1

I've been researching a bit but I cannot find any way of doing this...

I need to pass an instance of a complex PHP class (formed by properties, functions, arrays, etc.) between different pages. The variable of the object is called $Model; I've been trying to use the GET method and "serialize" / "unserialize", but I cannot retrieve the object in the new page...

I'm trying to pass the object as follows:

echo '<a href="index.php?modelobject='.serialize($Model).'">Pass Model Object</a>';

Then, I'm trying to retrieve it like this:

if(isset($_GET['modelobject'])) //$_GET when used in a link!
{
    $ModelObjPost = unserialize($_GET['modelobject']); //$_GET when used in a link!
    echo "POST: Model Object retrieved<br>";
    var_dump($ModelObjPost);
}

There could be some kind of problem with certain characters in the serialization (I'm not sure, though), as the link that should send the object sometimes gets printed as (and it is also recognized as a URL):

r";s:3:"new";b:0;}i:2;(... MORE STUFF ...)s:9:"dbModelId";s:1:"1";}">Pass Model Object

Should I try a completely different approach, or this method should work, but there is just something I'm doing wrong?

Thanks in advance for your time!

Improve this question
2
  • 2
    why you don't use sessions? Commented Jan 15, 2018 at 17:55
  • 1
    you might need to use urldecode to get the correct string. Without knowing exactly what's going on it's hard to give you a better alternative, but this is definitely not best practice and also not secure as the user can easily modify the serialized data sent to your server. Commented Jan 15, 2018 at 18:01

2 Answers 2

Reset to default
2

Warning: I would discourage serializing a class and placing the result in an end-user readable location. This probably reveals far more about your application than you should be disclosing publicly.

Let's clear up some terminology right up front. I assume you know this, but just to be clear... A class is both the code that defines the behavior you want for an object and data (properties). An instance is when you use the new keyword on a class to create a usable object using that class definition.

By the very nature of how PHP works (typically), all instances are unloaded and deleted after a page loads. It cannot survive in memory to be used on a second page.

Typically you would create a file that contains the class definition you're trying to pass between pages, and create a new instance of the class on each page.

If you're trying to keep state between pages, you should look at using sessions. If you choose to use sessions, and want to keep an instance of your class inside your session, keep in mind what I said above - it will be deleted and recreated between the pages. You will need to make sure your class is set up to reload everything it needs to operate. PHP provides for a "magic" method to do this: __wakeup() in this method, you will need to restore the object back to the same state it was in on the previous page load.

Other ways to pass data between pages (or page loads) would be arrays for HTTP GET or POST.

$data = array( 1,2,3,4, 'a' => 'abcd' );
$query = http_build_query(array('aParam' => $data));
$url = 'somepage.php?data=' . $query;

Forms may be created to pass arrays of data by utilizing array notation in the form field names

<form action="somepage.php" method="post">
    <input name="option[a][]" value="option a,0">
    <input name="option[a][]" value="option a,1">
    <input name="option[b][]" value="option b,0" />
    <input name="option[b][]" value="option b,1" />
    <input name="option[]" value="option 0" />
</form>

Access this data like this:

<?php

echo $option['a'][0];
echo $option['a'][1];
echo $option['b'][0];
// etc
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thanks, Tim! I've read a bit about sessions (I'm a rookie with PHP) and I think they could be really useful for what I need... In this case, though, as I'm just creating a sort of quick prototype for a project, I'm gonna go with the "urlencode" solution, but I'll take a look at the sessions to learn more about them! :)
0

Your two best options in this case would be to either:

  1. Use a $_SESSION variable. You could save the object as $_SESSION['Model'] and access that on each page that you need to use it. Be sure to call session_start(); on each of those pages to resume the session.
  2. Use urlencode(serialize($Model)) in the URL and use urldecode() on the next page to make sure that you don't have encoding issues in the URL. json_encode() and json_decode() would also be a good option for object to string serialization.
Improve this answer

2 Comments

Thanks, Ben! Sessions seem the right way to do it, but I'm on a really tight schedule (and just implementing a prototype, so security isn't an issue right now)... I've tried the "urlencode" and it does the job, so I'll stick with it. Thanks again! :)
Sounds good! Once you get past your proof of concept, you should definitely convert that to a session variable :)

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.