Skip to content
/ forbid-serialization Public

Micro-package with a handy trait to forbid object serialialization in PHP

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

prezly/forbid-serialization

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
.github/workflows
.github/workflows
 
 
src
src
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
CHANGELOG.md
CHANGELOG.md
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
composer.json
composer.json
 
 
phpunit.xml
phpunit.xml
 
 

Repository files navigation

Prezly's ForbidSerialization

Prezly's ForbidSerialization is a micro-package with a handy trait to forbid serialization of specific class in PHP.

This is because standard PHP serialize() function can serialize anything, even instances you'd never want to be serialized. So ForbidSerialization is just a nice easy way to opt-out whenever you do not intentionally want an object to be serialized (which should be the default in 99.99% of all cases).

See this awesome talk from Marco Pivetta on Extremely Defensive PHP. Specifically the part about serialization: https://youtu.be/Gl9td0zGLhw?t=2352

Usage

Usage is as simple as adding use ForbidSerialization to any class. Only make sure you do not override __sleep() or __serialize() methods.

use Prezly\ForbidSerialization\ForbidsSerialization;

class AmazonWebServicesIntegrationService {
    use ForbidsSerialization;
    
    // ...
}

Changelog

Credits

Brought to you with ❤️ by Prezly.

About

Micro-package with a handy trait to forbid object serialialization in PHP

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

6 watching

Forks

0 forks
Report repository

Releases 2

PHP 8 support Latest
Oct 5, 2023
+ 1 release

Packages

No packages published

Contributors 2

  •  
  •  

Languages