Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:54729
Return-Path: <tyra3l@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 73263 invoked from network); 19 Aug 2011 12:54:35 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 19 Aug 2011 12:54:35 -0000
Authentication-Results: pb1.pair.com smtp.mail=tyra3l@gmail.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=tyra3l@gmail.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.161.170 as permitted sender)
X-PHP-List-Original-Sender: tyra3l@gmail.com
X-Host-Fingerprint: 209.85.161.170 mail-gx0-f170.google.com  
Received: from [209.85.161.170] ([209.85.161.170:51164] helo=mail-gx0-f170.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id EF/6C-11562-90D5E4E4 for <internals@lists.php.net>; Fri, 19 Aug 2011 08:54:34 -0400
Received: by gxk27 with SMTP id 27so2575499gxk.29
        for <internals@lists.php.net>; Fri, 19 Aug 2011 05:54:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :cc:content-type:content-transfer-encoding;
        bh=s6jFNgbjnT+72TjmAPWP9AEx/pnOdbwhKdQ577CNc3E=;
        b=ttf3g3moKDCJsZZmwnOboOD6ydwxPEm4PBvwGJJQSS8oTL1TB4yhzi5D6ZkHU/apxa
         ctvjATiFmfdBpEdX9m4vBm5W8FPbeO3IV7bgdlpjkLrG6qy8eDmpqCvZ1fijlrmqE2sj
         UxMh+Ns/SP+G+9MgFuv1iFiAj7s/Pqr0VeRXw=
MIME-Version: 1.0
Received: by 10.236.191.103 with SMTP id f67mr7264067yhn.93.1313758471480;
 Fri, 19 Aug 2011 05:54:31 -0700 (PDT)
Received: by 10.146.83.5 with HTTP; Fri, 19 Aug 2011 05:54:31 -0700 (PDT)
In-Reply-To: <CA+p1TcZVZOg+tyzPo-20xyxcxm0W+ET1aJ-+14V=Ff6AVmEFHw@mail.gmail.com>
References: <CAKxcST-n_aC1NJ8pLg5natwRRcxEHV_t-fiEhYX4mc=G7WPFaA@mail.gmail.com>
	<4E4E48F6.8010107@php.net>
	<CAEZPtU5uRFO+mhQTJDZm32_Y7k6p9HzZmn1YiRmW4iZQrmht9A@mail.gmail.com>
	<CAKxcST9AYTb+SJJydb0u5RK+XgP7og8KqH+1u-7trDrSJBPOKA@mail.gmail.com>
	<CAH-PCH56zYkJH8BaGHdKTUmBm6V+k_yxKfAVp9XuES_B5ps5CQ@mail.gmail.com>
	<CA+p1TcZ-_X7x7VdkhjeY86vC67PNmoZ93BcwuJ2uKdWJzhvFLQ@mail.gmail.com>
	<CAH-PCH7xRmE2Uc2smRtBiRyyxzvhBWux7E8naAV_0+y-9dv6Qg@mail.gmail.com>
	<CA+p1TcZVZOg+tyzPo-20xyxcxm0W+ET1aJ-+14V=Ff6AVmEFHw@mail.gmail.com>
Date: Fri, 19 Aug 2011 14:54:31 +0200
Message-ID: <CAH-PCH5qSOLPNvhxe7KwJutg6gQxmTnx04mDQhWB6p_xVoMq7g@mail.gmail.com>
To: Arpad Ray <arraypad@gmail.com>
Cc: Paul Dragoonis <dragoonis@gmail.com>, Pierre Joye <pierre.php@gmail.com>, 
	Sebastian Bergmann <sebastian@php.net>, internals@lists.php.net
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Subject: Re: [PHP-DEV] Activation of IGBinary serialization extension in 5.4
 by default
From: tyra3l@gmail.com (Ferenc Kovacs)

On Fri, Aug 19, 2011 at 2:47 PM, Arpad Ray <arraypad@gmail.com> wrote:
> On Fri, Aug 19, 2011 at 1:40 PM, Ferenc Kovacs <tyra3l@gmail.com> wrote:
>> On Fri, Aug 19, 2011 at 2:31 PM, Arpad Ray <arraypad@gmail.com> wrote:
>>> On Fri, Aug 19, 2011 at 1:04 PM, Ferenc Kovacs <tyra3l@gmail.com> wrote=
:
>>>> the downside would be that if you want to serialize/unserialize the
>>>> data outside of php, your implementation should take care of this
>>>> prefix.
>>>> just a wild idea, but maybe useful:
>>>> instead of creating a prefix, we could serialize the passed data with
>>>> the given(php, igbinary, etc.) handler, then wrap the whole stuff into
>>>> an array which holds the name of the used handler and the serialized
>>>> data, and serialize this array with the old(php) serialize method.
>>>> this way the datablob would be always a valid serialized string, and
>>>> would be easier to get the serialize method than with the prefixing.
>>>
>>> If my old app couldn't read some newly serialized string, I'd rather
>>> it failed hard than apparently succeed but have the wrong data.
>>>
>>
>> http://php.net/unserialize
>> In case the passed string is not unserializeable, FALSE is returned
>> and E_NOTICE is issued.
>> so if you unserialize from php, my suggestion would fail harder.
>> when you unserialize it from another mean (parsing it on your own, or
>> from a different language), you are right, it would produce a valid
>> but different result what you would expect, but this could be
>> documented, and I don't think that that many users do this, and maybe
>> they are using json/bson/igbinary already.
>
> I'm talking about unserialize() in an old (well, current) version of
> PHP - if it unserializes what is apparently a valid array there would
> be nothing to indicate it's actually a new version which it can't
> read.
>

I see, yeah, "old" clienst would still suffer from this, they would
get an array from unserialize what they didn't expect, and maybe some
data, what they cannot unpack (if it was packed with a method other
than the current)
the pro side is that it would be possible to handle this situation (if
you cannot upgrade a php instance for example for some reason) as you
could handle those situations (unserialize the data field to get the
original data, or use igbinary from pecl to decompress it, etc.)
I didn't feel too strong about this, just throwing ideas around.

--=20
Ferenc Kov=C3=A1cs
@Tyr43l - http://tyrael.hu