|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2002-04-09 18:44 UTC] jimw@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Tue Oct 28 19:00:01 2025 UTC |
The following script <?php $a=3.14; echo "<pre>$a type ". gettype($a); $olc=setlocale(LC_ALL,0); setlocale(LC_ALL,'de_DE'); echo "\n$a type ". gettype($a); $ser=serialize($a); echo "\nSER: #$ser#\n"; setlocale(LC_ALL,$olc); $b=unserialize($ser); echo "$b type ". gettype($b); ?> .... produces this output: 3.14 type double 3,14 type double SER: #d:3,14;# 3 type double This type of error can happen in cases, where a localized user-fronted stores some vars for example in a Database via serialize and another program (e.g. background process, which doesn't need to be localized) reads it. In those cases, the result is not correct (=error). The problem is, that this is not obvious, because a "normal" programmer trust on serialize(), because the documentation says "serialize() returns a string containing a byte-stream representation of value that can be stored anywhere." In other words: You can trust serialize, that it always can be unserialized. Opportunities to solve the problem: - serialize() stores the vars langague independed (always use '.'). - unserialize() reads double vars either with '.' or ','. - both - unserialize() checks, if serialized string and and resulting type is identical, if not returns with error. - Big hint in docs Maybe it's a good idea to check (un)serialize in general for similar errors.