Regex/ code to fix corrupt serialized PHP data.
Solution 1:
This is recalculating the length of the elements in a serialized array:
$fixed = preg_replace_callback(
'/s:([0-9]+):\"(.*?)\";/',
function ($matches) { return "s:".strlen($matches[2]).':"'.$matches[2].'";'; },
$serialized
);
However, it doesn't work if your strings contain ";
. In that case it's not possible to fix the serialized array string automatically -- manual editing will be needed.
Solution 2:
Solution:
1) try online:
Serialized String Fixer (online tool)
2) Use function:
unserialize(
serialize_corrector(
$serialized_string ) ) ;
code:
function serialize_corrector($serialized_string){
// at first, check if "fixing" is really needed at all. After that, security checkup.
if ( @unserialize($serialized_string) !== true && preg_match('/^[aOs]:/', $serialized_string) ) {
$serialized_string = preg_replace_callback( '/s\:(\d+)\:\"(.*?)\";/s', function($matches){return 's:'.strlen($matches[2]).':"'.$matches[2].'";'; }, $serialized_string );
}
return $serialized_string;
}
there is also this script, which i haven't tested.
Solution 3:
I have tried everything found in this post and nothing worked for me. After hours of pain here's what I found in the deep pages of google and finally worked:
function fix_str_length($matches) {
$string = $matches[2];
$right_length = strlen($string); // yes, strlen even for UTF-8 characters, PHP wants the mem size, not the char count
return 's:' . $right_length . ':"' . $string . '";';
}
function fix_serialized($string) {
// securities
if ( !preg_match('/^[aOs]:/', $string) ) return $string;
if ( @unserialize($string) !== false ) return $string;
$string = preg_replace("%\n%", "", $string);
// doublequote exploding
$data = preg_replace('%";%', "µµµ", $string);
$tab = explode("µµµ", $data);
$new_data = '';
foreach ($tab as $line) {
$new_data .= preg_replace_callback('%\bs:(\d+):"(.*)%', 'fix_str_length', $line);
}
return $new_data;
}
You call the routine as follows:
//Let's consider we store the serialization inside a txt file
$corruptedSerialization = file_get_contents('corruptedSerialization.txt');
//Try to unserialize original string
$unSerialized = unserialize($corruptedSerialization);
//In case of failure let's try to repair it
if(!$unSerialized){
$repairedSerialization = fix_serialized($corruptedSerialization);
$unSerialized = unserialize($repairedSerialization);
}
//Keep your fingers crossed
var_dump($unSerialized);