Use json_encode instead of serialize #20
Description
I noticed that you're using serialize() / unserialize() for passing the result data through to the CSV output page.
I would suggest using json_encode() instead, as unserialize() has some nasty security issues when used with input data direct from the client. The data can be encoded as JSON just as easily and without those kinds of issues.
(I know this is a testing tool and shouldn't be exposed where security would be an issue, but it's still better to fix stuff like this 😄 )