这是什么样的字符串?我如何反序列化这个字符串? [英] What kind of string is this? How do I unserialize this string?

问题描述

这是什么字符串?我怎样才能反序列化它并从中取出数组?

a:2:{i:0;s:7:"Abogado";i:1;s:7:"Notario";}

解决方案

这是一个序列化的字符串.你可以用这个函数反序列化它:unserialize()，像这样:

$str = 'a:2:{i:0;s:7:"Abogado";i:1;s:7:"Notario";}';打印_r(反序列化($str));

输出:

Array ( [0] => Abogado [1] => Notario )

旁注:

手册中的引用:

<块引用>

警告:在出现错误和反序列化序列化 FALSE 值的情况下都返回 FALSE.可以通过将 str 与 serialize(false) 进行比较或通过捕获发出的 E_NOTICE 来捕获这种特殊情况.

<块引用>

警告:不要将不受信任的用户输入传递给 unserialize().反序列化可能导致代码因对象实例化和自动加载而被加载和执行，恶意用户可能会利用这一点.如果需要将序列化数据传递给用户，请使用安全、标准的数据交换格式，例如 JSON(通过 json_decode() 和 json_encode()).

What kind of string is this? How can I unserialize it and get the array out of it?

a:2:{i:0;s:7:"Abogado";i:1;s:7:"Notario";}

解决方案

This is a serialized string. You can unserialize it with this function: unserialize(), like this:

$str = 'a:2:{i:0;s:7:"Abogado";i:1;s:7:"Notario";}';
print_r(unserialize($str));

Output:

Array ( [0] => Abogado [1] => Notario )

Side Note:

A quote from the manual:

Warning: FALSE is returned both in the case of an error and if unserializing the serialized FALSE value. It is possible to catch this special case by comparing str with serialize(false) or by catching the issued E_NOTICE.

Warning: Do not pass untrusted user input to unserialize(). Unserialization can result in code being loaded and executed due to object instantiation and autoloading, and a malicious user may be able to exploit this. Use a safe, standard data interchange format such as JSON (via json_decode() and json_encode()) if you need to pass serialized data to the user.

这篇关于这是什么样的字符串?我如何反序列化这个字符串?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！