Reputation: 1549
php session serialization
I have one server with php5.3 + nginx + php-fpm and second server with php5.3 + apache2. On both server in php.ini - session.serialize_handler = php. And on first server session is serializing like this:
onlineuser|a:2:{s:4:"user";O:8:"stdClass":81:{s:12:"category_ids";s:1:"2";s:2:"id";i:114756;s:5:"utype";i:2;s:6:"passwd";s:32:"...";.......}
And on second server session is serializing like this:
kP_xItrmVGDX_QFX-49QcYMf0nfnkEZrLSCLhypvPais0DkcFol7zblcQv_U2ET8X_ygrBglUuSGtH9T87nnE-5Nge3sFE0hdF6ZzO1Ba8mu12DAil5a18EPZAW3sb5tEELqaQK5ByGkomONxGUjmdSFkph4pMZR_2Dkg714SK7Wdh5ZZacdiZrGUXt4...............
It's look like serialization methods are different. Please advice how found out reason of this.
Upvotes: 3
Views: 1217
Answers (2)
Reputation: 736
Seems like you have Suhosin PHP extension installed at 2nd server. If yes, set the parameter "suhosin.session.encrypt" to "Off" in it's php.ini
Upvotes: 2
Reputation: 101614
I would check the PHP v5 Changelog, specifically I see:
- v5.3.3
- Fixed possible buffer overflows when handling error packets in mysqlnd. Reported by Stefan Esser. (Andrey)
- v5.2.14
- Fixed handling of session variable serialization on certain prefix characters. Reported by Stefan Esser (Ilia)
Gut instinct says it's the PHP engine, not the server it's hosted on, though it could also have to do with which binar(y/ies) and/or flags are loaded with the specific instance of PHP.
Are you working directly with the serialized data (which is why you're concerned with method)? I'm a little curious as to why if you are.
Upvotes: 1
Related Questions
- PHP Session Serialize Object
- Storing objects inside a session
- PHP Storing Sessions: Can't Seem to Serialize Session Variables
- Converting Session $data Into An Array?
- serializing objects in php to use in sessions
- php saving object in session
- How to unserialise the PHP SESSION serialised value?
- How to serialize/save a DOMElement in $_SESSION?
- PHP object serialization and Sessions
- Serialize / Deserialize / OOP