/is_serialized.php
Created Oct 23, 2009
PHP is_serialized() function.
| <?php | |
| /** | |
| * This program is free software. It comes without any warranty, to | |
| * the extent permitted by applicable law. You can redistribute it | |
| * and/or modify it under the terms of the Do What The Fuck You Want | |
| * To Public License, Version 2, as published by Sam Hocevar. See | |
| * http://sam.zoy.org/wtfpl/COPYING for more details. | |
| */ | |
| /** | |
| * Tests if an input is valid PHP serialized string. | |
| * | |
| * Checks if a string is serialized using quick string manipulation | |
| * to throw out obviously incorrect strings. Unserialize is then run | |
| * on the string to perform the final verification. | |
| * | |
| * Valid serialized forms are the following: | |
| * <ul> | |
| * <li>boolean: <code>b:1;</code></li> | |
| * <li>integer: <code>i:1;</code></li> | |
| * <li>double: <code>d:0.2;</code></li> | |
| * <li>string: <code>s:4:"test";</code></li> | |
| * <li>array: <code>a:3:{i:0;i:1;i:1;i:2;i:2;i:3;}</code></li> | |
| * <li>object: <code>O:8:"stdClass":0:{}</code></li> | |
| * <li>null: <code>N;</code></li> | |
| * </ul> | |
| * | |
| * @author Chris Smith <code+php@chris.cs278.org> | |
| * @copyright Copyright (c) 2009 Chris Smith (http://www.cs278.org/) | |
| * @license http://sam.zoy.org/wtfpl/ WTFPL | |
| * @param string $value Value to test for serialized form | |
| * @param mixed $result Result of unserialize() of the $value | |
| * @return boolean True if $value is serialized data, otherwise false | |
| */ | |
| function is_serialized($value, &$result = null) | |
| { | |
| // Bit of a give away this one | |
| if (!is_string($value)) | |
| { | |
| return false; | |
| } | |
| // Serialized false, return true. unserialize() returns false on an | |
| // invalid string or it could return false if the string is serialized | |
| // false, eliminate that possibility. | |
| if ($value === 'b:0;') | |
| { | |
| $result = false; | |
| return true; | |
| } | |
| $length = strlen($value); | |
| $end = ''; | |
| switch ($value[0]) | |
| { | |
| case 's': | |
| if ($value[$length - 2] !== '"') | |
| { | |
| return false; | |
| } | |
| case 'b': | |
| case 'i': | |
| case 'd': | |
| // This looks odd but it is quicker than isset()ing | |
| $end .= ';'; | |
| case 'a': | |
| case 'O': | |
| $end .= '}'; | |
| if ($value[1] !== ':') | |
| { | |
| return false; | |
| } | |
| switch ($value[2]) | |
| { | |
| case 0: | |
| case 1: | |
| case 2: | |
| case 3: | |
| case 4: | |
| case 5: | |
| case 6: | |
| case 7: | |
| case 8: | |
| case 9: | |
| break; | |
| default: | |
| return false; | |
| } | |
| case 'N': | |
| $end .= ';'; | |
| if ($value[$length - 1] !== $end[0]) | |
| { | |
| return false; | |
| } | |
| break; | |
| default: | |
| return false; | |
| } | |
| if (($result = @unserialize($value)) === false) | |
| { | |
| $result = null; | |
| return false; | |
| } | |
| return true; | |
| } |
This comment has been minimized.
This comment has been minimized.
hazratgs
commented
Feb 18, 2015
|
nice work! |
This comment has been minimized.
This comment has been minimized.
MarkMaldaba
commented
Feb 22, 2016
|
Neat function. Unit tests? :-) |
This comment has been minimized.
This comment has been minimized.
andibastian
commented
Dec 6, 2016
|
thanks, nice work dude |
This comment has been minimized.
This comment has been minimized.
dominikdosoudil
commented
Mar 18, 2017
•
|
Thanks |
This comment has been minimized.
This comment has been minimized.
Tadek888
commented
Mar 22, 2018
|
Thanks ! |
This comment has been minimized.
This comment has been minimized.
HAGhoniem
commented
Mar 6, 2019
|
Working Great thanks |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This comment has been minimized.
xfoxawy commentedNov 13, 2014
great work ... testing it