账号 电子邮箱地址
记住登录状态
还没有33IQ账号？
通过社交网站直接登录
33IQ让你越玩越聪明
全球最大中文智力题库
多年龄段用户全面覆盖
拓展知识提升智力水平
百万用户与你共同思考学习
科学提高智力水平
五大能力权威分析 科学优化学习能力
每日跟踪智力成长 全面掌握智力发展
最大中文智力题库
分类细致、解析详尽
轻松便捷的移动答题软件
中外题库全面收录，全面覆盖多段年龄
五大能力专业训练，科学提高智力水平
手机电脑同步答题，充分利用碎片时间
-学习方法研究的狂热分子
学习方法研究的狂热分子。尤其喜欢与学习方法相关的研究，对快速阅读，思维导图等颇有心得，平均每分钟的阅读量为800字以上。
-无所不能的真学霸
精通日语的在读统计学硕士，曾获全国青少年科技创新大赛少年儿童科学幻想绘画展一等奖，全国中学生物理竞赛一等奖、全国高中数学联合竞赛一等奖。
-全能型人才
12岁获吉林省航模比赛一等奖；13岁通过小提琴7级；世界跆拳道联盟黑带二段，专业队现役；顶峰时期还原魔方六面24秒以内；中考数学和物理满分。
-技术型吃货
本科为经济学专业，现于美国攻读HCI人机交互硕士，曾获2012年全国大学生数学建模竞赛福建省一等奖。梦想吃遍全球的美食。
三岁背诗，五岁识字近千，被获准小龄入学，中学多次喜当区状元，本科录入常青藤康奈尔大学学习。爱幻想爱疯癫爱新科技，梦想设计智能家居机器人。
由于长相英俊又善于体察女生心思，深受身边女性喜爱。会弹吉他，曾经组建过乐队，擅长各种棋类，曾经获得华东理工大学信息学院四国比赛第一名。
登录33IQ，提升智力水平，让你越玩越聪明！
33IQ v4.26.86.0
Copyright & 2008- All Rights Reserved404 - Not Found
404 - Not FoundStack Overflow is a question and answer site for professional and enthusiast programmers. It's 100% free.
I am using Hotaru CMS with the Image Upload plugin, I get this error if I try to attach an image to a post, otherwise there is no error.
The offending code (error points to line with **):
* Retrieve submission step data
* @param $key - empty when setting
* @return bool
public function loadSubmitData($h, $key = '')
// delete everything in this table older than 30 minutes:
$this-&deleteTempData($h-&db);
if (!$key) { }
$cleanKey = preg_replace('/[^a-z0-9]+/','',$key);
if (strcmp($key,$cleanKey) != 0) {
$sql = "SELECT tempdata_value FROM " . TABLE_TEMPDATA . " WHERE tempdata_key = %s ORDER BY tempdata_updatedts DESC LIMIT 1";
$submitted_data = $h-&db-&get_var($h-&db-&prepare($sql, $key));
**if ($submitted_data) { return unserialize($submitted_data); } else { }**
Data from the table, notice the end bit has the image info, I am not an expert in PHP so I was wondering what you guys/gals might think?
tempdata_value:
a:10:{s:16:"submit_editorial";b:0;s:15:"submit_orig_url";s:13:"www.bbc.co.uk";s:12:"submit_title";s:14:"No title found";s:14:"submit_content";s:12:"dnfsdkfjdfdf";s:15:"submit_category";i:2;s:11:"submit_tags";s:3:"bbc";s:9:"submit_id";b:0;s:16:"submit_subscribe";i:0;s:15:"submit_comments";s:4:"open";s:5:"image";s:19:"C:fakepath100.jpg";}
Edit: I think I've found the serialize bit...
* Save submission step data
* @return bool
public function saveSubmitData($h)
// delete everything in this table older than 30 minutes:
$this-&deleteTempData($h-&db);
$sid = preg_replace('/[^a-z0-9]+/i', '', session_id());
$key = md5(microtime() . $sid . rand());
$sql = "INSERT INTO " . TABLE_TEMPDATA . " (tempdata_key, tempdata_value, tempdata_updateby) VALUES (%s,%s, %d)";
$h-&db-&query($h-&db-&prepare($sql, $key, serialize($h-&vars['submitted_data']), $h-&currentUser-&id));
unserialize() [function.unserialize]: Error at offset was dues to invalid serialization data due to invalid length
What you can do is is recalculating the length of the elements in serialized array
You current serialized data
$data = 'a:10:{s:16:"submit_editorial";b:0;s:15:"submit_orig_url";s:13:"www.bbc.co.uk";s:12:"submit_title";s:14:"No title found";s:14:"submit_content";s:12:"dnfsdkfjdfdf";s:15:"submit_category";i:2;s:11:"submit_tags";s:3:"bbc";s:9:"submit_id";b:0;s:16:"submit_subscribe";i:0;s:15:"submit_comments";s:4:"open";s:5:"image";s:19:"C:fakepath100.jpg";}';
Example without recalculation
var_dump(unserialize($data));
Notice: unserialize() [function.unserialize]: Error at offset 337 of 338 bytes
Recalculating
$data = preg_replace('!s:(\d+):"(.*?)";!e', "'s:'.strlen('$2').':\"$2\";'", $data);
var_dump(unserialize($data));
'submit_editorial' =& boolean false
'submit_orig_url' =& string 'www.bbc.co.uk' (length=13)
'submit_title' =& string 'No title found' (length=14)
'submit_content' =& string 'dnfsdkfjdfdf' (length=12)
'submit_category' =& int 2
'submit_tags' =& string 'bbc' (length=3)
'submit_id' =& boolean false
'submit_subscribe' =& int 0
'submit_comments' =& string 'open' (length=4)
'image' =& string 'C:fakepath100.jpg' (length=17)
Recommendation .. I
Instead of using this kind of quick fix ... i"ll advice you update the question with
How you are serializing your data
How you are Saving it ..
================================
===============================
The Error was generated because of use of double quote " instead single quote ' that is why C:\fakepath\100.png was converted to C:fakepath100.jpg
To fix the error
You need to change $h-&vars['submitted_data'] From
(Note the singe quite ' )
$h-&vars['submitted_data']['image'] = "C:\fakepath\100.png" ;
$h-&vars['submitted_data']['image'] = 'C:\fakepath\100.png' ;
Additional Filter
You can also add this simple filter before you call serialize
function satitize(&$value, $key)
$value = addslashes($value);
array_walk($h-&vars['submitted_data'], "satitize");
If you have UTF Characters you can also run
$h-&vars['submitted_data'] = array_map("utf8_encode",$h-&vars['submitted_data']);
How to detect the problem in future serialized data
findSerializeError ( $data1 ) ;
Diffrence 9 != 7
-& ORD number 57 != 55
-& Line Number = 315
-& Section Data1
= pen";s:5:"image";s:19:"C:fakepath100.jpg
-& Section Data2
= pen";s:5:"image";s:17:"C:fakepath100.jpg
^------- The Error (Element Length)
findSerializeError Function
function findSerializeError($data1) {
echo "&pre&";
$data2 = preg_replace ( '!s:(\d+):"(.*?)";!e', "'s:'.strlen('$2').':\"$2\";'",$data1 );
$max = (strlen ( $data1 ) & strlen ( $data2 )) ? strlen ( $data1 ) : strlen ( $data2 );
echo $data1 . PHP_EOL;
echo $data2 . PHP_EOL;
for($i = 0; $i & $ $i ++) {
if (@$data1 {$i} !== @$data2 {$i}) {
echo "Diffrence ", @$data1 {$i}, " != ", @$data2 {$i}, PHP_EOL;
echo "\t-& ORD number ", ord ( @$data1 {$i} ), " != ", ord ( @$data2 {$i} ), PHP_EOL;
echo "\t-& Line Number = $i" . PHP_EOL;
$start = ($i - 20);
$start = ($start & 0) ? 0 : $
$length = 40;
$point = $max - $i;
if ($point & 20) {
$rlength = 1;
$rpoint = - $
$rpoint = $length - 20;
$rlength = 1;
echo "\t-& Section Data1
= ", substr_replace ( substr ( $data1, $start, $length ), "&b style=\"color:green\"&{$data1 {$i}}&/b&", $rpoint, $rlength ), PHP_EOL;
echo "\t-& Section Data2
= ", substr_replace ( substr ( $data2, $start, $length ), "&b style=\"color:red\"&{$data2 {$i}}&/b&", $rpoint, $rlength ), PHP_EOL;
A better way to save to Database
$toDatabse = base64_encode(serialize($data));
// Save to database
$fromDatabase = unserialize(base64_decode($data)); //Getting Save Format
56.5k1473129
I don't have enough reputation to comment, so I hope this is seen by people using the above "correct" answer:
Since php 5.5 the /e modifier in preg_replace() has been deprecated completely and the preg_match above will error out. The php documentation recommends using preg_match_callback in its place.
Please find the following solution as an alternative to the above proposed preg_match.
$fixed_data = preg_replace_callback ( '!s:(\d+):"(.*?)";!', function($match) {
return ($match[1] == strlen($match[2])) ? $match[0] : 's:' . strlen($match[2]) . ':"' . $match[2] . '";';
},$bad_data );
There's another reason unserialize() failed because you improperly put serialized data into the database see
here. Since serialize() returns binary data and php variables don't care encoding methods, so that putting it into TEXT, VARCHAR() will cause this error.
Solution: store serialized data into BLOB in your table.
This error is caused because your charset is wrong.
Set charset after open tag:
header('Content-Type: text/ charset=utf-8');
And set charset utf8 in your database :
mysql_query("SET NAMES 'utf8'");
You will have to alter the collation type to utf8_unicode_ci and the problem will be fixed.
108k22183293
says it should return false and set E_NOTICE
but since you got error then the error reporting is set to be triggered by E_NOTICE
here is a fix to allow you detect false returned by unserialize
$old_err=error_reporting();
error_reporting($old_err & ~E_NOTICE);
$object = unserialize($serialized_data);
error_reporting($old_err);
you might want to consider use base64 encode/decode
$string=base64_encode(serialize($obj));
unserialize(base64_decode($string));
In my case I was storing serialized data in BLOB field of MySQL DB which apparently wasn't big enough to contain the whole value and truncated it. Such a string obviously could not be unserialized.
Once converted that field to MEDIUMBLOB the problem dissipated.
Also it may be needed to switch in table options ROW_FORMAT to DYNAMIC or COMPRESSED.
Your Answer
Sign up or
Sign up using Google
Sign up using Facebook
Sign up using Stack Exchange
Post as a guest
Post as a guest
By posting your answer, you agree to the
Not the answer you're looking for?
Browse other questions tagged
Stack Overflow works best with JavaScript enabled