php Erros

[birbal]

Notice: unserialize(): Error at offset 5 of 75 bytes in........this error is coming at the web server. but when i run it on my home server no errors are showing. i cant find the reson. some one please help me out

if(isset($_GET['regerr'])){		$geterror=unserialize($_GET['regerr']);echo "<div class='error'>";echo "<b> error list:</b><br/>";foreach($geterror as $value){echo $value;}echo "</div>";}

in this part error is poinitng

[justsomeguy]

The code isn't the problem, there's a problem in the data.

[birbal]

The code isn't the problem, there's a problem in the data.

whic type of problems is ocuring in data?.can you please illaborate it. the same code is running well in my pc.

[Synook]

The value you are passing in the querystring is not valid serialized PHP data.

[birbal]

The value you are passing in the querystring is not valid serialized PHP data.

$seterror=urlencode(serialize($errormsg));header("location:/index.php?regerr=$seterror");

this is the code form where the data is comingso where is the fault?

[Synook]

Well, you aren't urldecode()ing it.

[birbal]

Well, you aren't urldecode()ing it.

ohhh..ok. my fault. but still i am not getting why the probelm is showing only in onl9 server but not on my pc.btw thanks jsg and synook

[dsonesuk]

has display errors been disabled in php settings, on your pc.

[birbal]

index.php (error pointed at this part):

if(isset($_GET['regerr'])){		$geterror=unserialize(urldecode($_GET['regerr']));echo "<div class='error'>";echo "<b>Registration error:</b><br/>";foreach($geterror as $value)	{	echo $value;	}echo "</div>";}

change code with adding urldecode. but still getting same kind of errorError:1) Notice: unserialize(): Error at offset 5 of 510 bytes in.............online....1442) Warning: Invalid argument supplied for foreach().........online.....147Note:

has display errors been disabled in php settings, on your pc.

there is no errors in my error log also.i reapeat. strangely the same code is running in my pc without logging any errorsi am stucked. hope someone here to help me

[Synook]

Have you tried printing out $_GET['regerr'] to see what it contains?

[birbal]

Have you tried printing out $_GET['regerr'] to see what it contains?

here is the echo of $_GET['regerr']Output of $_GET['regerr']

a:2:{s:4:\"nick\";s:123:\"+ Nick only contain a-z,0-9,underscore(_),dot(.),dash(-). maximum 10 and minimum 3 letters are allowed.\";s:8:\"password\";s:148:\"+ password must be minimum 3 letter and maximum 20 letters..\";}

the data is coming from the source page. cause in the browser address place i can see the whole encoded data.

[birbal]

as the error saying i think the problem is occuring in unseralize()i use this code to check the data

<?php$op=unseralize("a:2:{s:4:\"nick\";s:123:\"+ Nick only contain a-z,0-9,underscore(_),dot(.),dash(-). maximum 10 and minimum 3 letters are allowed.\";s:8:\"password\";s:148:\"+ password must be minimum 3 letter and maximum 20 letters..\";}");if($op){//echo data is ok}else{//data is not ok}?>

and offcourse it is showing the data is not ok.php.net saying...In case the passed string is not unserializeable, FALSE is returned and E_NOTICE is issued. so any one please can tell me when a string does not unserializable? (but i serialised the data before sending it via get)why is it happening? i am confused with it. :/

[justsomeguy]

Use stripslashes to remove the slashes escaping the quotes. PHP is automatically adding those because magic quotes is probably enabled.http://www.php.net/manual/en/function.stripslashes.phpIf you want, you can use this function, this will get a value from $_POST or $_GET ($_POST takes priority), and it will trim the data and strip slashes if magic quotes is enabled:

/*get a variable from post or get*/function form_var($str){  $retval = '';  if (isset($_POST[$str]))	$retval = $_POST[$str];  elseif (isset($_GET[$str]))	$retval = $_GET[$str];  if (is_array($retval))  {	foreach ($retval as $k => $v)	{	  $retval[$k] = trim($v);	  if (get_magic_quotes_gpc())		$retval[$k] = stripslashes($v);	}  }  else  {	$retval = trim($retval);	if (get_magic_quotes_gpc())	  $retval = stripslashes($retval);  }  return $retval;}

e.g.:$regerr = form_var('regerr');

[birbal]

Use stripslashes to remove the slashes escaping the quotes. PHP is automatically adding those because magic quotes is probably enabled.http://www.php.net/manual/en/function.stripslashes.phpIf you want, you can use this function, this will get a value from $_POST or $_GET ($_POST takes priority), and it will trim the data and strip slashes if magic quotes is enabled:

/*get a variable from post or get*/function form_var($str){  $retval = '';  if (isset($_POST[$str]))	$retval = $_POST[$str];  elseif (isset($_GET[$str]))	$retval = $_GET[$str];  if (is_array($retval))  {	foreach ($retval as $k => $v)	{	  $retval[$k] = trim($v);	  if (get_magic_quotes_gpc())		$retval[$k] = stripslashes($v);	}  }  else  {	$retval = trim($retval);	if (get_magic_quotes_gpc())	  $retval = stripslashes($retval);  }  return $retval;}

e.g.:$regerr = form_var('regerr');

thaks jsg. i will try this code. Probable reason of the problem1) you are right magic quotes are on in my web server but its off in my pc2) my php version is 5.3 and my srver verison is 5.2. i found a article yesterday night . that was saying that there is some kind of bug in 5.2 in seralize method. which is fixed in 5.3. though i did not know that before or face that problem before

It turns out that if there's a ", ', :, or ; in any of the array values the serialization gets corrupted

http://php.net/1) last night i changed the code andi used some bas64_decode() and base64_encode() in the place of urldecode() urlencode(). i did base64_encode before sending the query. and in the reciver page i used base64_decode. when i echo it its returning the base64_decodeed string. but its getting stucked at the time of unseralize. i this case i also found a article that some restriction in base64 encode with some special chars. i have no breif knowledege on it. may you can give some info about it.2) is there any runtime config to stop magic quote?

[Synook]

http://www.php.net/manual/en/security.magi...s.disabling.php

[birbal]

http://www.php.net/manual/en/security.magi...s.disabling.php

thaks synook. can you give me the link for base64 restricted chahcrecter list or realted to it info?

[justsomeguy]

You can't actually disable magic quotes at runtime, because by the time PHP starts running magic quotes has already been applied. The function I posted and one of the examples on the manual page show how to check for magic quotes at runtime and deal with it. I wrote the function I posted so that I can get a value from $_POST or $_GET and it will be the same value regardless of whether or not magic quotes is on.