i use mssql on php 5.5.25 running on mac.
the query
update sessions set userid = 0, clientip = '127.0.0.1', timestamp = 1436465436, sessiondata = 'a:1:{s:5:"forms";a:1:{s:26:"login_user_form-1436465436";o:4:"form":15:{s:10:"*form_id";s:15:"login_user_form";s:9:"*gen_id";s:26:"login_user_form-1436465436";s:13:"*form_items";a:4:{s:8:"username";o:17:"formitemtextfield":22:{s:9:"*length";i:60;s:7:"*mask";s:0:"";s:13:"*input_type";s:6:"string";s:12:"*max_value";n;s:12:"*min_value";n;s:7:"*type";s:9:"textfield";s:7:"*name";s:8:"username";s:8:"*value";n;s:7:"*size";i:30;s:11:"*disabled";b:0;s:10:"*form_id";s:15:"login_user_form";s:8:"*print";b:1;s:8:"*label";s:8:"username";s:14:"*placeholder";s:0:"";s:14:"*description";n;s:9:"*weight";i:0;s:9:"*parent";s:13:"primary_group";s:11:"*required";b:1;s:10:"*classes";a:0:{}s:9:"*dbname";s:8:"username";s:15:"*token_prefix";s:1:":";s:18:"*format_callback";b:0;}s:8:"password";o:16:"formitempassword":24:{s:13:"*min_length";i:0;s:13:"*validation";b:1;s:9:"*length";i:100;s:7:"*mask";s:0:"";s:13:"*input_type";s:6:"string";s:12:"*max_value";n;s:12:"*min_value";n;s:7:"*type";s:8:"password";s:7:"*name";s:8:"password";s:8:"*value";n;s:7:"*size";i:30;s:11:"*disabled";b:0;s:10:"*form_id";s:15:"login_user_form";s:8:"*print";b:1;s:8:"*label";s:8:"password";s:14:"*placeholder";s:0:"";s:14:"*description";s:56:"i forgot password.";s:9:"*weight";i:1;s:9:"*parent";s:13:"primary_group";s:11:"*required";b:1;s:10:"*classes";a:0:{}s:9:"*dbname";s:8:"password";s:15:"*token_prefix";s:1:":";s:18:"*format_callback";b:0;}s:7:"form_id";o:14:"formitemhidden":18:{s:12:"*read_only";b:1;s:7:"*type";s:6:"hidden";s:7:"*name";s:7:"form_id";s:8:"*value";s:26:"login_user_form-1436465436";s:7:"*size";n;s:11:"*disabled";b:0;s:10:"*form_id";s:15:"login_user_form";s:8:"*print";b:1;s:8:"*label";s:6:"";s:14:"*placeholder";s:0:"";s:14:"*description";n;s:9:"*weight";i:2;s:9:"*parent";s:13:"primary_group";s:11:"*required";b:0;s:10:"*classes";a:0:{}s:9:"*dbname";s:7:"form_id";s:15:"*token_prefix";s:1:":";s:18:"*format_callback";b:0;}s:6:"submit";o:20:"formitembuttonsubmit":18:{s:14:"*form_action";n;s:7:"*type";s:6:"submit";s:7:"*name";s:6:"submit";s:8:"*value";s:6:"submit";s:7:"*size";n;s:11:"*disabled";b:0;s:10:"*form_id";s:15:"login_user_form";s:8:"*print";b:1;s:8:"*label";s:6:"";s:14:"*placeholder";s:0:"";s:14:"*description";n;s:9:"*weight";i:3;s:9:"*parent";s:13:"primary_group";s:11:"*required";b:0;s:10:"*classes";a:0:{}s:9:"*dbname";s:6:"submit";s:15:"*token_prefix";s:1:":";s:18:"*format_callback";b:0;}}s:9:"*action";s:14:"/demo001/login";s:9:"*method";s:4:"post";s:8:"*title";s:0:"";s:9:"*submit";b:1;s:10:"*enctype";s:33:"application/x-www-form-urlencoded";s:13:"*title_type";s:2:"h1";s:12:"*db_values";b:0;s:10:"*gentime";i:1436465436;s:20:"*validation_errors";a:0:{}s:20:"*validate_callback";s:19:"login_user_validate";s:18:"*submit_callback";s:17:"login_user_submit";s:10:"*classes";s:0:"";}}}' sessionid = 'krd682btg38st6r5i0om1gpbj4' the warning mssql_get_last_message() is:
incorrect syntax near 'a:1:{s:5:"forms";a:1:{s:26:"login_user_form-1436465436";o:4:"form":15:{s:10:"'. however if run above query in sql server management studio executes fine.
obviously sessiondata serialized array. other serialized arrays save fine elsewhere in system using same syntax. missing?
since several comments requested it, here how query generated: see pastebin
so found problem. hidden characters in serialized string. null characters "\0" being interpreted sql server terminator query string. updated sanitize function include line after single quote encode:
$string = str_replace("\0",'[null]',$string); fixed problem right up.
of course since occuring in string need undo after read
str_replace('[null]', "\0", $string); 
Comments
Post a Comment