Comments (4)
I forgot to mention that I am running PHP 5.6.6.
Thanks.
from msgpack-php.
A five second scan and here is something dodgy already:
zend_hash_internal_pointer_reset_ex(htval, &valpos);
for (;; zend_hash_move_forward_ex(htval, &valpos))
The lib could probably be sped up with foreach a as v, k in C and the key check for non-existent removed altogether.
from msgpack-php.
# php -r 'echo msgpack_pack(["acl_user" => ["id"=>"NGwnGUqwsr","status"=>2]]);' | xxd
0000000: 81a8 6163 6c5f 7573 6572 82a2 6964 aa4e ..acl_user..id.N
0000010: 4777 6e47 5571 7773 72a6 7374 6174 7573 GwnGUqwsr.status
0000020: 02 .
# php -dsession.serialize_handler=msgpack -r 'session_start();$_SESSION=["acl_user" => ["id"=>"NGwnGUqwsr","status"=>2]]; echo session_encode();session_destroy();' | xxd
0000000: 82c0 01a8 6163 6c5f 7573 6572 82a2 6964 ....acl_user..id
0000010: aa4e 4777 6e47 5571 7773 72a6 7374 6174 .NGwnGUqwsr.stat
0000020: 7573 02 us.
It's specific to sessions and in php 5.4.
from msgpack-php.
So, this comes down to the fact that http_session_vars is a reference.
Later when this array is packed we pack the reference appropriately .
Since you are just passing these values to redis, and you don't need the ref 'extension type' you could/should(?) just use ini_set('msgpack.php_only', 0);
I made the following test case to confirm this behavior. Flip msgpack.php_only to see the changes.
ini_set('session.serialize_handler', 'msgpack');
ini_set('msgpack.php_only', 0);
$input = [
"acl_user" => [
"id"=>"NGwnGUqwsr",
"status"=>2
]
];
$std_serialize = msgpack_pack($input);
session_start();
$_SESSION = $input;
$session_serialize = session_encode();
session_destroy();
echo $std_serialize === $session_serialize ? 'OK' : 'ERROR', PHP_EOL;
echo bin2hex($std_serialize), PHP_EOL;
echo bin2hex($session_serialize), PHP_EOL;
I think this is a WONTFIX @laruence opinions? Everyone feel free to reopen if you aren't satisfied with this answer. Since we are dealing with outside deserialization this seems like the proper usage
from msgpack-php.
Related Issues (20)
- Unable to compile with PHP 7.4.0 on macOS 10.15.1 HOT 6
- Recursion encoded as NULL
- 034.phpt fails HOT 1
- Consider making MessagePackUnpacker cloneable
- Memory Consumption Problem in 2.1.0 HOT 1
- msgpack (un)pack error HOT 11
- try to compile from source by zts-phpize HOT 2
- php_add_session_var: symbol not found HOT 1
- More and more memory, there seems to be a leak HOT 1
- PHP 8 recursion
- my code is printed ,but out to show the garbled code, why? HOT 2
- How to get in touch about a security issue? HOT 2
- Support PHP 8.1's ZEND_ACC_NOT_SERIALIZABLE flag on zend_class_entries
- uint32 numbers are incorrectly serialized on Windows HOT 1
- PHP 8.2 - msgpack_check_ht_is_map assertion error in ZEND_HASH_FOREACH_BUCKET
- PHP 8.2: msgpack_unpack: Support deprecation of dynamic properties, forbid dynamic properties in `readonly` classes HOT 1
- MsgPack TS non TS fail HOT 5
- Compilation error reported HOT 3
- Question: release 2.2.0
- Serializing/Unserializing Enum
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from msgpack-php.