欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

PHP7新特性—unserialize()过滤

程序员文章站 2022-07-12 18:55:14
...

http://www.runoob.com/php/php-filtered-unserialize.html

class MyClass1
{
    public $obj1prop;
}
class MyClass2
{
    public $obj2prop;
}

$obj1 = new MyClass1();
$obj1->obj1prop = 1;
$obj2 = new MyClass2();
$obj2->obj2prop = 2;

$serializeObj1 = serialize($obj1);
$serializeObj2 = serialize($obj2);

$data = unserialize($serializeObj1, ['allowed_classes'=>['MyClass1','MyClass2']]);
echo $data->obj1prop;     => 1

如果 allowed_classes 里没有MyClass1 到 echo 那就会报错 错误如下;
Notice: main(): The script tried to execute a method or access a property of an incomplete object. Please ensure that the class definition “MyClass1” of the object you are trying to operate on was loaded before unserialize() gets called or provide a __autoload() function to load the class definition

相关标签: unseralize过滤