Serialize this - Saving Objects in PHP

When building my website "Crossword Heaven" I came across a problem. I created a PHP object called "crossword" but needed to save the information in the object to a database. Now considering that this object contained a lot of information this was not an easy thing to do. Or was it?

The answer: serialize().

What the serialize() function does is take something like an array or object and converts it into a string that can be stored in a database. All I had to do so that I could save the crossword object is something like "serialize($crossword)." Easy! Some words of warning though. If you're using a version of PHP less than version 4 watch out because only properties get saved, not methods.

Here's a peek at the actual code:

$data = addslashes(serialize($crossword));
$name = $xwordInfo['xword_name'];

$today = date('Y-m-d H-i-s');

$sql = "INSERT INTO `xword` ( `xword_id` , `xword_obj` , `xword_name`, `xword_owner`, `xword_width`,
VALUES ('', '" . $data . "', '$name', '$owner', '$width', '$height', '$today');";

And here's the SQL to create the table 'xword':

CREATE TABLE `xword` (
`xword_id` int(11) NOT NULL auto_increment,
`xword_obj` blob NOT NULL,
`xword_name` varchar(100) NOT NULL default '',
`xword_owner` varchar(100) NOT NULL default '',
`xword_width` int(11) NOT NULL default '0',
`xword_height` int(11) NOT NULL default '0',
`xword_date` datetime NOT NULL default '0000-00-00 00:00:00',
PRIMARY KEY (`xword_id`)

You'll see that I used the addSlashes() function. That's because when the crossword object was serialized it contained characters like double quotes. These had to be escaped before the crossword could be saved to the database.

Now having saved a crossword object to a database I had to have a way to get it back. Surely, if there was a method to serialize an object there had to be one to unserialize an object, right? And yes, there is: unserialize().

As you'd expect, unserialize() works the same way as serialize(), but in the opposite direction. You give it some serialized data and it returns the thing that was serialized. To get the crossword back all I had to do was something like "unserialize($crosswordData)."

Here's a look at the code:

$xwordId = (get_magic_quotes_gpc()) ? $xwordId : addslashes($xwordId);

$sql = "SELECT xword_id, xword_obj, xword_name, xword_age from w3b_xword where xword_id=$xwordId";
$result = parent::getSQL($sql);
$row = parent::getRow($result);

$crossword = unserialize($row['xword_obj']);

And that's it. Obviously serialize() and unserialize() are pretty handy functions to have around. And in my case I couldn't do without them.

About the author:

Kevin Davies is the webmaster of Crossword Heaven ( - a site that lets you create and solve crosswords online. If you're a webmaster you can also link to crosswords. Crosswords are a great way to keep your visitors on your site and keep them returning.

Circulated by Article Emporium

More Information



Home Page

Web Hosting



What makes a web site lucrative

Using web templates

Web design panic no more

Site linking tips

Saving objects in PHP

QuarkXpress tips

Pretty Web sites or not

Page layouts and color

Artistic graphic designs

Great Banners

Enjoyable web page design

Build a web site that works

Breathtaking color power

10 Seconds all it takes

10 Prominent web site mistakes

Choosing a web host based on price

How to make your website a hit

How to optimize website graphics

Power of topical search engines

Top ten features of a good website

Writing a business website