On 24 January 2015 02:28:07 GMT, Yasuo Ohgaki <yohg...@ohgaki.net> wrote: >I also would like to php_serialize handler as the default serializer >and >make php/php_binary deprecated. > >php/php_binary serializers are made to work with register_globals and >have >many limitations. >e.g. Integer key not allowed, key cannot start with number, delimiter >chars >are invalid and >ignored, etc. php_serialize does not have such limitations at all.
I'm in favour of this part. In the unlikely event that someone needs to access the same session data with PHP 5 and 7, they should be able to switch back to the old format, but for most users, plain serialise is a much more sensible format. An additional problem with the existing format is that there are no functions to work with it outside of the $_SESSION array, so you can't just unserialize a local copy. Regards, -- Rowan Collins [IMSoP] -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php