From: [EMAIL PROTECTED]
Operating system: linux
PHP version: 4.0.6
PHP Bug Type: *Languages/Translation
Bug description: serialize and setlocale: inconsistent behavior
The following script
<?php
$a=3.14;
echo "<pre>$a type ". gettype($a);
$olc=setlocale(LC_ALL,0);
setlocale(LC_ALL,'de_DE');
echo "\n$a type ". gettype($a);
$ser=serialize($a);
echo "\nSER: #$ser#\n";
setlocale(LC_ALL,$olc);
$b=unserialize($ser);
echo "$b type ". gettype($b);
?>
.... produces this output:
3.14 type double
3,14 type double
SER: #d:3,14;#
3 type double
This type of error can happen in cases, where a localized user-fronted
stores some vars for example in a Database via serialize and another
program (e.g. background process, which doesn't need to be localized) reads
it. In those cases, the result is not correct (=error). The problem is,
that this is not obvious, because a "normal" programmer trust on
serialize(), because the documentation says
"serialize() returns a string containing a byte-stream representation
of value
that can be stored anywhere."
In other words: You can trust serialize, that it always can be
unserialized.
Opportunities to solve the problem:
- serialize() stores the vars langague independed (always use '.').
- unserialize() reads double vars either with '.' or ','.
- both
- unserialize() checks, if serialized string and and resulting type is
identical, if not returns with error.
- Big hint in docs
Maybe it's a good idea to check (un)serialize in general for similar
errors.
--
Edit bug report at: http://bugs.php.net/?id=14235&edit=1
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
