Shulou(Shulou.com)06/01 Report--

This article introduces the relevant knowledge of "the concept and usage of PHP deserialization". In the operation of actual cases, many people will encounter such a dilemma, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

1. First of all, understand serialization and deserialization

Serialization: mainly converts the variable to a string. Serializing an object will save all the variables of the object, but will not save the method of the object, only the name of the class. At the end of the execution of the program, the in-memory data will be destroyed immediately, the data stored in the variable is the in-memory data, and the file and database are "persistent data", so PHP serialization is the process of "saving" the in-memory variable data to the persistent data in the file. It is convenient to save and transfer, and it can save space.

Deserialization: mainly at a specific time to convert the contents of the serialization to a string and then to the original variable to continue to use, which is simply understood to be the process of serializing the data stored in the file, restoring to the variable representation of the program code, and returning to the result before variable serialization.

two。 Function

The main functions related to PHP deserialization are: serialize () and unserialize ()

Where serialize () can convert a variable to a string and save the value of my variable during the conversion process.

Unserialize () 2 can convert the string converted by serialize () into a variable.

3. Content

Mainly include: classes, variables, methods, objects (such as the following figure)

4.PHP magic function

_ _ construct is called when an object is created

_ _ destruct is called when an object is destroyed

_ _ toString when an object is called as a string.

Triggered when _ _ wakeup () uses unserialize

Triggered when _ _ sleep () uses serialize

Triggered when the _ _ destruct () object is destroyed

Triggered when _ _ call () calls an inaccessible method in the context of an object

Triggered when _ _ callStatic () calls an inaccessible method in a static context

_ _ get () is used to read data from inaccessible attributes

_ _ set () is used to write data to inaccessible properties

_ _ isset () triggers by calling isset () or empty () on an inaccessible attribute

Triggered when _ _ unset () uses unset () on an inaccessible attribute

Triggered when _ _ toString () uses a class as a string, and the return value needs to be a string

_ _ invoke () triggers when a script attempts to call an object as a function

Show: serialization

Orlando 4: "User": 2: {SRAR3: "age"; iRAPR 20: "name"; SPL4: "daye";}

Object type: length: "class name": number of variables in the class: {Type: length: "value"; type: length: "value";.}

Deserialization

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.