1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
|
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.23 $ -->
<refentry xml:id="function.unserialize" xmlns="http://docbook.org/ns/docbook">
<refnamediv>
<refname>unserialize</refname>
<refpurpose>
Creates a PHP value from a stored representation
</refpurpose>
</refnamediv>
<refsect1 role="description">
&reftitle.description;
<methodsynopsis>
<type>mixed</type><methodname>unserialize</methodname>
<methodparam><type>string</type><parameter>str</parameter></methodparam>
</methodsynopsis>
<simpara>
<function>unserialize</function> takes a single serialized variable and
converts it back into a PHP value.
</simpara>
</refsect1>
<refsect1 role="parameters">
&reftitle.parameters;
<para>
<variablelist>
<varlistentry>
<term><parameter>str</parameter></term>
<listitem>
<para>
The serialized string.
</para>
<para>
If the variable being unserialized is an object, after successfully
reconstructing the object PHP will automatically attempt to call the
<function>__wakeup</function> member function (if it exists).
</para>
<para>
<note>
<title>unserialize_callback_func directive</title>
<para>
It's possible to set a callback-function which will be called,
if an undefined class should be instantiated during unserializing.
(to prevent getting an incomplete <type>object</type> "__PHP_Incomplete_Class".)
Use your &php.ini;, <function>ini_set</function> or &htaccess;
to define 'unserialize_callback_func'. Everytime an undefined class
should be instantiated, it'll be called. To disable this feature just
empty this setting.
</para>
</note>
</para>
</listitem>
</varlistentry>
</variablelist>
</para>
</refsect1>
<refsect1 role="returnvalues">
&reftitle.returnvalues;
<para>
The converted value is returned, and can be a <type>boolean</type>,
<type>integer</type>, <type>float</type>, <type>string</type>,
<type>array</type> or <type>object</type>.
</para>
<para>
In case the passed string is not unserializeable, &false; is returned and
<literal>E_NOTICE</literal> is issued.
</para>
</refsect1>
<refsect1 role="changelog">
&reftitle.changelog;
<para>
<informaltable>
<tgroup cols="2">
<thead>
<row>
<entry>&Version;</entry>
<entry>&Description;</entry>
</row>
</thead>
<tbody>
<row>
<entry>4.2.0</entry>
<entry>
The directive unserialize_callback_func became available.
</entry>
</row>
<row>
<entry>4.0.0</entry>
<entry>
When serializing an object, methods are not lost anymore.
Please see the
<link linkend="language.oop.serialization">Serializing Objects</link>
for more information.
</entry>
</row>
</tbody>
</tgroup>
</informaltable>
</para>
</refsect1>
<refsect1 role="examples">
&reftitle.examples;
<para>
<example>
<title><function>unserialize</function> example</title>
<programlisting role="php">
<![CDATA[
<?php
// Here, we use unserialize() to load session data to the
// $session_data array from the string selected from a database.
// This example complements the one described with serialize().
$conn = odbc_connect("webdb", "php", "chicken");
$stmt = odbc_prepare($conn, "SELECT data FROM sessions WHERE id = ?");
$sqldata = array($_SERVER['PHP_AUTH_USER']);
if (!odbc_execute($stmt, &$sqldata) || !odbc_fetch_into($stmt, &$tmp)) {
// if the execute or fetch fails, initialize to empty array
$session_data = array();
} else {
// we should now have the serialized data in $tmp[0].
$session_data = unserialize($tmp[0]);
if (!is_array($session_data)) {
// something went wrong, initialize to empty array
$session_data = array();
}
}
?>
]]>
</programlisting>
</example>
</para>
<para>
<example>
<title>unserialize_callback_func example</title>
<programlisting role="php">
<![CDATA[
<?php
$serialized_object='O:1:"a":1:{s:5:"value";s:3:"100";}';
// unserialize_callback_func directive available as of PHP 4.2.0
ini_set('unserialize_callback_func', 'mycallback'); // set your callback_function
function mycallback($classname)
{
// just include a file containing your classdefinition
// you get $classname to figure out which classdefinition is required
}
?>
]]>
</programlisting>
</example>
</para>
</refsect1>
<refsect1 role="notes">
&reftitle.notes;
<warning>
<para>
&false; is returned both in the case of an error and if unserializing
the serialized &false; value. It is possible to catch this special case by
comparing <parameter>str</parameter> with
<literal>serialize(false)</literal> or by catching the issued
<literal>E_NOTICE</literal>.
</para>
</warning>
</refsect1>
<refsect1 role="seealso">
&reftitle.seealso;
<para>
<simplelist>
<member><function>serialize</function></member>
</simplelist>
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-omittag:t
sgml-shorttag:t
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:1
sgml-indent-data:t
indent-tabs-mode:nil
sgml-parent-document:nil
sgml-default-dtd-file:"../../../../manual.ced"
sgml-exposed-tags:nil
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
End:
vim600: syn=xml fen fdm=syntax fdl=2 si
vim: et tw=78 syn=sgml
vi: ts=1 sw=1
-->
|
