migrate dynamic group search from serialized to JSON format

stonebuzz · trasher · commit 08c7055d2c5f · 2025-11-25T15:05:33.000+01:00
diff --git a/front/computergroup.form.php b/front/computergroup.form.php
@@ -119,13 +119,12 @@
     // save search parameters for dynamic group
     if (isset($_GET['save'])) {
         $input  = ['plugin_databaseinventory_computergroups_id' => $_GET['plugin_databaseinventory_computergroups_id']];
-        $search = serialize([
-            'is_deleted'   => $_GET['is_deleted'] ?? 0 ,
+        $search = json_encode([
+            'is_deleted'   => $_GET['is_deleted'] ?? 0,
             'as_map'       => $_GET['as_map'] ?? 0,
             'criteria'     => $_GET['criteria'],
             'metacriteria' => $_GET['metacriteria'] ?? [],
-        ]);
-
+        ], JSON_THROW_ON_ERROR);
         if (!$computergroup_dynamic->getFromDBByCrit($input)) {
             $input['search'] = $search;
             $computergroup_dynamic->add($input);
diff --git a/inc/computergroup.class.php b/inc/computergroup.class.php
@@ -199,7 +199,7 @@ public function countDynamicItem()
 
         $iterator = $DB->request($params);
         foreach ($iterator as $computergroup_dynamic) {
-            $search_params = Search::manageParams('Computer', unserialize($computergroup_dynamic['search']));
+            $search_params = Search::manageParams('Computer', json_decode($computergroup_dynamic['search'], true, 512, JSON_THROW_ON_ERROR));
             $data          = Search::prepareDatasForSearch('Computer', $search_params);
             Search::constructSQL($data);
             Search::constructData($data);
diff --git a/inc/computergroupdynamic.class.php b/inc/computergroupdynamic.class.php
@@ -95,7 +95,11 @@ public static function getSpecificValueToDisplay($field, $values, array $options
                 $value = ' ';
                 $out   = ' ';
                 if (!str_contains((string) $values['id'], Search::NULLVALUE)) {
-                    $search_params = Search::manageParams('Computer', unserialize($values['search']));
+                    $search_params = Search::manageParams('Computer',
+                        json_decode($values['search'], true, 512, JSON_THROW_ON_ERROR)
+                    );
+
+
                     $data          = Search::prepareDatasForSearch('Computer', $search_params);
                     Search::constructSQL($data);
                     Search::constructData($data);
@@ -160,7 +164,10 @@ public static function displayTabContentForItem(CommonGLPI $item, $tabnum = 1, $
 
     private function countDynamicItems()
     {
-        $search_params = Search::manageParams('Computer', unserialize($this->fields['search']));
+        $search_params = Search::manageParams('Computer',
+            json_decode($this->fields['search'], true, 512, JSON_THROW_ON_ERROR)
+        );
+
         $data          = Search::prepareDatasForSearch('Computer', $search_params);
         Search::constructSQL($data);
         Search::constructData($data);
@@ -171,7 +178,8 @@ private function countDynamicItems()
     public function isDynamicSearchMatchComputer(Computer $computer)
     {
         // add new criteria to force computer ID
-        $search               = unserialize($this->fields['search']);
+        $search = json_decode($this->fields['search']);
+
         $search['criteria'][] = [
             'link'       => 'AND',
             'field'      => 2, // computer ID
@@ -206,7 +214,10 @@ private static function showForItem(PluginDatabaseinventoryComputerGroup $comput
             if ($computergroup_dynamic->getFromDBByCrit([
                 'plugin_databaseinventory_computergroups_id' => $ID,
             ])) {
-                $p = Search::manageParams('Computer', unserialize($computergroup_dynamic->fields['search']));
+                $p = Search::manageParams('Computer',
+                    json_decode($computergroup_dynamic->fields['search'], true, 512, JSON_THROW_ON_ERROR)
+                );
+
                 $search_params = $p;
                 $firsttime = false;
             } else {
@@ -283,6 +294,36 @@ public static function install(Migration $migration)
                 ) ENGINE=InnoDB DEFAULT CHARSET={$default_charset} COLLATE={$default_collation} ROW_FORMAT=DYNAMIC;
 SQL;
             $DB->doQuery($query);
+        } else {
+
+            // search field migration from serialized to json
+            $result = $DB->doQuery("SELECT `id`, `search` FROM `" . $table . "` WHERE `search` NOT LIKE '{%'");
+
+            while ($data = $DB->fetchAssoc($result)) {
+                $id = $data['id'];
+                $search = $data['search'];
+                $json_search = json_encode([]); // default value in case of error
+
+                try {
+                    $unserialized = @unserialize($search, ['allowed_classes' => false]);
+
+                    if ($unserialized !== false) {
+                        $json_search = json_encode($unserialized, JSON_THROW_ON_ERROR);
+                    }
+                } catch (Throwable $e) {
+                    $migration->displayMessage(
+                        "DatabaseInventory - Invalid serialized data for DynamicGroup ID {$id}, data will be reset."
+                    );
+                    continue;
+                }
+
+                $DB->update(
+                    $table,
+                    ['search' => $json_search],
+                    ['id' => $id]
+                );
+            }
+
         }
     }
 
