开发者

YAML or serialize() to store data in MySQL

开发者 https://www.devze.com 2023-02-08 03:39 出处:网络
I am t开发者_JAVA百科rying store temporary data (such as cart products, session_data) in DB. And I choosed YAML for this instead of serialize() function. Because YAML data is easily readable by human

I am t开发者_JAVA百科rying store temporary data (such as cart products, session_data) in DB. And I choosed YAML for this instead of serialize() function. Because YAML data is easily readable by human and portable between programming languages.

Am I in trouble with YAML if I store my temprory data in database?


Personally I would use serialize for two reasons:

  1. Its included in PHP by default.
  2. What you put in is what you get out.

In regards to the second point. Serialize doesn't just convert to a string it records the type as well and PHP calls functions on objects so you can choose what to serialise and what do do with the data when you unserialise it.

See: __sleep and __wake

It may not be easy to read directly from the database but it wouldn't take two minutes to write a script that could pull it out, unserialise it and do a print_r on the data to view what's stored.


Personally, I wouldn't use YAML. It's too format-dependent (Requiring new lines, whitespace, etc) and there's no native parser in PHP. Instead, I'd use JSON for this. It's trivial to handle natively, and is quite human readable (no as much as YAML, but much more so than serialized). It's the best of both worlds.

But, with that said, you really should ask yourself the question as to why you want to store a serialized representation of a complex data structure in a field in the DB... For most cases, it might be better to store a normalized representation of the data (so it's searchable easily, etc). It's not "bad" to store serialized data, but it might not be optimal or the right choice depending on what you're trying to do. It's generally far better than using an Entity-Attribute-Value store, but you need to really think about what you're doing to decide if it's the right thing.


Just make sure you are escaping everything potentially dangerous i.e. user input and you are fine.

0

精彩评论

暂无评论...
验证码 换一张
取 消