Blog |
Forum |
Repository |
Wizard
Jump to letter: [
ABCDGHIJLMNOPQRSTUVWXYZ
]
php-brumann-polyfill-unserialize - Backports unserialize options introduced in PHP 7.0
- Website:
- https://github.com/dbrumann/polyfill-unserialize
- Licence:
- MIT
- Vendor:
- Remi Collet
- Description:
Backports unserialize options introduced in PHP 7.0 to older PHP versions. This
was originally designed as a Proof of Concept for Symfony Issue
[#21090](https://github.com/symfony/symfony/pull/21090).
You can use this package in projects that rely on PHP versions older than PHP
7.0. In case you are using PHP 7.0+ the original unserialize() will be used
instead.
From the
[documentation](https://secure.php.net/manual/en/function.unserialize.php):
> Warning: Do not pass untrusted user input to unserialize(). Unserialization
> can result in code being loaded and executed due to object instantiation and
> autoloading, and a malicious user may be able to exploit this.
This warning holds true even when `allowed_classes` is used.
Autoloader: /usr/share/php/Brumann/Polyfill/autoload.php
Packages