if youre trying to get around quotes and special characters in your JSON.stringify(obj) ,you can do so in PHP using it's database-specific escaping methods.

<?php
mysql_real_escape_string(htmlspecialchars($value))
?>

you can now store this safely and decode it when you read it back out

JSON is more portable, i.e. you can more easily read/write to it from different languages etc. If you used PHP serialized arrays you would only be able to easily use PHP to access it.

Pro JSON:

• The JSON data can be used by many different languages, not just PHP
• JSON data is human readable and writable.
• It takes up less space
• It is faster to encode JSON than to serialize

Pro Serialized Array:

• It is faster do unserialize than to JSON decode

As the comments indicate, JSON takes up less space than a serialize array. I also checked whether JSON or Serializing is faster, and surprisingly, it is faster to JSON encode than to Serialize. It is faster to unserialize than to JSON decode though.

This is the script I used to test:

<?php 
function runTime(){
      $mtime = microtime(); 
      $mtime = explode(' ', $mtime); 
      $mtime = $mtime[1] + $mtime[0]; 
      return $mtime; 
}
?> 
<pre>
<?php
$start = runTime();

$ser;

for($i=0; $i<1000; $i++){
    $a = array(a => 1, x => 10);
    $ser = serialize($a);
}
$total = runTime() - $start;
echo "Serializing 1000 times took \t$total seconds";
?>

<?php
$start = runTime();

$json;

for($i=0; $i<1000; $i++){
    $a = array(a => 1, x => 10);
    $json = json_encode($a);
}
$total = runTime() - $start;
echo "JSON encoding 1000 times took \t$total seconds";
?>

<?php
$start = runTime();

$ser;

for($i=0; $i<1000; $i++){
    $a = unserialize($ser);
}
$total = runTime() - $start;
echo "Unserializing 1000 times took \t$total seconds";
?>

<?php
$start = runTime();

$json;

for($i=0; $i<1000; $i++){
    $a = json_decode($json);
}
$total = runTime() - $start;
echo "JSON decoding 1000 times took \t$total seconds";
?>
</pre>

JSON beats serialization as most answers already pointed out. I think the biggest advantage is its platform independency. You might have other applications communicate with you database and they might not have anything to do with php.

But both solutions violate database normalization. You database will not even be in first normal form so you cannot take advantage of any database feature like, say, searching. A better approach is to use object relational mapping. There are good libraries out there - consider for example doctrine ORM.

Use json for for arrays and communication with Javascript or other language. Use serialize for object or any internal PHP work for the current running script.

I just had this big problem with php serialize. I stored a lot of data in a single field in which i used unserialize to read.

What happened is that I got some corrupt data in that field. Serialize map the data with codes like 'a','s' and 'N'. If there is corrupt data, the map failed. It will show a php error that the unserialize function is unable to work because of byte code error.

So my point is to avoid serialize. Go with JSON, way safer and you won't bang your head on future majors problems.

For me, no more serialize.