Mercurial > hg > isophonics-drupal-site

annotate vendor/brumann/polyfill-unserialize/src/Unserialize.php @ 19:fa3358dc1485 tip

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add ndrum files
author Chris Cannam
date Wed, 28 Aug 2019 13:14:47 +0100
parents af1871eacc83
children
rev   line source
Chris@18 1 <?php
Chris@18 2
Chris@18 3 namespace Brumann\Polyfill;
Chris@18 4
Chris@18 5 final class Unserialize
Chris@18 6 {
Chris@18 7 /**
Chris@18 8 * @see https://secure.php.net/manual/en/function.unserialize.php
Chris@18 9 *
Chris@18 10 * @param string $serialized Serialized data
Chris@18 11 * @param array $options Associative array containing options
Chris@18 12 *
Chris@18 13 * @return mixed
Chris@18 14 */
Chris@18 15 public static function unserialize($serialized, array $options = array())
Chris@18 16 {
Chris@18 17 if (PHP_VERSION_ID >= 70000) {
Chris@18 18 return \unserialize($serialized, $options);
Chris@18 19 }
Chris@18 20 if (!array_key_exists('allowed_classes', $options)) {
Chris@18 21 $options['allowed_classes'] = true;
Chris@18 22 }
Chris@18 23 $allowedClasses = $options['allowed_classes'];
Chris@18 24 if (true === $allowedClasses) {
Chris@18 25 return \unserialize($serialized);
Chris@18 26 }
Chris@18 27 if (false === $allowedClasses) {
Chris@18 28 $allowedClasses = array();
Chris@18 29 }
Chris@18 30 if (!is_array($allowedClasses)) {
Chris@18 31 trigger_error(
Chris@18 32 'unserialize(): allowed_classes option should be array or boolean',
Chris@18 33 E_USER_WARNING
Chris@18 34 );
Chris@18 35 $allowedClasses = array();
Chris@18 36 }
Chris@18 37
Chris@18 38 $sanitizedSerialized = preg_replace_callback(
Chris@18 39 '/(^|;)O:\d+:"([^"]*)":(\d+):{/',
Chris@18 40 function ($match) use ($allowedClasses) {
Chris@18 41 list($completeMatch, $leftBorder, $className, $objectSize) = $match;
Chris@18 42 if (in_array($className, $allowedClasses)) {
Chris@18 43 return $completeMatch;
Chris@18 44 } else {
Chris@18 45 return sprintf(
Chris@18 46 '%sO:22:"__PHP_Incomplete_Class":%d:{s:27:"__PHP_Incomplete_Class_Name";%s',
Chris@18 47 $leftBorder,
Chris@18 48 $objectSize + 1, // size of object + 1 for added string
Chris@18 49 \serialize($className)
Chris@18 50 );
Chris@18 51 }
Chris@18 52 },
Chris@18 53 $serialized
Chris@18 54 );
Chris@18 55
Chris@18 56 return \unserialize($sanitizedSerialized);
Chris@18 57 }
Chris@18 58 }