B=$a,C=$i,D=$b)),\n, ? ... and yes there are uses for it. what do you want to do? Jochem: Not that you don't know -- because I'm sure you do -- but for the benefit of others. I don't know jack - just ask Jasper ;-) One example, each domain has a limit of cookies (20) and you can use I wasn't aware that there was a hard limit on cookies - I always thought this was a browser dependent setting ... not that I ever get above 2 cookies max (and mostly just 1 for the session cookie). them up pretty quickly. However, if you place your data in an array, you could then serialize the array and save it as one long string (i.e., the cookie). Then you can read it back from the cookie and un-serialize it back to the array. I'd don't tend to do anything with cookies other than the session cookie and keep any data in $_SESSION - saves having to cleanse whatever incoming stuff is in the cookie (storing data on the clientside that is serialized is can of worms waiting to happen - not that you can't code it safely per se, it's just that much more to think about) $_SESSION has another advantage - everything you stick in it is automagically serialized and unserialized at end/start of the request. tedd -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] serialize() function
On Thu, 2006-04-13 at 18:58, tedd wrote: Not that you don't know -- because I'm sure you do -- but for the benefit of others. One example, each domain has a limit of cookies (20) and you can use them up pretty quickly. However, if you place your data in an array, you could then serialize the array and save it as one long string (i.e., the cookie). Then you can read it back from the cookie and un-serialize it back to the array. Except for extremely rare cases you should never need more than 2 cookies for a domain. Rather than saving every data field into a cookie, save a single unique ID into the user's cookie, and use that to look into your database. Now you can store zillions of fields and any size you want. So that's one, what's the other? Well you can do a persistent cookie also so that you can remember them when they return :) If you're going to store data on the the clients computer, you're going to have to security check every piece of data you saved there before every use. At least when the data is only linked by a unique key, you only ever have to validate the unique key. Cheers, Rob. -- .. | InterJinn Application Framework - http://www.interjinn.com | :: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] serialize() function
Robert Cummings wrote: On Thu, 2006-04-13 at 18:58, tedd wrote: Not that you don't know -- because I'm sure you do -- but for the benefit of others. One example, each domain has a limit of cookies (20) and you can use them up pretty quickly. However, if you place your data in an array, you could then serialize the array and save it as one long string (i.e., the cookie). Then you can read it back from the cookie and un-serialize it back to the array. Except for extremely rare cases you should never need more than 2 cookies for a domain. Rather than saving every data field into a cookie, save a single unique ID into the user's cookie, and use that to look into your database. Now you can store zillions of fields and any size you want. So that's one, what's the other? Well you can do a persistent cookie also so that you can remember them when they return :) If you're going to store data on the the clients computer, you're going to have to security check every piece of data you saved there before every use. At least when the data is only linked by a unique key, you only ever have to validate the unique key. amen. Cheers, Rob. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] serialize() function
On Thu, April 13, 2006 7:03 pm, Jochem Maas wrote: One example, each domain has a limit of cookies (20) and you can use I wasn't aware that there was a hard limit on cookies - I always thought this was a browser dependent setting ... not that I ever get above 2 cookies max (and mostly just 1 for the session cookie). Not only are browsers free to ignore more than X cookies they are also allowed to purge anything more than Y bytes in the cookies from any given domain. [nb] You really should read the original Netscape Cookie spec -- it's short and clear and concise, and possibly one of the best-written specs out there, in some ways. [/nb] So I would never recommend serializing a bunch of data to get it all into one cookie. imho. Better to give the browser ONE cookie and use that to track everything else on the server in a session. This also matters for bandwidth -- It would do Google no good at all to trim down their homepage to the Nth degree like they do, if they sent an extra 100K of coookie data back and forth all the time. Remember: Whatever you SEND in the Cookie, the browser has to send BACK on every page hit, every image hit, the CSS, the javascript requests, all of them, to the same domain. Serialized data is seldom small so even a handful of datastructures being sent back by the browser on every request could add up quickly. The user has to wait for that data to get to your server, after all, before they can even BEGIN to get your content back. -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] serialize() function
There's nothing special about the data returned by serialize() except that it can be safely written saved, transmitted, etc. To do anything useful with it you have to unserialize() it. The cool part about it is that you can serialize any data structure, like an entire array or object. The Yahoo Developer center (ever friendly to PHP developers) talks about how their APIs can return serialized data for PHP: http://developer.yahoo.com/common/phpserial.html For example, use can use the Yahoo Search API to search for Seinfeld, unserialize the results, and have a beautiful array to use: print_r(unserialize(file_get_contents(http://api.search.yahoo.com/ WebSearchService/V1/webSearch? appid=YahooDemoquery=Seinfeldresults=3output=php))); (It's almost like making SOAP out of a REST call.) Richard On Apr 13, 2006, at 3:53 PM, Nicholas Couloute wrote: Are there any tutorials and uses for serialize() ? I went to php.net and it isn't well documented as I would hope! ~Nick Couloute co-owner/Web Designer Sidekick2Music.Com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php