PHP 8.0.26 Released!

对象序列化

序列化对象 - 在会话中存放对象

所有php里面的值都可以使用函数serialize()来返回一个包含字节流的字符串来表示。unserialize()函数能够重新把字符串变回php原来的值。 序列化一个对象将会保存对象的所有变量,但是不会保存对象的方法,只会保存类的名字。

为了能够unserialize()一个对象,这个对象的类必须已经定义过。如果序列化类A的一个对象,将会返回一个跟类A相关,而且包含了对象所有变量值的字符串。 如果要想在另外一个文件中反序列化一个对象,这个对象的类必须在反序列化之前定义,可以通过包含一个定义该类的文件或使用函数spl_autoload_register()来实现。

<?php
// classa.inc:
  
  
class {
      public 
$one 1;
    
      public function 
show_one() {
          echo 
$this->one;
      }
  }
  
// page1.php:

  
include("classa.inc");
  
  
$a = new A;
  
$s serialize($a);
  
// 把变量$s保存起来以便文件page2.php能够读到
  
file_put_contents('store'$s);

// page2.php:
  
  // 要正确反序列化,必须包含下面一个文件
  
include("classa.inc");

  
$s file_get_contents('store');
  
$a unserialize($s);

  
// 现在可以使用对象$a里面的函数 show_one()
  
$a->show_one();
?>

在应用程序中序列化对象以便在之后使用,强烈推荐在整个应用程序都包含对象的类的定义。 不然有可能出现在反序列化对象的时候,没有找到该对象的类的定义,从而把没有方法的类__PHP_Incomplete_Class_Name作为该对象的类,导致返回一个没有用的对象。

所以在上面的例子中,当运行session_register("a"),把变量$a放在会话里之后,需要在每个页面都包含文件classa.inc,而不是只有文件page1.phppage2.php

除了以上建议,可以在对象上使用 __sleep()__wakeup() 方法对序列化/反序列化事件挂载钩子。 使用 __sleep() 也能够让你仅序列化对象的某些属性。

add a note

User Contributed Notes 4 notes

up
221
php at lanar dot com dot au
13 years ago
Note that static members of an object are not serialized.
up
27
michael at smith-li dot com
7 years ago
Reading this page you'd be left with the impression that a class's `serialize` and `unserialize` methods are unrelated to the `serialize` and `unserialize` core functions; that only `__sleep` and `__unsleep` allow you to customize an object's serialization interface. But look at http://php.net/manual/en/class.serializable.php and you'll see that there is a more straightforward way to control how a user-defined object is serialized and unserialized.
up
6
Anonymous
1 year ago
Until such time as these documents are updated, note that `session_register()` is not needed to automatically serialize & unserialize objects in sessions. Any objects in `$_SESSION` are serialized when the session is closed (via `session_write_close()` or upon script exit) & unserialized when opened (via `session_start()`). The note about including classes throughout an app (either by including the definition globally or autoloading it) still holds.
up
0
Yahia Fouda
12 days ago
This trick can be useful when you need to pass object data as strings of text between scripts and applications. Common situations include:

* Passing objects via fields in web forms
* Passing objects in URL query strings
* Storing object data in a text file, or in a single database field

and Sometimes it’s useful to do some cleaning up before serializing an object. For example, you might want to write unsaved object data to a database and close the database connection. Similarly, after you’ve unserialized an object, you might want to restore its database connection and perform other setup tasks so that the new object can be used properly.
To Top