I store PHP data $_SESSIONin a database.
Then, from the Node.js server, I want to take this data and non-sterilize it.
I tried using js-php-unserialize as follows:
con.query('SELECT user_id, data ' +
'FROM sessions ' +
'WHERE session_id = ? AND session_id IS NOT NULL AND user_id IS NOT NULL'
, [tokenId] , function(queryError, rows){
if(queryError){
throw queryError;
}
console.log(rows[0].data);
return;
var data;
if(rows[0]){
data = PHPUnserialize.unserialize(rows[0].data);
var now = Math.floor(new Date() / 1000);
if(data.MA_IDLE_TIMEOUT < now){
throw 'The session Times out!';
}
if(myIP != data.MA_IP_ADDRESS){
throw 'This session have been hijacked!';
}
But this continues to throw this error:
SyntaxError: Unknown / Unhandled data type(s): m
at error (C:\Program Files\nodejs\node_modules\php-unserialize\php-unseriali
ze.js:54:13)
at _unserialize (C:\Program Files\nodejs\node_modules\php-unserialize\php-un
serialize.js:166:11)
at Object.unserialize (C:\Program Files\nodejs\node_modules\php-unserialize\
php-unserialize.js:173:10)
at C:\Program Files\nodejs\app.js:41:25
at Layer.handle [as handle_request] (C:\Program Files\nodejs\node_modules\ex
press\lib\router\layer.js:95:5)
at next (C:\Program Files\nodejs\node_modules\express\lib\router\route.js:13
1:13)
at Route.dispatch (C:\Program Files\nodejs\node_modules\express\lib\router\r
oute.js:112:3)
at Layer.handle [as handle_request] (C:\Program Files\nodejs\node_modules\ex
press\lib\router\layer.js:95:5)
at C:\Program Files\nodejs\node_modules\express\lib\router\index.js:277:22
at Function.process_params (C:\Program Files\nodejs\node_modules\express\lib
\router\index.js:330:12)
Here is the data I'm trying to execute without arithmetic:
MA_IP_ADDRESS|s:10:"10.0.4.195";MA_USER_AGENT|s:72:"Mozilla/5.0 (Windows NT 6.1;
WOW64; rv:40.0) Gecko/20100101 Firefox/40.0";MA_IDLE_TIMEOUT|i:1442101764;
How can I fix this problem?
source
share