On Sat, 2009-01-03 at 14:12 +0100, Marcin Kurzyna wrote: > as you said it's saving the zend_function member that is tricky. i > thought i'd go with saving function string and recompiling it as you > suggested (i don't want to mess with APC although i find the idea of > opcode serialization much more appealing). anyway it's proving itself, > well... tricky ;-)
Two thoughts: - It can be quite tricky to keep the binding of "use"d variables correct - Serialized data soften used as data exchange format (for instance <http://developer.yahoo.com/common/phpserial.html>) the default unserialize shouldn't introduce executable code even though it's not executed by default we should be careful there. And yes, I can understand the need to serialize object structures, including closures, to sessions... johannes -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
