English
English
In PHP programming, the serialize function is a very useful tool, especially when it is necessary to save complex data structures such as arrays or objects into files, or to transfer this data over the network, it can convert the data into strings. This article will introduce the role of the serialize function and explain how to implement data serialization and deserialization through it, especially how to pass data across pages through URLs.
The serialize function converts a PHP data structure (such as an array or object) into a string that can be easily stored or passed over HTTP requests. And when you need to restore this data structure to its original form, you can use the unserialize function.
grammar:
string serialize ( mixed $value )
Parameters: $value is the value you want to serialize, which can be any type of data, including arrays, objects, etc.
Return value: Return a string representing the serialized data.
Example:
$array = array('name' => 'Alice', 'age' => 25);
$serializedData = serialize($array);
echo $serializedData;
The output string may look like:
a:2:{s:4:"name";s:5:"Alice";s:3:"age";i:25;}
Deserialization is to restore the serialized string to the original PHP data structure. You can use the unserialize function to implement this function.
grammar:
mixed unserialize ( string $data )
Parameters: $data is a serialized string.
Return value: Returns the original data, usually an array or object.
Example:
$serializedData = 'a:2:{s:4:"name";s:5:"Alice";s:3:"age";i:25;}';
$array = unserialize($serializedData);
print_r($array);
The output will be:
Array
(
[name] => Alice
[age] => 25
)
If you want to pass data from one page to another via URL, you can use the serialize function to convert an array or object into a string and then pass it through the URL. The receiver can restore the data using the unserialize function.
Suppose you have a PHP array that you want to pass to another page:
// Define an array
$data = array('name' => 'Alice', 'age' => 25);
// Serialize arrays
$serializedData = serialize($data);
// URL Encoded serialized data
$encodedData = urlencode($serializedData);
// Pass the data through URL Send to another page
header('Location: receive.php?data=' . $encodedData);
exit;
In this example, we encode the serialized data using urlencode so that it can be safely passed as a URL parameter.
In the receiver page receive.php , you can get the parameters in the URL through $_GET and restore the data using the unserialize function.
// Get URL parameter
if (isset($_GET['data'])) {
// Decode and deserialize data
$serializedData = urldecode($_GET['data']);
$data = unserialize($serializedData);
// Output data
echo 'Name: ' . $data['name'] . '<br>';
echo 'Age: ' . $data['age'] . '<br>';
} else {
echo 'No data received.';
}
URL length limit: Because the URL length has an upper limit (usually 2048 characters), the limit may be exceeded if the data passed is large (for example, containing a large amount of array or object data). Consider using POST requests or storing data in a session.
Security: Special care is required when using unserialize , especially when deserialized data comes from untrusted sources, which can lead to security vulnerabilities (such as object injection attacks). PHP 7 and above introduces the allowed_classes parameter, which can limit deserialized classes to improve security.
Through serialize and unserialize functions, PHP provides a simple and efficient way to serialize and deserialize data. You can easily pass complex data structures between pages with these functions. Especially when you need to pass arrays or objects across pages, serialize is a very useful tool. Just pay attention to the length limitations and security issues of the URL, it is very convenient to pass data between different pages.
