We have seen serialization/unserialization of common types in article : Serialization / Unserialization in PHP - I
Here, we would see object serialization. When objects are serialized, PHP looks for a member function __sleep() within the object before it actually does the serialization. So, we can write various clean-up jobs ( like close file pointers, close DB connections, close any open sockets, close any streams, free any used memory, free unused variables, destroy other related objects etc ) inside this function __sleep(). We need to remember that all the private and public properties inside object are serialized.
Similarly, when the serialized format is restored to Object through the function unserialize(), PHP calls __wakeup() member function (if exists) after it is finished with re-constructing the object. We can write various jobs ( restore DB connections, open files which the object works with etc ) inside this function __wakeup().
Let's check a code where object is serialized.
<?php
// Define a Class
class MyClass
{
// private properties
private $data1;
private $data2;
// protected properties
protected $data3;
protected $data4;
// public properties
public $data5;
public $data6;
public function __construct()
{
// Initialize private properties
$this->data1 = "\r\n";
$this->data2 = NULL;
// Initialize protected properties
$this->data3 = NULL;
$this->data4 = "400";
// Initialize public properties
$this->data5 = "500";
$this->data6 = "600";
}
// __sleep()
public function __sleep()
{
echo "__Sleep called";
// within __sleep(), all the clean-up jobs
// can be included. Along with that, it also
// needs to return name of the properties
// to be serialized in an array format
return array("data1", "data2", "data3", "data4", "data5", "data6");
}
// __wakeup
public function __wakeup()
{
echo "__wakeup called";
}
public function display()
{
// Display all the properties
// We used a simple Loop
for($i=1;$i<=6;$i++)
{
echo "<br>" . $this->{"data$i"} ;
}
}
}
// Create Object
$obj = new MyClass;
// Serialize it
$ser = serialize($obj);
// See what happened after serialization
echo "$ser";
// Unserialize it to restore the
// data/properties in a new object
$p = unserialize($ser);
// $p is the new Object, hence
// call a member function
$p->display();
?>
The above code defines a class called "MyClass", which includes 3 private and 3 public properties and __wakeup(), __sleep() methods. It also includes a method called display() which shows the values in all the properties. The __wakeup() method should return all the properties which need to be serialized within an array. The __wakeup() function does not have such restrictions.
The above program can run without the __sleep() and __wakeup() methods. In that case the clean-up jobs etc can't be defined and we can't define/select properties which need to be serialized. In that case PHP serializes all the properties within that object.
When serializing the private properties within the object, the class name is prepended to the property name. Protected properties get an asterisk '*' prepended to their names. Such prepended values have Null bytes padded on both sides.
The code above produces 2 outputs, first is the serialized text of the object, second a list of property values in object $p which is created during the unserialization process of the stored representation we generated when $obj was serialized. Let's check the first output rendered on browser.
O:7:"MyClass":6:{s:14:"MyClassdata1";s:2:" ";s:14: "MyClassdata2";N;s:8:"*data3";N;s:8:"*data4";s:3:"400"; s:5:"data5";s:3:"500";s:5:"data6";s:3:"600";}
O:7:"MyClass":6: means Object having name "MyClass" (length:7) with 6 properties
s:14:"MyClassdata1";s:2:" "; means private property "MyClassdata1" (string, length:14) holds a string (length:2) value " ". Class name "MyClass" is prepended to Private properties. The value " " is text representation rendered on browser, actually it contains '\r\n'. As class name "\0MyClass\0" (padded by Null bytes on both side) was prepended to "data1" making it to "\0MyClass\0data1", the length of the new string is 14 ( 12 of "MyClassdata1" + 2 NULL bytes ) .
s:14:"MyClassdata2";N; means private property "MyClassdata2" (string length 14) holds a NULL value;
s:8:"*data3";N; means protected property "*data3" (string length 8 including NULL bytes on both side) holds NULL value
s:8:"*data4";s:3:"400"; means protected property "*data4" holds string (length:3) value "400"
s:5:"data5";s:3:"500"; means public property "data5" holds string (length:3) value "500"
s:5:"data6";s:3:"600"; means public property "data6" holds string (length:3) value "600"
Next part of the program is the unserialization part where we call the unserialize() function to restore an object from the stored representation $ser. And as a result, we create new object $p of type "MyClass" (The serialized data starts with "O:7:"MyClass"). Hence the call $p->display() calls the member function display() which iterates through all the properties inside the $p object and prints them on screen.
In such cases where object of undefined class to be created during unserialization, it creates object of "stdClass". Check the example below :
<?php
// an Array is being converted to Object
$o = (object) array("name" => "chandan");
// Serialize
$ser = serialize($o);
// Unserialize would instatiate
// Object of class PHP default 'stdClass'
$po = unserialize( $ser );
// Print the new object details
var_dump($po);
// Access member properties
echo "Hello {$po->name}";
?>
The above code is quite self-explanatory. It produces the following output ::
object(stdClass)[2]
public 'name' => string 'chandan' (length=7)
Hello chandan
$po is an object of PHP built-in class 'stdClass' with a public member "name" and this property holds a string value "chandan". So, when $po->name is referred, it prints the correct value as unserialize() correctly re-constructed object from stored representation.
Here, we would see object serialization. When objects are serialized, PHP looks for a member function __sleep() within the object before it actually does the serialization. So, we can write various clean-up jobs ( like close file pointers, close DB connections, close any open sockets, close any streams, free any used memory, free unused variables, destroy other related objects etc ) inside this function __sleep(). We need to remember that all the private and public properties inside object are serialized.
Similarly, when the serialized format is restored to Object through the function unserialize(), PHP calls __wakeup() member function (if exists) after it is finished with re-constructing the object. We can write various jobs ( restore DB connections, open files which the object works with etc ) inside this function __wakeup().
Let's check a code where object is serialized.
<?php
// Define a Class
class MyClass
{
// private properties
private $data1;
private $data2;
// protected properties
protected $data3;
protected $data4;
// public properties
public $data5;
public $data6;
public function __construct()
{
// Initialize private properties
$this->data1 = "\r\n";
$this->data2 = NULL;
// Initialize protected properties
$this->data3 = NULL;
$this->data4 = "400";
// Initialize public properties
$this->data5 = "500";
$this->data6 = "600";
}
// __sleep()
public function __sleep()
{
echo "__Sleep called";
// within __sleep(), all the clean-up jobs
// can be included. Along with that, it also
// needs to return name of the properties
// to be serialized in an array format
return array("data1", "data2", "data3", "data4", "data5", "data6");
}
// __wakeup
public function __wakeup()
{
echo "__wakeup called";
}
public function display()
{
// Display all the properties
// We used a simple Loop
for($i=1;$i<=6;$i++)
{
echo "<br>" . $this->{"data$i"} ;
}
}
}
// Create Object
$obj = new MyClass;
// Serialize it
$ser = serialize($obj);
// See what happened after serialization
echo "$ser";
// Unserialize it to restore the
// data/properties in a new object
$p = unserialize($ser);
// $p is the new Object, hence
// call a member function
$p->display();
?>
The above code defines a class called "MyClass", which includes 3 private and 3 public properties and __wakeup(), __sleep() methods. It also includes a method called display() which shows the values in all the properties. The __wakeup() method should return all the properties which need to be serialized within an array. The __wakeup() function does not have such restrictions.
The above program can run without the __sleep() and __wakeup() methods. In that case the clean-up jobs etc can't be defined and we can't define/select properties which need to be serialized. In that case PHP serializes all the properties within that object.
When serializing the private properties within the object, the class name is prepended to the property name. Protected properties get an asterisk '*' prepended to their names. Such prepended values have Null bytes padded on both sides.
The code above produces 2 outputs, first is the serialized text of the object, second a list of property values in object $p which is created during the unserialization process of the stored representation we generated when $obj was serialized. Let's check the first output rendered on browser.
O:7:"MyClass":6:{s:14:"MyClassdata1";s:2:" ";s:14: "MyClassdata2";N;s:8:"*data3";N;s:8:"*data4";s:3:"400"; s:5:"data5";s:3:"500";s:5:"data6";s:3:"600";}
O:7:"MyClass":6: means Object having name "MyClass" (length:7) with 6 properties
s:14:"MyClassdata1";s:2:" "; means private property "MyClassdata1" (string, length:14) holds a string (length:2) value " ". Class name "MyClass" is prepended to Private properties. The value " " is text representation rendered on browser, actually it contains '\r\n'. As class name "\0MyClass\0" (padded by Null bytes on both side) was prepended to "data1" making it to "\0MyClass\0data1", the length of the new string is 14 ( 12 of "MyClassdata1" + 2 NULL bytes ) .
s:14:"MyClassdata2";N; means private property "MyClassdata2" (string length 14) holds a NULL value;
s:8:"*data3";N; means protected property "*data3" (string length 8 including NULL bytes on both side) holds NULL value
s:8:"*data4";s:3:"400"; means protected property "*data4" holds string (length:3) value "400"
s:5:"data5";s:3:"500"; means public property "data5" holds string (length:3) value "500"
s:5:"data6";s:3:"600"; means public property "data6" holds string (length:3) value "600"
Next part of the program is the unserialization part where we call the unserialize() function to restore an object from the stored representation $ser. And as a result, we create new object $p of type "MyClass" (The serialized data starts with "O:7:"MyClass"). Hence the call $p->display() calls the member function display() which iterates through all the properties inside the $p object and prints them on screen.
In such cases where object of undefined class to be created during unserialization, it creates object of "stdClass". Check the example below :
<?php
// an Array is being converted to Object
$o = (object) array("name" => "chandan");
// Serialize
$ser = serialize($o);
// Unserialize would instatiate
// Object of class PHP default 'stdClass'
$po = unserialize( $ser );
// Print the new object details
var_dump($po);
// Access member properties
echo "Hello {$po->name}";
?>
The above code is quite self-explanatory. It produces the following output ::
object(stdClass)[2]
public 'name' => string 'chandan' (length=7)
Hello chandan
$po is an object of PHP built-in class 'stdClass' with a public member "name" and this property holds a string value "chandan". So, when $po->name is referred, it prints the correct value as unserialize() correctly re-constructed object from stored representation.
