Collectives™ on Stack Overflow

Find centralized, trusted content and collaborate around the technologies you use most.

Teams

Q&A for work

Connect and share knowledge within a single location that is structured and easy to search.

I wrote a package for subdomain localization. But out of nowhere decrypting cookies is not working anymore.

My locale test website was working, but I needed to unsecure it to use Laravel valet share. Now when I changed it to valet secure again, my website does not work anymore. I get the ErrorException:

unserialize(): Error at offset 0 of 2 bytes
//Illuminate/Encryption/Encrypter.php
Row 149.  return $unserialize ? unserialize($decrypted) : $decrypted;
I don't know why. I did not change my app_key, I deleted all cookies for my page but still, it does not work (and it worked perfectly for the last 3 weeks).
If you have a look here or the shortened code:
 return decrypt(request()->cookie('tongue-locale'));
You see that I'm decrypting my content of the cookie. If you are curious why I need to decrypt my cookie, that is because the middleware "\App\Http\Middleware\EncryptCookies::class," is kicking later in.
Does anyone know why it is not working?
I don't know what happened, but I needed to change my code into this:
app('encrypter')->decrypt(request()->cookie(self::COOKIE), false);
With "false" the unserialize is ignored. But still, I would love to know why it is not working.
If you translate this part 
return $unserialize ? unserialize($decrypted) : $decrypted;
with variables $unserialize = true and $decrypted = "de" it's clear that it fails, but I wonder why it did not before..
                Guy you saved my life! It's very weird since it worked perfect for me until I've done composer update, maybe is something related to the version... Thank you!
– Juli15
                Sep 10, 2018 at 21:20
                @Juli15 If I remember correctly Laravel did change it because of a security reason. So that was the reason it did not work after the composer update. They added this unserialize part. Happy that it worked for you too :)
– Philipp Mochine
                Sep 11, 2018 at 6:54
I fixed the issue using this solutions: https://laravel.com/docs/5.6/upgrade#upgrade-5.6.30
Add this line:
protected static $serialize = true;
To app\Http\Middleware\EncryptCookies.php
In my case.. I was already using 'encrypt()' and 'decrypt()' functions and \App\Http\Middleware\EncryptCookies::class, was doing it again and messing things up!
I removed it from the 'web' array in the $middlewareGroups variable in Kernel.php
/headbangs
        
Thanks for contributing an answer to Stack Overflow!
Please be sure to answer the question. Provide details and share your research!
But avoid …
Asking for help, clarification, or responding to other answers.
Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.