I built an e-commerce application using PHP4 session management. I store all
data in an array, $SESSION, which I register with the session. Most of the
time, $SESSION is restored as expected on the loading of a new page. Every
now and then, however, $SESSION is restored as a boolean variable with value
0. All of the contents of the original array are, of course, lost. Have I
encountered a known problem? I attempted to circumvent the issue by writing
my own session management logic the implementation of which follows:
I store a serialized representation of the array $SESSION with serialize()
in a MySQL database indexed by the session id. On a page load, I query the
database and unserialize the data with unserialize() and thus, $SESSION is
restored. At the end of the page, I serialize $SESSION again and write it to
the database.
I ultimately experienced the same problem with my code where $SESSION was
indiscriminately set to a boolean of value 0. This error is not reproducible
in any predictable way. In my custom session management, I was however able
to implement debugging logic that provides the following information:
PHP is faithfully retrieving the serialized session data from the MySQL
database. The unserialize() function seems to be the problem. Every so
often, it results in the boolean variable despite the fact that the
serialized data it operates on represents an array. For example, I
determined from my debugging log (physical data has been altered for
privacy):
1. raw data extracted from database and stored into $rawData:
a:2:{s:4:"USER";a:15:{s:8:"loggedIn";i:1;s:7:"user_id";s:1:"1";s:5:"admin";s
:3:"Yes";s:10:"contact_id";s:1:"1";s:5:"first";s:4:"John";s:4:"last";s:3:"Do
e";s:7:"company";s:3:"ABC";s:6:"street";s:18:"#### XXXXXX
Avenue";s:4:"city";s:11:"Los
Angeles";s:5:"state";s:1:"5";s:7:"zipcode";s:5:"######";s:7:"country";s:13:"
United States";s:5:"phone";s:14:"(323)
555-5555";s:3:"fax";s:0:"";s:5:"email";s:13:"[EMAIL PROTECTED]";}s:7:"CONTACT";a
:1:{i:1;a:11:{s:5:"first";s:4:"John";s:4:"last";s:3:"Doe";s:7:"company";s:3:
"ABC";s:6:"street";s:18:"#### XXXXXXX Avenue";s:4:"city";s:11:"Los
Angeles";s:5:"state";s:1:"5";s:7:"zipcode";s:5:"#####";s:7:"country";s:13:"U
nited States";s:5:"phone";s:14:"(323)
555-5555";s:3:"fax";s:0:"";s:5:"email";s:13:"[EMAIL PROTECTED]";}}}
2. then raw data is unserialized into session variable
$SESSION=unserialize($rawData)
3. session variable is immediately typed with gettype($SESSION) and it's a
boolean
As I said before, this happens only irregularly. Most of the time, gettype()
properly determines $SESSION is an array which, when examined, contains the
unserialized data from the database. Every now and then, though, it's a
boolean with a value of 0. So I guess my first question is does anyone know
what is going on here? Second, does native PHP4 session management use the
unserialize() function. And third, is unserialize() broken?
Ted Henigson
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
