Mercurial > hg > cmmr2012-drupal-site

comparison vendor/brumann/polyfill-unserialize/src/Unserialize.php @ 5:12f9dff5fda9 tip

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update to Drupal core 8.7.1
author Chris Cannam
date Thu, 09 May 2019 15:34:47 +0100
parents
children
comparison
equal deleted inserted replaced
4:a9cd425dd02b 5:12f9dff5fda9
1 <?php
2
3 namespace Brumann\Polyfill;
4
5 final class Unserialize
6 {
7 /**
8 * @see https://secure.php.net/manual/en/function.unserialize.php
9 *
10 * @param string $serialized Serialized data
11 * @param array $options Associative array containing options
12 *
13 * @return mixed
14 */
15 public static function unserialize($serialized, array $options = array())
16 {
17 if (PHP_VERSION_ID >= 70000) {
18 return \unserialize($serialized, $options);
19 }
20 if (!array_key_exists('allowed_classes', $options)) {
21 $options['allowed_classes'] = true;
22 }
23 $allowedClasses = $options['allowed_classes'];
24 if (true === $allowedClasses) {
25 return \unserialize($serialized);
26 }
27 if (false === $allowedClasses) {
28 $allowedClasses = array();
29 }
30 if (!is_array($allowedClasses)) {
31 trigger_error(
32 'unserialize(): allowed_classes option should be array or boolean',
33 E_USER_WARNING
34 );
35 $allowedClasses = array();
36 }
37
38 $sanitizedSerialized = preg_replace_callback(
39 '/(^|;)O:\d+:"([^"]*)":(\d+):{/',
40 function ($match) use ($allowedClasses) {
41 list($completeMatch, $leftBorder, $className, $objectSize) = $match;
42 if (in_array($className, $allowedClasses)) {
43 return $completeMatch;
44 } else {
45 return sprintf(
46 '%sO:22:"__PHP_Incomplete_Class":%d:{s:27:"__PHP_Incomplete_Class_Name";%s',
47 $leftBorder,
48 $objectSize + 1, // size of object + 1 for added string
49 \serialize($className)
50 );
51 }
52 },
53 $serialized
54 );
55
56 return \unserialize($sanitizedSerialized);
57 }
58 }