在php序列化格式(即数据在传输时防止格式类型丢失,先进行打包即序列化,完成传输后解包即反序列化)
序列化函数原型:string serialize ( mixed $value )
class CC {
public $data;
private $pass;
public function __construct($data, $pass)
{
$this->data = $data;
$this->pass = $pass;
}
}
$number = 34;
$str = 'uusama';
$bool = true;
$null = NULL;
$arr = array('a' => 1, 'b' => 2);
$cc = new CC('uu', true);
var_dump(serialize($number));
var_dump(serialize($str));
var_dump(serialize($bool));
var_dump(serialize($null));
var_dump(serialize($arr));
var_dump(serialize($cc));
输出结果
string(5) "i:34;"
string(13) "s:6:"uusama";"
string(4) "b:1;"
string(2) "N;"
string(30) "a:2:{s:1:"a";i:1;s:1:"b";i:2;}"
string(52) "O:2:"CC":2:{s:4:"data";s:2:"uu";s:8:" CC pass";b:1;}"
序列化对不同格式字符串结果不同
string:s:size:value
integer:i:value
boolean:b:value(即0或1)
array:a:size:{key:value;key:value}
object:o:strlen(object name):object name:object size:{s:strlen(property name):property name:property definition;}
注:序列化对象时,不会保存常量的值。对于父类中的变量,则会保留。
反序列化函数:mixed unserialize ( string $str )
unserialize()反序列化函数用于将单一的已序列化的变量转换回 PHP 的值。
- 如果传递的字符串不可解序列化,则返回 FALSE,并产生一个
E_NOTICE - 返回的是转换之后的值,可为
integer``float、string、array或object - 若被反序列化的变量是一个对象,在成功重新构造对象之后,PHP会自动地试图去调用
__wakeup()成员函数(如果存在的话)class User{ const SITE = 'uusama'; public $username; public $nickname; private $password; private $order; public function __construct($username, $nickname, $password) { $this->username = $username; $this->nickname = $nickname; $this->password = $password; } // 定义反序列化后调用的方法 public function __wakeup() { $this->password = $this->username; } } $user_ser = 'O:4:"User":2:{s:8:"username";s:6:"uusama";s:8:"nickname";s:2:"uu";}'; var_dump(unserialize($user_ser));结果:
object(User)#1 (4) { ["username"]=> string(6) "uusama" ["nickname"]=> string(2) "uu" ["password":"User":private]=> string(6) "uusama" ["order":"User":private]=> NULL }__wakeup()函数在对象被构建以后执行,所以$this->username的值不为空(为空则会绕过此函数,或反序列化时数据被改动也会绕过) 反序列化时,会尽量将变量值进行匹配并复制给序列化后的对象