Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:40894
Return-Path: <et@php.net>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 59191 invoked from network); 9 Oct 2008 13:51:27 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 9 Oct 2008 13:51:27 -0000
Authentication-Results: pb1.pair.com header.from=et@php.net; sender-id=unknown
Authentication-Results: pb1.pair.com smtp.mail=et@php.net; spf=unknown; sender-id=unknown
Received-SPF: unknown (pb1.pair.com: domain php.net does not designate 62.75.137.136 as permitted sender)
X-PHP-List-Original-Sender: et@php.net
X-Host-Fingerprint: 62.75.137.136 fuer-et.de Linux 2.5 (sometimes 2.4) (4)
Received: from [62.75.137.136] ([62.75.137.136:36387] helo=eve.fuer-et.de)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 04/97-48736-E5C0EE84 for <internals@lists.php.net>; Thu, 09 Oct 2008 09:51:27 -0400
Received: from lapalma.mis.informatik.tu-darmstadt.de (lapalma.mis.informatik.tu-darmstadt.de [130.83.165.195])
	by eve.fuer-et.de (Postfix) with ESMTP id 7BE761583F8;
	Thu,  9 Oct 2008 15:51:24 +0200 (CEST)
To: Lukas Kahwe Smith <mls@pooteeweet.org>
Date: Thu, 9 Oct 2008 15:51:22 +0200
User-Agent: KMail/1.9.7
Cc: "David Coallier" <davidc@php.net>,
 internals@lists.php.net
References: <48EDFEED.8080605@adplabs.com.br> <b5f7bf6c0810090626r247d4c66o14cfa836f5860054@mail.gmail.com> <DA86E2D1-34A1-49B9-9E05-7AD9AD6A9DC0@pooteeweet.org>
In-Reply-To: <DA86E2D1-34A1-49B9-9E05-7AD9AD6A9DC0@pooteeweet.org>
X-PGP-Key-URL: http://www.mis.informatik.tu-darmstadt.de/People/walk/
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-ID: <200810091551.23205.et@php.net>
Subject: Re: [PHP-DEV] json_encode ignores protected/private class members
From: et@php.net (Stefan Walk)

On Thursday 09 October 2008 15:31:54 Lukas Kahwe Smith wrote:
> well .. i think this is at least the common use case. then again, json
> is an encoding format, and i expect that i can get the same object
> state by decoding. so the expectation to also get non public
> properties in the json encoded string is not totally crazy.

Well, you lose the information about the class anyway, so there is no way to 
decode it to the previous state without implementing it yourself, and in 
order to set private/protected attributes, you have to implement it as a 
method ... and if you do that, it's natural that you also do a member 
function that does the encoding, so the round-trip argument doesn't really 
work.

> however changing this at this point would be a huge security issue, so
> if at all, it would need to be handled by an optional parameter that
> defaults to false.

That would be unclean. If it's implemented in some way, json_encode should 
look for the implementation of some interface (JSONEncodable or something) 
providing encoding/decoding methods (similar to __sleep/__wakeup).

Regards,
Stefan