Don't be unfair with serialize() !

Hello my friends ,

Today I want to talk about Serialization .

Most of us as developers doesn't interested in serialization concept within developing process , we can say that serialization is the process of translating data structures or object state into a format that can be stored.

Others attack serialization it self 'IF WE CAN CREATE EXCELLENT DATABASE MODEL , SO WHY WE HAVE TO USE SERIALIZATION !?' .
Relational database (RD) model and serialization are very friends , RD doesn't allow multi-valued cell , and serialization handle that , you can store multidimensional array on one cell on your table as a string using serialization.

If you ignore relationships on your database model and only depend on serialized data so you are escaping from relational database concept,and if you ignore serialization generally  your result may be huge and complex model and that is not right.

The standard PHP function serialize is just a format to express such a thing, it serializes a data structure into a string representation that's unique to PHP and can be reversed into a PHP object using unserialize. There are many other formats though, like JSON or XML.

many built-in PHP objects cannot be serialized. However, those with this ability either implement the Serializable interface or the magic __sleep() and __wakeup() methods. If an internal class does not fulfill any of those requirements, it cannot reliably be serialized.

Example :

<?php// $session_data contains a multi-dimensional array with session
// information for the current user.  We use serialize() to store
// it in a database at the end of the request.$conn = odbc_connect("webdb", "php", "chicken");$stmt = odbc_prepare($conn,
      "UPDATE sessions SET data = ? WHERE id = ?");$sqldata = array (serialize($session_data), $_SERVER['PHP_AUTH_USER']);
if (!odbc_execute($stmt, $sqldata)) {
    $stmt = odbc_prepare($conn,
     "INSERT INTO sessions (id, data) VALUES(?, ?)");
    if (!odbc_execute($stmt, $sqldata)) {
        /* Something went wrong.. */
    }
}?>
 

Change database URLs may damage you site !

Every PHP developer especially  Wordpress developer facing this fact 'We changed our domain name !', the client(site owners) never mind what are the effects that will happen when the site Url change,only developers have to do adjustments to fix all bad effects.

Wordpress as CMD (Content Management System) uses serialized arrays to save options related to themes and other settings.

Every serialized array depend on content (String) and length (Integer) , when you change the URL by find and replace method manually you will change the string but not the length so you will put PHP in aproblem when it will refuse this serialized array and then you will not get the result.

This was my email to my manager , i told him what's happened with me when i was changed the database url manually from the Ubuntu terminal (Shell Commands)

When I was trying to publish the new site from this URL (newsite.hidded.com) to (hidden.com) ,there was a need to change the URLs on the database, so I used the find and replace tool manually .

The result was : a lot of widgets,menus and theme options were missing.

And after hard searching for this problem I found that : WordPress stores many options as "serialized data", which contains both the string content of things and their length. So when you modify the URL and the length changes, then the serialized data is no longer correct, and PHP rejects it.

So if you want to change database URLs safely you have to use tool like this.

Best Regardes ..

Hussam Hussien