在php序列化格式(即数据在传输时防止格式类型丢失,先进行打包即序列化,完成传输后解包即反序列化)
序列化函数原型:string serialize ( mixed $value )
class CC {
public $data;
private $pass;
public function __construct($data, $pass)
{
$this->data = $data;
$this->pass = $pass;
}
}
$number = 34;
$str = ‘uusama‘;
$bool = true;
$null = NULL;
$arr = array(‘a‘ => 1, ‘b‘ => 2);
$cc = new CC(‘uu‘, true);
var_dump(serialize($number));
var_dump(serialize($str));
var_dump(serialize($bool));
var_dump(serialize($null));
var_dump(serialize($arr));
var_dump(serialize($cc));
输出结果
string(5) "i:34;"
string(13) "s:6:"uusama";"
string(4) "b:1;"
string(2) "N;"
string(30) "a:2:{s:1:"a";i:1;s:1:"b";i:2;}"
string(52) "O:2:"CC":2:{s:4:"data";s:2:"uu";s:8:" CC pass";b:1;}"
序列化对不同格式字符串结果不同
string:s:size:value
integer:i:value
boolean:b:value(即0或1)
array:a:size:{key:value;key:value}
object:o:strlen(object name):object name:object size:{s:strlen(property name):property name:property definition;}
注:序列化对象时,不会保存常量的值。对于父类中的变量,则会保留。
反序列化函数:mixed unserialize ( string $str )
unserialize()反序列化函数用于将单一的已序列化的变量转换回 PHP 的值。
E_NOTICEinteger``float、string、array或object__wakeup()成员函数(如果存在的话)
class User{
const SITE = ‘uusama‘;
public $username;
public $nickname;
private $password;
private $order;
public function __construct($username, $nickname, $password)
{
$this->username = $username;
$this->nickname = $nickname;
$this->password = $password;
}
// 定义反序列化后调用的方法
public function __wakeup()
{
$this->password = $this->username;
}
}
$user_ser = ‘O:4:"User":2:{s:8:"username";s:6:"uusama";s:8:"nickname";s:2:"uu";}‘;
var_dump(unserialize($user_ser));
结果:
object(User)#1 (4) {
["username"]=>
string(6) "uusama"
["nickname"]=>
string(2) "uu"
["password":"User":private]=>
string(6) "uusama"
["order":"User":private]=>
NULL
}
__wakeup()函数在对象被构建以后执行,所以$this->username的值不为空(为空则会绕过此函数,或反序列化时数据被改动也会绕过) 反序列化时,会尽量将变量值进行匹配并复制给序列化后的对象
原文:https://www.cnblogs.com/weak-chicken/p/12275900.html