Skip to content

Commit 28edeb2

Browse files
nikicnikic
committed
User serialize_deny for PDOStatement as well
1 parent 6e4b202 commit 28edeb2

File tree

2 files changed

+5
-21
lines changed

2 files changed

+5
-21
lines changed

UPGRADING

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -32,9 +32,9 @@ PHP 7.4 UPGRADE NOTES
3232
INTL_IDNA_VARIANT_UTS46 instead of the deprecated INTL_IDNA_VARIANT_2003.
3333

3434
- PDO:
35-
. Attempting to serialize a PDO instance will now generate an Exception
36-
rather than a PDOException, consistent with other internal classes which
37-
do not support serialization.
35+
. Attempting to serialize a PDO or PDOStatement instance will now generate
36+
an Exception rather than a PDOException, consistent with other internal
37+
classes which do not support serialization.
3838

3939
- Reflection:
4040
. Reflection objects will now generate an exception if an attempt is made

ext/pdo/pdo_stmt.c

Lines changed: 2 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -2145,22 +2145,6 @@ static PHP_METHOD(PDOStatement, debugDumpParams)
21452145
}
21462146
/* }}} */
21472147

2148-
/* {{{ proto PDOStatement::__wakeup()
2149-
Prevents use of a PDOStatement instance that has been unserialized */
2150-
static PHP_METHOD(PDOStatement, __wakeup)
2151-
{
2152-
zend_throw_exception_ex(php_pdo_get_exception(), 0, "You cannot serialize or unserialize PDOStatement instances");
2153-
}
2154-
/* }}} */
2155-
2156-
/* {{{ proto int PDOStatement::__sleep()
2157-
Prevents serialization of a PDOStatement instance */
2158-
static PHP_METHOD(PDOStatement, __sleep)
2159-
{
2160-
zend_throw_exception_ex(php_pdo_get_exception(), 0, "You cannot serialize or unserialize PDOStatement instances");
2161-
}
2162-
/* }}} */
2163-
21642148
const zend_function_entry pdo_dbstmt_functions[] = {
21652149
PHP_ME(PDOStatement, execute, arginfo_pdostatement_execute, ZEND_ACC_PUBLIC)
21662150
PHP_ME(PDOStatement, fetch, arginfo_pdostatement_fetch, ZEND_ACC_PUBLIC)
@@ -2181,8 +2165,6 @@ const zend_function_entry pdo_dbstmt_functions[] = {
21812165
PHP_ME(PDOStatement, nextRowset, arginfo_pdostatement__void, ZEND_ACC_PUBLIC)
21822166
PHP_ME(PDOStatement, closeCursor, arginfo_pdostatement__void, ZEND_ACC_PUBLIC)
21832167
PHP_ME(PDOStatement, debugDumpParams, arginfo_pdostatement__void, ZEND_ACC_PUBLIC)
2184-
PHP_ME(PDOStatement, __wakeup, arginfo_pdostatement__void, ZEND_ACC_PUBLIC|ZEND_ACC_FINAL)
2185-
PHP_ME(PDOStatement, __sleep, arginfo_pdostatement__void, ZEND_ACC_PUBLIC|ZEND_ACC_FINAL)
21862168
PHP_FE_END
21872169
};
21882170

@@ -2283,6 +2265,8 @@ void pdo_stmt_init(void)
22832265
pdo_dbstmt_ce = zend_register_internal_class(&ce);
22842266
pdo_dbstmt_ce->get_iterator = pdo_stmt_iter_get;
22852267
pdo_dbstmt_ce->create_object = pdo_dbstmt_new;
2268+
pdo_dbstmt_ce->serialize = zend_class_serialize_deny;
2269+
pdo_dbstmt_ce->unserialize = zend_class_unserialize_deny;
22862270
zend_class_implements(pdo_dbstmt_ce, 1, zend_ce_traversable);
22872271
zend_declare_property_null(pdo_dbstmt_ce, "queryString", sizeof("queryString")-1, ZEND_ACC_PUBLIC);
22882272

0 commit comments

Comments
 (0)