Edit report at http://bugs.php.net/bug.php?id=55011&edit=1
ID: 55011
Updated by: scott...@php.net
Reported by: nicolas dot giraud at maileva dot com
Summary: serialize a private attribute give it a bad length
string
-Status: Open
+Status: Bogus
Type: Bug
Package: Class/Object related
Operating System: Windows XP SP3
PHP Version: 5.2.17
Block user comment: N
Private report: N
New Comment:
The null bytes aren't shown by your browser, but they are there. You can
unserialize() this value still and everything works.
Previous Comments:
------------------------------------------------------------------------
[2011-06-08 18:35:57] nicolas dot giraud at maileva dot com
Description:
------------
When you serialize an object with private or protected members, their length
names are baddly calculated (maybe because of "These prepended values [which]
have null bytes on either side" like the documentation says.
Anyway, this is a problem when you want to write your serialisation into a file
and analyse it next.
Note that I'm not using PHP 5.2.17 but 5.2.3. But I haven't read a fix of this
problem between both version.
Test script:
---------------
Here is an example:
class Ab {
private $_i = 0;
public function __construct() { $this->_i = 1; }
};
$oAB = new Ab();
$str = serialize($oAB);
echo $str;
Expected result:
----------------
O:2:"Ab":1:{s:4:"Ab_i";i:1;}
Actual result:
--------------
O:2:"Ab":1:{s:6:"Ab_i";i:1;}
Note the "s:6" instead of "s:4": this is why the unserialization from this
string is impossible.
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/bug.php?id=55011&edit=1
