序列化 PHP 字符串的结构

2021-12-21 00:00:00 string serialization php

我想知道是否有人可以将我指向一个记录了序列化 php 字符串详细信息的资源.我基本上想知道格式/结构,以便我可以在 VB.NET 中编写一个函数来序列化/反序列化它.

I was wondering if anyone could point me to a resource where the details of a serialized php string is documented. I would basically like to know the format/structure so I can write a function in VB.NET to serialize/deserialize it back.

谢谢!

推荐答案

基本结构如下:

标量类型:

  1. 布尔值序列化为:

  1. Booleans are serialized as:

b:<i>;

其中 是一个整数,其值为 0(假)或 1(真).

where <i> is an integer with a value of either 0 (false) or 1 (true).

整数序列化为:

i:<i>;

其中 是整数值.

浮点数被序列化为(d 表示双精度):

Floats are serialized as (with d meaning double):

d:<f>;

其中 是浮点值.

字符串被序列化为:

s:<i>:"<s>";

其中是表示的字符串长度的整数,是字符串价值.

where <i> is an integer representing the string length of <s>, and <s> is the string value.

特殊类型:

  1. null 简单地序列化为:

N;

化合物类型:

  1. 数组被序列化为:

  1. Arrays are serialized as:

a:<i>:{<elements>}

其中 是一个整数,表示数组中元素的数量, 零个或多个序列化的键值对:

where <i> is an integer representing the number of elements in the array, and <elements> zero or more serialized key value pairs:

<key><value>

其中 表示序列化的标量类型, 表示任何可序列化的值.

where <key> represents a serialized scalar type, and <value> any value that is serializable.

对象被序列化为:

O:<i>:"<s>":<i>:{<properties>}

其中第一个是一个整数,表示的字符串长度,是完全限定的类名(类名前面带有完整的命名空间).第二个 是一个整数,表示对象属性的数量. 是零个或多个序列化的名称值对:

where the first <i> is an integer representing the string length of <s>, and <s> is the fully qualified class name (class name prepended with full namespace). The second <i> is an integer representing the number of object properties. <properties> are zero or more serialized name value pairs:

<name><value>

其中 是表示属性名称的序列化字符串, 是任何可序列化的值.

where <name> is a serialized string representing the property name, and <value> any value that is serializable.

有一个问题:

There's a catch with <name> though:

表示为

s:<i>:"<s>";

其中是一个整数,表示的字符串长度.但是 的值因属性的可见性而异:

where <i> is an integer representing the string length of <s>. But the values of <s> differs per visibility of properties:

一个.使用 public 属性 是属性的简单名称.

a. With public properties <s> is the simple name of the property.

B.但是,对于 protected 属性, 是属性的简单名称,前面带有 * — 星号,用两个 NUL 字符括起来(即 chr(0)).

b. With protected properties, however, <s> is the simple name of the property, prepended with * — an asterix, enclosed in two NUL characters (i.e. chr(0)).

c.对于 private 属性, 是属性的简单名称,前面带有 ,用两个 NUL 字符括起来,其中 是完全限定的类名.

c. And with private properties, <s> is the simple name of the property, prepended with <s><s>, enclosed in two NUL characters, where <s> is the fully qualified class name.

<小时>

还有一些其他情况,例如 R:<i>;,代表引用,我在这里没有提到(因为老实说我还没有弄清楚确切的工作原理还没有),但这应该会让您对 PHP 的序列化机制有一个不错的了解.


There are a few other cases, such as R:<i>;, that represents references, that I haven't mentioned here (because I honestly haven't figured out the exact workings of it yet), but this should give you a decent idea about PHP's serializing mechanism.

相关文章