To unserialize a PHP session file, unserlize can not be used
directly.
The data must be split, as the php session file also
contains the names of the variables which
serialize/unserialize do not do. Here is a simple
preg_split that will acomplish the split.. (regex not
thuroughly tested, but should work for most all
circumstances)
<?php
$session = file_get_contents($session_file);
$data =
preg_split('/([A-Za-z_][A-Za-z0-9_]*)\|/',$session,-1,
PREG_SPLIT_DELIM_CAPTURE|PREG_SPLIT_NO_EMPTY);
?>
$data[0] will contain the variable name, and $data[1] will
contain the serialized data. so in effect
<?php
$$data[0] = unserialize($data[1]);
?>
will restore that one variable.
just go through the $data array evens being the variable
name, odd being the data. You can use this to create a
simple command line session viewer
----
Server IP: 64.71.164.2
Probable Submitter: 209.253.179.253
----
X-Spam-Status: No, hits=3.1 required=5.0
tests=DATE_MISSING,FROM_NO_LOWER
autolearn=no version=2.64
----
Manual Page -- h
ttp://www.php.net/manual/en/function.serialize.php
Edit -- http://master.p
hp.net/note/edit/63789
Del: integrated -- ht
tp://master.php.net/note/delete/63789/integrated
Del: useless -- http:
//master.php.net/note/delete/63789/useless
Del: bad code -- http
://master.php.net/note/delete/63789/bad+code
Del: spam -- http://m
aster.php.net/note/delete/63789/spam
Del: non-english -- h
ttp://master.php.net/note/delete/63789/non-english
Del: in docs -- http:
//master.php.net/note/delete/63789/in+docs
Del: other reasons-- http://master
.php.net/note/delete/63789
Reject -- http://master
.php.net/note/reject/63789
Search -- http://ma
ster.php.net/manage/user-notes.php
--
PHP Notes Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub
.php
|