📅  最后修改于: 2022-03-11 14:57:56.148000             🧑  作者: Mango
PHP supports a method known as 'serialize (Object)' that is used to serialize
the object. In PHP 7, an additional security feature has been added by
introducing filtering 'unserialize (arg1, arg2)' method. This feature seeks
to provide better security when unserializing objects on untrusted data. It
prevents possible code injections by enabling the developer to whitelist
classes that can be unserialized.
$data = unserialize($serializeObj, ["allowed_classes" => true]);