- unserialize: documentation ( source)
- serialize: documentation ( source)
<?php
class UserNotFoundException extends \Exception {}
function check_user_exists($user_id)
{
// check user account hasn't been deleted, otherwise throw:
throw new UserNotFoundException("exceptions for flow control are great.\n");
}
class User
{
private $id = 5;
function __unserialize(array $data) {
check_user_exists($data["\x00User\x00id"]);
}
}
$user = new User();
$data = serialize($user);
echo "$data \n";
try {
$result = unserialize($data);
}
catch (UserNotFoundException $unfe) {
echo "redirect user to login page\n";
exit(0);
}
echo "User is valid.\n";