Hi! Could we please enable some services and cookies to improve your experience and our website?
Online Sandbox for SQL and PHP: Write, Run, Test, and Share SQL Queries and PHP Code
<?php
// define("FOOq", "MyUndefinedClass");
class MyClass
{
public string $property = "myValue";
}
class MyUndefinedClassB
{
}
$myObject = new MyClass;
$foo = serialize($myObject);
// unserializes all objects into __PHP_Incomplete_Class objects
$disallowed = unserialize($foo, ["allowed_classes" => false]);
var_dump($disallowed);
// unserializes all objects into __PHP_Incomplete_Class objects except those of MyClass2 and MyClass3
$disallowed2 = unserialize($foo, ["allowed_classes" => ["MyClass2", "MyClass3"]]);
var_dump($disallowed2);
// unserializes undefined class into __PHP_Incomplete_Class object
$undefinedClass = unserialize('O:16:"MyUndefinedClass":0:{}');
var_dump($undefinedClass);
// $myObjectB = new MyUndefinedClassB;
// $fooB = serialize($myObjectB);
// $fooB = 'O:17:"MyUndefinedClassB":0:{}';
// echo PHP_EOL.'var_dump($fooB);'.PHP_EOL;
// var_dump($fooB);
// $undefinedClassB = unserialize($fooB);
$undefinedClassB = unserialize('O:17:"MyUndefinedClassB":0:{}');
var_dump($undefinedClassB);
?>