add support for explicit unserialize options + retrive Object as orig…

…inal instead of __PHP_Incomplete_Class
shieldfy · Apr 1, 2017 · b5de04b · b5de04b
1 parent 6c64759
commit b5de04b
Showing 1 changed file with 7 additions and 1 deletion.
diff --git a/src/Normalizers/NormalizeSerialize.php b/src/Normalizers/NormalizeSerialize.php
@@ -62,7 +62,7 @@ public function run()
         if (version_compare(PHP_VERSION, '7.0.0') >= 0) {
             //options added @ v 7.0 which allow no evaluating for classes
             //object will be instantiated as __PHP_Incomplete_Class
-            $decoded = @unserialize($this->value, false);
+            $decoded = @unserialize($this->value, []);
         } else {
             $decoded = false; //don't serialize it might be danger
         }
@@ -79,6 +79,12 @@ public function run()
             $decoded = $arrayValue;
         }
 
+        //Object of class __PHP_Incomplete_Class
+        if(gettype($decoded) === 'object'){
+            //object serialize must be the same
+            return $this->value;
+        }
+
         return $decoded;
     }
 }