What could cause a failure in PHP serialize function?

I have some serverside PHP code that attempts persist a data object (essentially an multi-dimensional array) to a backend database. This data object originally comes in as AMF actionscript object sent from a flex application. I want persist the object in whole for later use so I have used the php serialize function and encode the object down a simple string that can go into a database field. The code looks like this:

$serializedDataObject = base64_encode(serialize($objectInstance->myDataObject));

When I want to revivify this object and bring it back I simply run the reverse

$unserializedDatanObject = unserialize(base64_decode($serializedDataObject));

So far this seems to work well. But sometimes my php script fails. I think it is failing at the serialization step. My question is theoretically speaking what could cause a php serialization and encoding process to fail? Are there certain characters or kinds of data in the data object array that could cause the serialization to bork?

Do I need to do some massaging of the data object before I try to serialize it?


To clarify the process works like this

I have a Flex/Actionscript client app that sends AMF based actionscript objects to the server. On the PHP side I am using the Zend AMF library to read the AMF data. The object can be inspected in PHP and basically looks like an associative multi-dimensional array. It is at this point that I attempt to serialize and base 64 encode the object so that I can persist the object to the database as a encoded string.

Hopefully this makes sense. The problem is intermittent and not so easy to reproduce consistently. If I can get some specific error messages I will post them here for further clarification. But for now I was just wondering what are the limits of serialization to help me further debug.

-------------Problems Reply------------

Resources can't be serialized which might be the problem. A way to avoid this problem is to use the magic methods: __sleep and __wakeup.

Basically, your __sleep function is called when you call serialize, and __wakeup is for when you unserialize, so say it's a database connection: in sleep() close the connection and store the connection string somewhere (perhaps), and in wakeup, reconnect.

@Greg is correct in that you cannot serialize resources.

Given that you describe your objects as "Data objects" I have a feeling that they contain your database connection resources? (e.g. $object->rs = mysql_connect(...);).

If so, consider using __sleep() and __wakeup() functions in your data objects (__sleep() is called immediately before serialization, __wakeup() immediately after de-serialization).

The __sleep() function should close any database or file resources while the __wakeup() function should reconnect to the database.

The PHP manual entry I linked above has an example of a class that manages a DB connection that is serializeable:

class Connection {
protected $link;
private $server, $username, $password, $db;

public function __construct($server, $username, $password, $db)
$this->server = $server;
$this->username = $username;
$this->password = $password;
$this->db = $db;

private function connect()
$this->link = mysql_connect($this->server, $this->username, $this->password);
mysql_select_db($this->db, $this->link);

public function __sleep()
return array('server', 'username', 'password', 'db');

public function __wakeup()

You can't properly serialize resources, such as file handles or database connections. You also can't serialize built-in PHP objects, though I'm not exactly sure what that covers.

On php.net/bas64_decode there is some mention of large strings not decoding well. Also, if you have unsupported character formats in the object it may cause problems.

  1. Make sure that you don't have any unsupported character formats in your objects
  2. Try and log how big the objects are that are being serialized

Gotta go with Tom on this one; to quote php.net/serialize:

The value to be serialized. serialize() handles all types, except the resource-type. You can even serialize() arrays that contain references to itself. Circular references inside the array/object you are serializing will also be stored. Any other reference will be lost.

As far as standard objects are concerned you shouldn't have a problem. Log the data you're getting after base64_encoding/decoding, then use the following line to check your data.

echo '<pre>'; print_r($decodedObject); echo '</pre>';

Are you storing the serialized data inside a database? If so, is the field large enough to hold the data? Base64 encoding adds about 1.3 times to the length of the string which would be truncated on some DB systems.

Category:php Views:0 Time:2009-08-27

Related post

  • post submit button value with serialize function for php validation 2013-07-09

    I need to post button value with serialize() function. problem is serialize() will not post button values. I have in my form SAVE, UPDATE, and DELETE buttons.Then PHP must know which button click to particular operation. I can get button value with c

  • What is PHP's serialize() function for? 2009-07-24

    I just learned about the serialize() andunserialize() functions. What are some uses for this? I know people serialize things to put into a database. Could you give me some example uses where it is helpful? I also see serialized code in javascript, is

  • Prototype serialize function is not recognized 2009-07-30

    I am working on using prototype to submit a simple login form: http://huddlee.homeip.net/danny/ For some reason, whenever I try using the serialize function of the form it says it cannot find the function even though the prototype library is clearly

  • Change values in form submitted and the JQuery serialize function 2009-10-10

    Please look at the following code. When the form gets submitted, is it actually submitting the values I have entered i.e. val(50) or at the point it serialzies does it just get data from the form on the actual html page? // stop all forms from submit

  • jQuery serialize function with multple forms 2009-11-10

    I'm using the jQuery .serialize function and can't get it to serialize the proper form on submit. my js code: function getquerystring(form) { return $("form").serialize(); } my forms: <div class="leave_message_box"> <form name="leave_message

  • Change serialization functions in PHP for Memcached 2009-11-29

    By default Memcached module in PHP uses PHP's built in serialization functions. Because I'm accesing the same keys from other programming languages, I have found a serialization module that works in all languages. How do I use my serialization module

  • JQuery serialize function with an empty input field that has a title attribute 2011-02-10

    I have the following form input field: <input type="text" value="" title="Enter item description" name="description"> When I call JQuery's serialize function on the containing form, it gives me the following: description=Enter+item+description

  • jQuery: serialize() function fails in IE $.get request? 2011-04-28

    Just ran into something weird. I have the following code: var SubmitHandler = function( target ){ // ..... code ... // target is an html form target = $( target ); // .... code .... //send get request $.get( target.attr( "action" ), target.serialize(

  • jQuery's serialize() function only returns the last selected checkbox value and not all of them! 2011-04-30

    $('form').serialize(); <label>Check what applies:</label> Laptop Owner: <input type="checkbox" name="applicable" value="laptop owner" /> <br /> Samsung Tv Lover: <input type="checkbox" name="applicable" value="Samsumg tv lo

  • PHP Serialize Function - Adding serialized data to mysql and then fetch and display 2012-03-21

    I want to know whether the PHP serialize function is 100% secure, also if we store serialized data into a database and want to do something after fetching it, will it be a nice way. For example:- I have a website with different user privileges, now i

  • serialize function for string values to use in jQuery ajax datastring 2010-02-28

    how to sanitize user inputs that you gather by jquery .val() so you can write it in a dataString... in the example you see below when user writes if some text that contains & the rest of the comment doesn't seem to work fine because it counts the

  • Is PHP serialize function compatible UTF-8? 2010-03-30

    I have a site I want to migrate from ISO to UTF-8. I have a record in database indexed by the following primary key : s:22:"Informations générales"; The problem is, now (with UTF-8), when I serialize the string, I get : s:24:"Informations générales";

  • How can I serialize functions using JSON or some other serialization library? 2010-05-08

    I am trying to create a program that uses javascript to write a simple textadventure that I can then post on my blog and run on my iphone. I have run into a problem though. I was trying to make it so that my program would save it's state into cookies

  • How to handle slashes in strings in arrays for serialize function in php? 2010-07-02

    I think the title says it, as well...but of course some more explanation assume i have an array containig strings. if one of my strings contains slashes, like "red/blue/green" there will be troubles when i use the serialize/unserialize function of ph

  • ,what is the use and benefit of Serialize() function in php 2011-06-02

    I know its Generates a storable representation of a value and used to access the objects across the php files but what if i dont use this function while storing the objects. --------------Solutions------------- Let's say you have some post data, but

  • Javascript array serialize function for use in php 2012-01-28

    I have this javascript function which converts a javascript array into a serialized string for use in php as array. function js_array_serialize(a) { var a_php = ""; var total = 0; for (var key in a) { ++ total; a_php = a_php + "s:" + String(key).leng

  • Email delivery failure in php mail function 2012-02-16

    I use PHP mail() function to send emails. Is it possible to found out if the email is sent or failed ? --------------Solutions------------- No it is not possible to determine if the email was received: Email is not a guaranteed delivery mechanism. Un

  • how to serialize function depending on what instance of object calls it, if same instance call in a thread then do serialize else not 2011-09-15

    I have a deposit function which is called by multiple clients at same time. I want the deposit function synchronized when same client (say client with id=someUniqueNo) calls it again but not synchronized when other client else call it ? How can I ach

  • Failure when using strtok_r function 2012-01-27

    Please help me fix the this code. I am lost with strtok function now. I get message "ISO C++ forbids comparison between pointer and integer" about the line "if (tokens[0] == "A")" if (started && ended) { char *p = inData; char *tokens[50]; in

Copyright (C) dskims.com, All Rights Reserved.

processed in 0.236 (s). 11 q(s)