How does serialize work php

Besides that, can anyone give an example of a situation that I need to serialize a php array before using it? A PHP array or object or other complex data structure cannot be transported or stored or otherwise used outside of a running PHP script. If you want to persist such a complex data structure beyond a single run of a script, you need to serialize it. That just means to put the structure into a "lower common denominator" that can be handled by things other than PHP, like databases, text files, sockets.

The standard PHP function serialize is just a format to express such a thing, it serializes a data structure into a string representation that's unique to PHP and can be reversed into a PHP object using unserialize. PHP and Javascript can only communicate via strings. You can pass the string "foo" very easily to Javascript. You can pass the number 1 very easily to Javascript. You can pass the boolean values true and false easily to Javascript.

But how do you pass this array to Javascript? The answer is serialization. But pretty much only PHP uses it, there's little support for this format anywhere else.

This is very common and well supported as well though:. There are many situations where you need to pass complex data structures around as strings. Serialization, representing arbitrary data structures as strings, solves how to do this. When you want to make your php value storable, you have to turn it to be a string value, that is what serialize does.

And unserialize does the reverse thing. Most storage mediums can store string types. They can not directly store a PHP data structure such as an array or object, and they shouldn't, as that would couple the data storage medium with PHP. Instead, serialize allows you to store one of these structs as a string. It can be de-serialised from its string representation with unserialize. DO NOT serialize data and place it into your database. Serialize can be used that way, but that's missing the point of a relational database and the datatypes inherent in your database engine.

Doing this makes data in your database non-portable, difficult to read, and can complicate queries. If you want your application to be portable to other languages, like let's say you find that you want to use Java for some portion of your app that it makes sense to use Java in, serialization will become a pain in the buttocks.

You should always be able to query and modify data in the database without using a third party intermediary tool to manipulate data to be inserted. It also has the added disadvantage of making it messy to search your database based on one of the fields that you've serialized. These methods are used to notify objects that they're being serialized or unserialized. Objects can be serialized if they do not have these methods; however, they won't be notified about the process. It should return an array containing the names of the data members that need be written into the bytestream.

If you return an empty array, no data is written. The method can take any action it requires, such as reopening database connections and other initialization tasks. Example is an object class, Log , which provides two useful methods: write to append a message to the logfile, and read to fetch the current contents of the logfile. Any other reference will be lost. This is to allow the object to do any last minute clean-up, etc.

These prepended values have null bytes on either side. Returns a string containing a byte-stream representation of value that can be stored anywhere. Note that this is a binary string which may include null bytes, and needs to be stored and handled as such.

Example 1 serialize example. Note : Note that many built-in PHP objects cannot be serialized. If an internal class does not fulfill any of those requirements, it cannot reliably be serialized. There are some historical exceptions to the above rule, where some internal objects could be serialized without implementing the interface or exposing the methods. When serialize serializes objects, the leading backslash is not included in the class name of namespaced classes for maximum compatibility.

Submit a Pull Request Report a Bug. Parameters value The value to be serialized. Return Values Returns a string containing a byte-stream representation of value that can be stored anywhere. Warning When serialize serializes objects, the leading backslash is not included in the class name of namespaced classes for maximum compatibility. DO NOT serialize data and place it into your database.

Serialize can be used that way, but that's missing the point of a relational database and the datatypes inherent in your database engine. Doing this makes data in your database non-portable, difficult to read, and can complicate queries. If you want your application to be portable to other languages, like let's say you find that you want to use Java for some portion of your app that it makes sense to use Java in, serialization will become a pain in the buttocks.

You should always be able to query and modify data in the database without using a third party intermediary tool to manipulate data to be inserted. I've encountered this too many times in my career, it makes for difficult to maintain code, code with portability issues, and data that is it more difficult to migrate to other RDMS systems, new schema, etc. The second line contains the urlencode d serialize d array, and is very hard to read.

Despite being hard to read, the latter is wholly web safe, and there much better to use. Once your array is in text form, you can do with it as you please. To return back to the original array, it needs to be urldecode d, then unserialize d, like this:. Author's Note: If you want to transfer binary data over the web, you should use rawurlencode and rawurldecode as opposed to urlencode and urldecode , as the raw versions are binary-safe.