gilbitron · March 29, 2017 12:31
diff --git a/1_write.php b/1_write.php
 <?php

 include 'ExampleClass1.php';
 include 'ExampleClass2.php';

 $object = new stdClass;
 $object->foo = 'bar';

 $class1 = new ExampleClass1();
 $class2 = new ExampleClass2();

 $data = [
 	'int'    => 123,
 	'string' => 'foo',
 	'bool'   => true,
 	'array'  => ['foo' => 'bar'],
 	'object' => $object,
 	'class1' => $class1,
 	'class2' => $class2,
 ];

 $serialized = serialize($data);

 file_put_contents('serialized1.txt', $serialized);
diff --git a/2_replace.php b/2_replace.php
 <?php

 include 'PlaceholderClass.php';

 $serialized = file_get_contents('serialized1.txt');

 // Find classes in serialized string
 $classNames = [];
 preg_match_all('/O:\d+:\"(.*?)\"/', $serialized, $matches);
 if (isset($matches[1]) && !empty($matches[1])) {
 	foreach ($matches[1] as $className) {
 		if ($className == 'stdClass') {
 			continue;
 		}

 		$classNames[] = $className;
 	}
 }

 print_r($classNames);

 // Use this instead of class_alias
 foreach ($classNames as $className) {
 	// http://stackoverflow.com/questions/9229605/in-php-how-do-you-get-the-called-aliased-class-when-using-class-alias
 	eval('class ' . $className . ' extends PlaceholderClass {}');
 }

 $unserialized = unserialize($serialized);

 // Update the object properties for ExampleClass1
 $class1Props = get_object_vars($unserialized['class1']);
 foreach ($class1Props as $key => $value) {
 	if (property_exists($unserialized['class1'], $key)) {
 		$unserialized['class1']->{$key} = $value . ' EDITED';
 	}
 }

 print_r($unserialized);
 echo "\n";

 $reserialized = serialize($unserialized);

 file_put_contents('serialized2.txt', $reserialized);
diff --git a/3_read.php b/3_read.php
 <?php

 include 'ExampleClass1.php';
 include 'ExampleClass2.php';

 $serialized = file_get_contents('serialized2.txt');
 print_r(unserialize($serialized));
diff --git a/4_output.txt b/4_output.txt
 Array
 (
    [int] => 123
    [string] => foo
    [bool] => 1
    [array] => Array
        (
            [foo] => bar
        )

    [object] => stdClass Object
        (
            [foo] => bar
        )

    [class1] => ExampleClass1 Object
        (
            [privateVar:ExampleClass1:private] => private variable
            [protectedVar:protected] => protected variable
            [publicVar] => public variable EDITED
        )

    [class2] => ExampleClass2 Object
        (
            [privateVar:ExampleClass2:private] => private variable
            [protectedVar:protected] => protected variable
            [publicVar] => public variable
        )

 )
	<?php

	include 'ExampleClass1.php';
	include 'ExampleClass2.php';

	$object = new stdClass;
	$object->foo = 'bar';

	$class1 = new ExampleClass1();
	$class2 = new ExampleClass2();

	$data = [
	'int' => 123,
	'string' => 'foo',
	'bool' => true,
	'array' => ['foo' => 'bar'],
	'object' => $object,
	'class1' => $class1,
	'class2' => $class2,
	];

	$serialized = serialize($data);

	file_put_contents('serialized1.txt', $serialized);
	<?php

	include 'PlaceholderClass.php';

	$serialized = file_get_contents('serialized1.txt');

	// Find classes in serialized string
	$classNames = [];
	preg_match_all('/O:\d+:\"(.*?)\"/', $serialized, $matches);
	if (isset($matches[1]) && !empty($matches[1])) {
	foreach ($matches[1] as $className) {
	if ($className == 'stdClass') {
	continue;
	}

	$classNames[] = $className;
	}
	}

	print_r($classNames);

	// Use this instead of class_alias
	foreach ($classNames as $className) {
	// http://stackoverflow.com/questions/9229605/in-php-how-do-you-get-the-called-aliased-class-when-using-class-alias
	eval('class ' . $className . ' extends PlaceholderClass {}');
	}

	$unserialized = unserialize($serialized);

	// Update the object properties for ExampleClass1
	$class1Props = get_object_vars($unserialized['class1']);
	foreach ($class1Props as $key => $value) {
	if (property_exists($unserialized['class1'], $key)) {
	$unserialized['class1']->{$key} = $value . ' EDITED';
	}
	}

	print_r($unserialized);
	echo "\n";

	$reserialized = serialize($unserialized);

	file_put_contents('serialized2.txt', $reserialized);
	Array
	(
	[int] => 123
	[string] => foo
	[bool] => 1
	[array] => Array
	(
	[foo] => bar
	)

	[object] => stdClass Object
	(
	[foo] => bar
	)

	[class1] => ExampleClass1 Object
	(
	[privateVar:ExampleClass1:private] => private variable
	[protectedVar:protected] => protected variable
	[publicVar] => public variable EDITED
	)

	[class2] => ExampleClass2 Object
	(
	[privateVar:ExampleClass2:private] => private variable
	[protectedVar:protected] => protected variable
	[publicVar] => public variable
	)

	)