1--TEST-- 2Bug #49649 (unserialize() doesn't handle changes in property visibility) - to protected 3--FILE-- 4<?php 5 6/** 7 *class Foo 8 *{ 9 * private $private = 1; 10 * 11 * protected $protected = 2; 12 * 13 * public $public = 3; 14 * 15 * public $notThere = 'old'; 16 * } 17 * 18 * echo base64_encode(serialize(new Foo())); 19 * 20 * The class above represents the serialized, base64_encoded string below. 21*/ 22$serialized = 'TzozOiJGb28iOjQ6e3M6MTI6IgBGb28AcHJpdmF0ZSI7aToxO3M6MTI6IgAqAHByb3RlY3RlZCI7aToyO3M6NjoicHVibGljIjtpOjM7czo4OiJub3RUaGVyZSI7czozOiJvbGQiO30'; 23 24class Foo 25{ 26 protected $public = null; 27 28 protected $protected = null; 29 30 protected $private = null; 31} 32 33$class = unserialize(base64_decode($serialized)); 34var_dump($class); 35?> 36--EXPECTF-- 37Deprecated: Creation of dynamic property Foo::$notThere is deprecated in %s on line %d 38object(Foo)#1 (4) { 39 ["public":protected]=> 40 int(3) 41 ["protected":protected]=> 42 int(2) 43 ["private":protected]=> 44 int(1) 45 ["notThere"]=> 46 string(3) "old" 47} 48