Zend_Session: unserialize session data

Question

I'm using session SaveHandler to persist session data in the database.

Sample session_data column from the database:

Messenger|a:1:{s:13:"page_messages";a:0:{}}userSession|a:1:{s:7:"referer";s:32:"http://cms.dev/user/profile/view";}Zend_Auth|a:1:{s:7:"storage";O:19:"User_Model_Identity":3:{s:2:"id";s:1:"1";s:8:"username";s:13:"administrator";s:4:"slug";s:13:"administrator";}}

I want to delete Zend_Auth object from this session data.

How can I unserialize those objects and remove object I need?

I suspect, that I don't have to write my custom parser, that Zend_Session already has a method to do this. I have tried different combinations of unserialize but it still returns false.

I'm using autoloader from ZF 1.10.2 and Doctrine 1.2

Answer 1

The code below will work, it is not mine, but in essence what it does is split the session string apart using the pipe as a delimiter, the unserialize the split chunks individually.

The problem is that the build in unserialize function in php doesn't understand the concatenated serialization.

function unserialize_session_data( $serialized_string ) {
   $variables = array();
   $a = preg_split("/(\w+)\|/", $serialized_string, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE);
   for($i=0;$i<count($a);$i=$i+2){
       $variables[$a[$i]] = unserialize($a[$i+1]);
   }
   return($variables);
}