1--TEST-- 2Bug #49649 (unserialize() doesn't handle changes in property visibility) - to private 3--FILE-- 4<?php 5 6/** 7 *class Foo 8 *{ 9 * private $private = 1; 10 * 11 * protected $protected = 2; 12 * 13 * public $public = 3; 14 * 15 * public $notThere = 'old'; 16 * } 17 * 18 * echo base64_encode(serialize(new Foo())); 19 * 20 * The class above represents the serialized, base64_encoded string below. 21*/ 22$serialized = 'TzozOiJGb28iOjQ6e3M6MTI6IgBGb28AcHJpdmF0ZSI7aToxO3M6MTI6IgAqAHByb3RlY3RlZCI7aToyO3M6NjoicHVibGljIjtpOjM7czo4OiJub3RUaGVyZSI7czozOiJvbGQiO30'; 23 24class Foo 25{ 26 private $public = null; 27 28 private $protected = null; 29 30 private $private = null; 31} 32 33$class = unserialize(base64_decode($serialized)); 34var_dump($class); 35?> 36--EXPECTF-- 37Deprecated: Creation of dynamic property Foo::$notThere is deprecated in %s on line %d 38object(Foo)#1 (4) { 39 ["public":"Foo":private]=> 40 int(3) 41 ["protected":"Foo":private]=> 42 int(2) 43 ["private":"Foo":private]=> 44 int(1) 45 ["notThere"]=> 46 string(3) "old" 47} 48