duanliao5995 2012-04-14 10:34

已采纳

如何修复已被错误的字节计数长度破坏的序列化字符串？

I am using Hotaru CMS with the Image Upload plugin, I get this error if I try to attach an image to a post, otherwise there is no error:

unserialize() [function.unserialize]: Error at offset

The offending code (error points to line with **):

/**
     * Retrieve submission step data
     *
     * @param $key - empty when setting
     * @return bool
     */
    public function loadSubmitData($h, $key = '')
    {
        // delete everything in this table older than 30 minutes:
        $this->deleteTempData($h->db);

        if (!$key) { return false; }

        $cleanKey = preg_replace('/[^a-z0-9]+/','',$key);
        if (strcmp($key,$cleanKey) != 0) {
            return false;
        } else {
            $sql = "SELECT tempdata_value FROM " . TABLE_TEMPDATA . " WHERE tempdata_key = %s ORDER BY tempdata_updatedts DESC LIMIT 1";
            $submitted_data = $h->db->get_var($h->db->prepare($sql, $key));
            **if ($submitted_data) { return unserialize($submitted_data); } else { return false; }** 
        }
    }

Data from the table, notice the end bit has the image info, I am not an expert in PHP so I was wondering what you guys/gals might think?

tempdata_value:

a:10:{s:16:"submit_editorial";b:0;s:15:"submit_orig_url";s:13:"www.bbc.co.uk";s:12:"submit_title";s:14:"No title found";s:14:"submit_content";s:12:"dnfsdkfjdfdf";s:15:"submit_category";i:2;s:11:"submit_tags";s:3:"bbc";s:9:"submit_id";b:0;s:16:"submit_subscribe";i:0;s:15:"submit_comments";s:4:"open";s:5:"image";s:19:"C:fakepath100.jpg";}

Edit: I think I've found the serialize bit...

/**
     * Save submission step data
     *
     * @return bool
     */
    public function saveSubmitData($h)
    {
        // delete everything in this table older than 30 minutes:
        $this->deleteTempData($h->db);

        $sid = preg_replace('/[^a-z0-9]+/i', '', session_id());
        $key = md5(microtime() . $sid . rand());
        $sql = "INSERT INTO " . TABLE_TEMPDATA . " (tempdata_key, tempdata_value, tempdata_updateby) VALUES (%s,%s, %d)";
        $h->db->query($h->db->prepare($sql, $key, serialize($h->vars['submitted_data']), $h->currentUser->id));
        return $key;
    }

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

15条回答默认最新

dpoxk64080 2012-04-14 10:48

关注

unserialize() [function.unserialize]: Error at offset was dues to invalid serialization data due to invalid length

Quick Fix

What you can do is is recalculating the length of the elements in serialized array

You current serialized data

$data = 'a:10:{s:16:"submit_editorial";b:0;s:15:"submit_orig_url";s:13:"www.bbc.co.uk";s:12:"submit_title";s:14:"No title found";s:14:"submit_content";s:12:"dnfsdkfjdfdf";s:15:"submit_category";i:2;s:11:"submit_tags";s:3:"bbc";s:9:"submit_id";b:0;s:16:"submit_subscribe";i:0;s:15:"submit_comments";s:4:"open";s:5:"image";s:19:"C:fakepath100.jpg";}';

Example without recalculation

var_dump(unserialize($data));

Output

Notice: unserialize() [function.unserialize]: Error at offset 337 of 338 bytes

Recalculating

$data = preg_replace('!s:(\d+):"(.*?)";!e', "'s:'.strlen('$2').':\"$2\";'", $data);
var_dump(unserialize($data));

Output

array
  'submit_editorial' => boolean false
  'submit_orig_url' => string 'www.bbc.co.uk' (length=13)
  'submit_title' => string 'No title found' (length=14)
  'submit_content' => string 'dnfsdkfjdfdf' (length=12)
  'submit_category' => int 2
  'submit_tags' => string 'bbc' (length=3)
  'submit_id' => boolean false
  'submit_subscribe' => int 0
  'submit_comments' => string 'open' (length=4)
  'image' => string 'C:fakepath100.jpg' (length=17)

Recommendation .. I

Instead of using this kind of quick fix ... i"ll advice you update the question with

How you are serializing your data
How you are Saving it ..

================================ EDIT 1 ===============================

The Error

The Error was generated because of use of double quote " instead single quote ' that is why C:\fakepath\100.png was converted to C:fakepath100.jpg

To fix the error

You need to change $h->vars['submitted_data'] From (Note the singe quite ' )

Replace

 $h->vars['submitted_data']['image'] = "C:\fakepath\100.png" ;

With

 $h->vars['submitted_data']['image'] = 'C:\fakepath\100.png' ;

Additional Filter

You can also add this simple filter before you call serialize

function satitize(&$value, $key)
{
    $value = addslashes($value);
}

array_walk($h->vars['submitted_data'], "satitize");

If you have UTF Characters you can also run

 $h->vars['submitted_data'] = array_map("utf8_encode",$h->vars['submitted_data']);

How to detect the problem in future serialized data

  findSerializeError ( $data1 ) ;

Output

Diffrence 9 != 7
    -> ORD number 57 != 55
    -> Line Number = 315
    -> Section Data1  = pen";s:5:"image";s:19:"C:fakepath100.jpg
    -> Section Data2  = pen";s:5:"image";s:17:"C:fakepath100.jpg
                                            ^------- The Error (Element Length)

findSerializeError Function

function findSerializeError($data1) {
    echo "<pre>";
    $data2 = preg_replace ( '!s:(\d+):"(.*?)";!e', "'s:'.strlen('$2').':\"$2\";'",$data1 );
    $max = (strlen ( $data1 ) > strlen ( $data2 )) ? strlen ( $data1 ) : strlen ( $data2 );

    echo $data1 . PHP_EOL;
    echo $data2 . PHP_EOL;

    for($i = 0; $i < $max; $i ++) {

        if (@$data1 {$i} !== @$data2 {$i}) {

            echo "Diffrence ", @$data1 {$i}, " != ", @$data2 {$i}, PHP_EOL;
            echo "\t-> ORD number ", ord ( @$data1 {$i} ), " != ", ord ( @$data2 {$i} ), PHP_EOL;
            echo "\t-> Line Number = $i" . PHP_EOL;

            $start = ($i - 20);
            $start = ($start < 0) ? 0 : $start;
            $length = 40;

            $point = $max - $i;
            if ($point < 20) {
                $rlength = 1;
                $rpoint = - $point;
            } else {
                $rpoint = $length - 20;
                $rlength = 1;
            }

            echo "\t-> Section Data1  = ", substr_replace ( substr ( $data1, $start, $length ), "<b style=\"color:green\">{$data1 {$i}}</b>", $rpoint, $rlength ), PHP_EOL;
            echo "\t-> Section Data2  = ", substr_replace ( substr ( $data2, $start, $length ), "<b style=\"color:red\">{$data2 {$i}}</b>", $rpoint, $rlength ), PHP_EOL;
        }

    }

}

A better way to save to Database

$toDatabse = base64_encode(serialize($data));  // Save to database
$fromDatabase = unserialize(base64_decode($data)); //Getting Save Format

本回答被题主选为最佳回答 , 对您是否有帮助呢?

查看更多回答(14条)

报告相同问题？

关注问题

如何修复已被错误的字节计数长度破坏的序列化字符串？ mysql php
2012-04-14 10:34

回答 15 已采纳 unserialize() [function.unserialize]: Error at offset was dues to invalid serialization data due t
c语言字符串连接和计数问题 c++
2022-06-21 19:54

回答 1 已采纳 scanf里尽量不要有其他的符号scanf("%s %s %s", a, b, c);或者分开scanf("%s", a);scanf("%s", b);scanf("%s", c);
如何根据性别和计数翻译PHP中的字符串？ php
2012-10-03 14:21

回答 3 已采纳 As mentionned by comments, I guess gettext() is an alternative However if you need an alternative
Python基础与拾遗2：Python中的字符串与字符串格式化
2021-02-01 23:56

jiongnima的博客本篇博文主要总结了，Python中的字符串与字符串格式化，欢迎阅读与分享。
关于#素数字符串#的问题，如何解决？ c语言
2022-09-17 17:50

回答 4 已采纳都预处理了，搞个二维数组，你在素筛里把每一位0-9出现的次数统计一下不就好了。cnt[1e6+100][10],前缀和一下这样后面判断直接0（1）操作。你这种写法 T 是1e4 区间是1e6，遍历一遍
python习题求解！字符串位置 python
2021-11-11 13:27

回答 2 已采纳 def strrindex(s,t): return s.rfind(t) s=input() t=input() print(strrindex(s,t))
怎么设计一个类内函数，去识别字符并且计数？ c++
2022-04-25 17:52

回答 1 已采纳 #include <iostream> #include <vector> using namespace std; //疫苗种类 enum VACCINE_TYPE {
数据结构与算法代码实战讲解之：字符串与正则表达式
2023-09-24 02:02

禅与计算机程序设计艺术的博客 字符串匹配：在一个主串(string)中查找一个模式串(pattern)，或者说判断一个字符串是否是另一个字符串的子序列。换句话说，就是寻找在主串中首次出现的某个模式串，或者说找到使模式串能够完全覆盖主串的最短的子串...
pandas 长小数转字符型显示科学计数问题 oracle python sql
2021-06-02 19:25

回答 1 已采纳在网上找的很多方法都是说先将数值转为字符串，再进行存储，但我在用np.astype(str)转换之后，还是有这个问题，看了上面这篇博客之后才知道python在将数值较小的float转为str时，会转
java String转double，字符串长度超过7
2017-03-15 07:25

回答 4 已采纳这是科学计数法E7就是前面的数字乘以10的7次方
pathon字母计数输入字符串，输出字符串中出现次数最多的字母及其出现次数。如果有多个字母出现次数一样，则按字符从小到大顺序输出字母及其出现次数。 python
2020-03-18 15:57

回答 1 已采纳可以使用自定义键对c.most_common()进行排序，该键首先考虑频率的降序，然后考虑字母的降序（请注意lambda x: (-x[1], x[0]) ）。代码可以参考：https://w
【大数据 OLAP 技术新书推荐】字节跳动阿里巴巴大厂资深架构师程序员多年实践经验总结《ClickHouse入门、实战与进阶》ClickHouse领域集大成之作，入门标准参考书日常工作案头必备手册
2023-06-25 03:01

禅与计算机程序设计艺术的博客书中内容是作者在阿里巴巴、字节跳动多年实战经验的总结，得到了字节跳动和阿里巴巴9位大数据专家的高度评价。全书共10章，主要内容如下：第1~3章整体介绍ClickHouse概念、特性、应用场景、技术生态、快速入门和基础...
将所有正整数连在一起，组成一个无限长的字符串 123456789101112131415… c++ c语言有问必答
2021-12-23 19:37

回答 1 已采纳你题目的解答代码如下： #include<stdio.h> int main() { int a[1000] = {0},b[5]; int n,t,i,j=0,k=1,
Java 字符串(String)的使用
2022-07-02 14:41

ak478848的博客本文主要介绍Java中字符串(String)的基础使用操作和相关方法使用（为变量分配字符串、字符串长度、字符串方法、、字符串连接、字符串格式化、转义字符），以及相关示例代码。字符串用于存文本内容。变量包含一组用双...
分布式缓存原理与实战：24. 分布式缓存的数据压缩与序列化
2023-12-07 02:17

禅与计算机程序设计艺术的博客 1.背景介绍分布式缓存是现代互联网应用程序中不可或缺的组件，它通过将热点数据存储在内存中，从而提高了数据访问速度，降低了数据库压力。...在分布式缓存中，数据压缩和序列化是密切相关的两个概念。数
没有解决我的问题, 去提问

悬赏问题

¥15 虚幻5 UE美术毛发渲染
¥15 CVRP 图论物流运输优化
¥15 Tableau online 嵌入ppt失败
¥100 支付宝网页转账系统不识别账号
¥15 基于单片机的靶位控制系统
¥15 真我手机蓝牙传输进度消息被关闭了，怎么打开？(关键词-消息通知)
¥15 装 pytorch 的时候出了好多问题，遇到这种情况怎么处理？
¥20 IOS游览器某宝手机网页版自动立即购买JavaScript脚本
¥15 手机接入宽带网线，如何释放宽带全部速度
¥30 关于#r语言#的问题：如何对R语言中mfgarch包中构建的garch-midas模型进行样本内长期波动率预测和样本外长期波动率预测

码龄粉丝数原力等级 --

如何修复已被错误的字节计数长度破坏的序列化字符串？

15条回答默认最新

码龄粉丝数原力等级 --

悬赏问题

如何修复已被错误的字节计数长度破坏的序列化字符串？

15条回答 默认 最新

悬赏问题

15条回答默认最新