Edit report at https://bugs.php.net/bug.php?id=43980&edit=1
ID: 43980 Updated by: yohg...@php.net Reported by: rhm31 at cam dot ac dot uk Summary: Difficult to unserialize session data in user session save function -Status: Assigned +Status: Closed Type: Feature/Change Request Package: Session related Operating System: * PHP Version: * Assigned To: yohgaki Block user comment: N Private report: N New Comment: php_serialize will be available from PHP 5.5.4. http://git.php.net/?p=php- src.git;a=commit;h=c51f77fe83cea3a48d89423863e6916b77628e47 Previous Comments: ------------------------------------------------------------------------ [2013-08-10 08:25:40] yohg...@php.net Related To: Bug #65359 ------------------------------------------------------------------------ [2012-03-31 03:27:42] yohg...@php.net I think next release should have new handler encode with plain serialize and set it to default. This will lead to BC problems certain users, but current implementation is legacy one for supporting global session variables. ------------------------------------------------------------------------ [2011-10-04 22:59:38] tklingenberg at lastflood dot net If you want to encode something else (e.g. an array with keys as variable names), you can just mimic the PHP session handler by: <?php $encoded = ''; foreach($array as $name => $value) { $encoded .= $name.'|'.serialize($value); } ?> Ensure that the serialize handler as well as the session serialize handler is "PHP". Decoding is not that simple however, you would require a library https://github.com/ktomk/Serialized as of now. To have another tool in the box, a decode/encode function pair with a parameter of type "variable" array (like $_SESSION) and a parameter type string with the name of the serialize handler would be useful, maybe even two function pairs, one for session (variable list) and one for the actual values (un/serialize) but I think this won't work for the serially encoded values out of the box, so you always need to unserialize all, which means instantiation of objects etc.. ------------------------------------------------------------------------ [2008-03-17 15:12:00] rhm31 at cam dot ac dot uk >From the documentation: session_encode (PHP 4, PHP 5) session_encode Encodes the current session data as a string Description string session_encode ( void ) This signature is wrong, since it assumes you want to encode the current $_SESSION variable, but sometimes you don't want to and you want to encode something else. This is not specific to PHP4 only. ------------------------------------------------------------------------ [2008-03-17 00:47:58] j...@php.net We are sorry, but we can not support PHP 4 related problems anymore. Momentum is gathering for PHP 6, and we think supporting PHP 4 will lead to a waste of resources which we want to put into getting PHP 6 ready. ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at https://bugs.php.net/bug.php?id=43980 -- Edit this bug report at https://bugs.php.net/bug.php?id=43980&edit=1