ansaurus

Question

Dear Santa - Storing multi-lingual data in serialised php in mysql!

Answer 1

A:

Have you tried removing the 'mysql_real_escape_string' to see if the unserialize works?

Another thing you could try is base64 encoding on the serialised array.

<?php
    foreach ($component_data as $id => $value) {
      echo "UPDATE `components` SET `component_content`='".
        base64_encode(serialize($value)).
        "' WHERE `id` = '$id';\n";
    }
?>

And then base64_decode it and unserialise when you retrieve it.

xil3 2010-07-04 23:42:50

I just updated my answer.

xil3 2010-07-04 23:53:09

you should never remove `mysql_real_escape_string` from the query. if you just want to check if some function works as expected - `var_dump()` it.

zerkms 2010-07-04 23:57:14

@zerkms: Why the down vote? It was just a debugging suggestion - this is pathetic...

xil3 2010-07-04 23:59:05

@Dycey: Please take a look at my second suggestion (answer) - if you base64_encode it, it should fix your problem. I've used the same on some of my previous projects.

xil3 2010-07-05 00:01:49

@zerkms you should always remove `mysql_real_escape_string` and switch to something non-shitty enough to have placeholders ;)

hobbs 2010-07-05 00:03:27

Makes me wonder sometimes why I should bother even helping anyone when you get people like 'zerkms' criticising any efforts with their unhelpful opinions. @zerkms: If you have a better suggestion, please reply with an answer, so that I can criticise just as you did mine. My answer was purely meant for debugging - I never implied that they should permanently remove 'mysql_real_escape_string'. If you want my true opinion? You should use Zend_Db, which will do all the escaping for you, but I wanted to keep this simple and just help them debug the problem at hand.

xil3 2010-07-05 00:11:14

"My answer was purely meant for debugging" // again: if you just want to check if some function works as expected - `var_dump()` it. is it clear enough?

zerkms 2010-07-05 00:15:53

@hobbs: yeah, it is another solution, indeed ;-)

zerkms 2010-07-05 00:17:01

Yes, I use var_dump() a lot, and it's very useful in most circumstances, but in this circumstance it's easier just to remove 'mysql_real_escape_string' for a quick test to see if that's the problem. It may also be a problem with how the DB saves the data - sometimes it gets jumbled up when you serialise and save to a database. Anyways - either way, the best solution is to base64_encode the serialised data.

xil3 2010-07-05 00:21:37

@xil3: Works, but wastes space. I wouldn't call it the best solution.

Amadan 2010-07-05 05:57:34

Answer 2

A:

Thanks to everyone for their useful suggestions.

Actually, the problem turned out to be the mixture of stored textile (not markdown!) and multi-lingual utf-8. The solution to squeezing it into MySQL was a bit crufty. First run textile over the dataset to get it into html, and then munge it through the following, to handle encoding the foreign characters:

<?php
include 'data.php'; // contains component data similar to above.

foreach ($component_data as $id => $value) {
  foreach ($value as $language => $translation) {
    $value[$language] = str_replace(
      array("&lt;","&gt;"),
      array('<','>'), 
      htmlentities($translation, ENT_NOQUOTES, "UTF-8")
      );
  }
  echo "UPDATE `components` SET `component_content`='".mysql_real_escape_string(serialize($value))."' WHERE `id` = '$id';\n";
}

?>

The important bit was the ENT_NOQUOTES which meant a simple str_replace could deal with open and closing tags (no maths in the text thankfully), and the mysql_real_escape_string could handle the single quotes. Glad that's over.

Dycey 2010-07-05 23:34:41

ansaurus

tags:

views:

answers:

Dear Santa - Storing multi-lingual data in serialised php in mysql!

related questions