I want to know whether the PHP serialize function is 100% secure, also if we store serialized data into a database and want to do something after fetching it, will it be a nice way.

For example:- I have a website with different user privileges, now i want to store the permissions settings for a particular privilege to my database (This data i want to store is to be done through php serialize function), now when a user logs in i want to fetch this data and set the privilege for the customer.

Now i am ok to do this thing, what i want to know is, whether it is the best way to do or something more efficient can be done.

Also, i was going through php manual and found this code, can anybody explain me a bit what’s happening in this code:- [Specially why base64_encode is used?]

<?php 
mySerialize( $obj ) { 
return base64_encode(gzcompress(serialize($obj))); 
} 

myUnserialize( $txt ) { 
return unserialize(gzuncompress(base64_decode($txt))); 
} 
?>

Also if somebody can provide me their own code to show me to do this thing in the most efficient manner.

I have a problem, i have so many fields to take as privileges, now for say i have 45 modules for administrators and 30 modules for users to take under permissions/privileges. In future (as i am constantly working on this project) i will be adding more and more modules, lets say around 100 more, so how will i be able to define the privileges. And even i am adding a module to create customized groups having custom privileges. How will i achieve it, keeping efficiency in mind? Please help 😐

I AM NOT GOING TO USE SERIALIZED DATA FOR SEARCHING

My Database:-

Note:- Users privileges will be granted through : privileges_level

Note:- In privileges_permissions i want to add all the privileges in a serialized form.

Thanks.