unserialize

Creates a PHP value from a stored representation

Syntax

unserialize ( string $str [, array $options ] ) : mixed

Parameters

str

The serialized string. If the variable being unserialized is an object, after successfully reconstructing the object PHP will automatically attempt to call the __unserialize() or __wakeup() methods (if one exists).

Note: unserialize_callback_func directive It's possible to set a callback-function which will be called, if an undefined class should be instantiated during unserializing. (to prevent getting an incomplete object "__PHP_Incomplete_Class".) Use your php.ini, ini_set() or .htaccess to define unserialize_callback_func. Everytime an undefined class should be instantiated, it'll be called. To disable this feature just empty this setting.

options

Any options to be provided to unserialize(), as an associative array.

Name Type Description
allowed_classes mixed Either an array of class names which should be accepted, FALSE to accept no classes, or TRUE to accept all classes. If this option is defined and unserialize() encounters an object of a class that isn't to be accepted, then the object will be instantiated as __PHP_Incomplete_Class instead. Omitting this option is the same as defining it as TRUE: PHP will attempt to instantiate objects of any class.

Return

The converted value is returned, and can be a boolean, integer, float, string, array or object. In case the passed string is not unserializeable, FALSE is returned and E_NOTICE is issued.

Examples

1

<?

// Here, we use unserialize() to load session data to the $session_data array from the string selected from a database. This example complements the one described with serialize().

$conn = odbc_connect("webdb", "php", "chicken");
$stmt = odbc_prepare($conn, "SELECT data FROM sessions WHERE id = ?");
$sqldata = array($_SERVER['PHP_AUTH_USER']);

if (!odbc_execute($stmt, $sqldata) || !odbc_fetch_into($stmt, $tmp)) {
    // if the execute or fetch fails, initialize to empty array
    $session_data = array();
} else {
    // we should now have the serialized data in $tmp[0]
    $session_data = unserialize($tmp[0]);
    if (!is_array($session_data)) {
        // something went wrong, initialize to empty array
        $session_data = array();
    }
}

?>

			
		

2

<?

$serialized_object='O:1:"a":1:{s:5:"value";s:3:"100";}';

ini_set('unserialize_callback_func', 'mycallback'); // set your callback_function

function mycallback($classname) {
    // just include a file containing your class definition
    // you get $classname to figure out which class definition is required
}

?>

			
		

boolval

debug_zval_dump

doubleval

empty

floatval

get_debug_type

get_defined_vars

get_resource_id

get_resource_type

gettype

intval

is_array

is_bool

is_callable

is_countable

is_double

is_float

is_int

is_integer

is_iterable

is_long

is_null

is_numeric

is_object

is_real

is_resource

is_scalar

is_string

isset

print_r

serialize

settype

strval

unset

var_dump

var_export

PHP

Home Menu