我们有一个抛出错误的错误处理程序:__PHP_Incomplete_Class 无法转换为字符串。
错误处理程序当前执行“is_object”测试,对于“不完整”对象来说奇怪的是错误的。我正在尝试调整错误处理程序,但如果不解析重新序列化的版本,我无法获取原始类名。
<?php
$o = 'O:14:"BogusTestClass":0:{}';
$c = unserialize($o);
var_dump(
array(
'subject' => $c,
'is_object' => is_object($c), // false !?!?
'get_class' => get_class($c), // __PHP_Incomplete_Class
'gettype' => gettype($c), // 'object'
'Is instance of?' => $c instanceof __PHP_Incomplete_Class, // true
'serial' => serialize($c),
)
);
// Tried:
var_dump($c->__PHP_Incomplete_Class_Name);
// Error:
// The script tried to execute a method or access a property of
// an incomplete object
$refObj = new ReflectionObject($c);
$refProp = $refObj->getProperty('__PHP_Incomplete_Class_Name');
$refProp->setAccessible(true);
var_dump($refProp->getValue($c));
// Error:
// ReflectionProperty::getValue(): The script tried to execute a
// method or access a property of an incomplete object.
// This works, but is fragile, since it depends on internal behavior
// of serialize
function getBadClassName($subject)
{
$serial = serialize($subject);
$parts = explode(':', $serial, 4);
if ('O' === $parts[0] && strlen($parts[2]) -2 == $parts[1]) {
return substr($parts[2], 1, -1);
}
return '-- Error --';
}
var_dump(getBadClassName($c));
试图从不完整的对象中获取序列化类的名称,以在错误消息中使用。
避免解析字符串,因为我猜当使用重新定义序列化/反序列化的扩展时,字符串解析会崩溃,例如http://pecl.php.net/package/igbinary或http://pecl.php.net /package/APC/3.1.7 apc.serializer 挂钩。