PHP 5.4.33 Released

Das Serializable-Interface

(PHP 5 >= 5.1.0)

Einführung

Interface für benutzerdefiniertes Serialisieren.

Klassen, die dieses Interface implementieren, unterstützen __sleep und __wakeup nicht mehr. Die Methode serialize wird immer aufgerufen, wenn eine Instanz serialisiert werden muss. Dabei wird weder __destruct() aufgerufen noch irgend ein anderer Seiteneffekt erzeugt, es sei denn, ein solcher wird in der Methode serialize explizit erzeugt. Wenn die Daten deserialisiert werden, ist die Klasse bekannt und die passende unserialize()-Methode wird anstelle des Konstruktors __construct() aufgerufen. Falls notwendig, kann der Standardkonstruktor innerhalb von unserialize() aufgerufen werden.

Interface-Übersicht

Serializable {
/* Methoden */
abstract public string serialize ( void )
abstract public mixed unserialize ( string $serialized )
}

Beispiel #1 Basisnutzung

<?php
class obj implements Serializable {
    private 
$data;
    public function 
__construct() {
        
$this->data "Meine private-Daten";
    }
    public function 
serialize() {
        return 
serialize($this->data);
    }
    public function 
unserialize($data) {
        
$this->data unserialize($data);
    }
    public function 
getData() {
        return 
$this->data;
    }
}

$obj = new obj;
$ser serialize($obj);

var_dump($ser);

$newobj unserialize($ser);

var_dump($newobj->getData());
?>

Das oben gezeigte Beispiel erzeugt eine ähnliche Ausgabe wie:

string(42) "C:3:"obj":27:{s:19:"Meine private-Daten";}"
string(15) "Meine private-Daten"

Inhaltsverzeichnis

add a note add a note

User Contributed Notes 4 notes

up
8
Anonymous
3 years ago
You cannot throw an exception inside the serialize() method.  This will cause PHP to complain that you are not returning a string or NULL.

The best way to prevent the serialization of an object is to throw an Exception in the __sleep() method:

<?php
class Obj {
  public function
__sleep() {
    throw new
BadMethodCallException('You cannot serialize this object.');
  }
}
?>
up
3
marcos dot gottardi at folha dot REM0VE-THIS dot com dot br
2 years ago
Serializing child and parent classes:

<?php
class MyClass implements Serializable {
    private
$data;
   
    public function
__construct($data) {
       
$this->data = $data;
    }
   
    public function
getData() {
        return
$this->data;
    }
   
    public function
serialize() {
        echo
"Serializing MyClass...\n";
        return
serialize($this->data);
    }
   
    public function
unserialize($data) {
        echo
"Unserializing MyClass...\n";
       
$this->data = unserialize($data);
    }
}

class
MyChildClass extends MyClass {
    private
$id;
    private
$name;
   
    public function
__construct($id, $name, $data) {
       
parent::__construct($data);
       
$this->id = $id;
       
$this->name = $name;
    }
   
    public function
serialize() {
        echo
"Serializing MyChildClass...\n";
        return
serialize(
            array(
               
'id' => $this->id,
               
'name' => $this->name,
               
'parentData' => parent::serialize()
            )
        );
    }
   
    public function
unserialize($data) {
        echo
"Unserializing MyChildClass...\n";
       
$data = unserialize($data);
       
       
$this->id = $data['id'];
       
$this->name = $data['name'];
       
parent::unserialize($data['parentData']);
    }
   
    public function
getId() {
        return
$this->id;
    }
   
    public function
getName() {
        return
$this->name;
    }
}

$obj = new MyChildClass(15, 'My class name', 'My data');

$serial = serialize($obj);
$newObject = unserialize($serial);

echo
$newObject->getId() . PHP_EOL;
echo
$newObject->getName() . PHP_EOL;
echo
$newObject->getData() . PHP_EOL;

?>

This will output:

Serializing MyChildClass...
Serializing MyClass...
Unserializing MyChildClass...
Unserializing MyClass...
15
My class name
My data
up
-1
Olivier Pons
4 months ago
Here's the way you could implement serializable so that *ALL* descendant serialize themselves without the need of re-writing for all descendant the functions serialize() and unserialize().

Note : this will only serialize "visible" properties, this it won't serialize private descendant properties. If you dont want a property of a descendant to be serialized, make it private.

class Pot implements Serializable
{
    protected $_a;
    protected $_b;

    public function serialize()
    {
        return serialize(get_object_vars($this));
    }
    public function unserialize($data)
    {
        $values = unserialize($data);
        foreach ($values as $key=>$value) {
            $this->$key = $value;
        }
    }
}

And now one descendant:

class PotId implements Pot
{
    protected $_k;
}

class Pots implements PotId
{
    protected $_l;
}

$pots = new Pots();

and calling serialize($pots) will serialize all properties ($_a, $_b, $_k, $l).
up
-3
Anonymous
3 years ago
You can prevent an object getting unserialized by returning NULL. Instead of a serialized object, PHP will return the serialized form of NULL:

<?php
class testNull implements Serializable {
    public function
serialize() {       
        return
NULL;
    }
    public function
unserialize($data) {
    }
}

$obj = new testNull;
$string = serialize($obj);
echo
$string; // "N;"
?>

That's perhaps better than throwing exceptions inside of the serialize function if you want to prevent serialization of certain objects.
To Top