re: Reading Serialized PHP VIEW POST

re: object - O:strlen(class name):class name:object size:{s:length:property name:property definition;(repeated per property)}

While I can appreciate and understand the semantics of noting (class name), I don't believe that is technically correct. As far as I know, you can't serialize a class without first instantiating it (unless perhaps doing something fancy with reflection). This instantiation is what creates an object, which is what is serialized. So I believe my example is accurate.


Look into serialized object. This name is a class name, not an object name. The object have no name.

OK, after thinking about it a bit more critically I see what you're saying and I agree you are correct.

To those wanting to follow along...
Since serialize is used to essentially instruct PHP on how to recreate a value/variable, it needs to know what class to instantiate a new object with. That is what Vlastimil is pointing out, that serialization isn't storing the name of the object, but rather a reference to which class it inherits its methods/properties from.

Code of Conduct Report abuse