RedisSessionHandler unserialize

swoft-cloud / swoft

🚀 PHP Microservice Full Coroutine Framework

https://swoft.org

Apache License 2.0

5.58k stars 786 forks source link

RedisSessionHandler unserialize #136

Closed xiongchao123 closed 6 years ago

xiongchao123 commented 6 years ago

Q	A
Bug report?	yes
Swoft version	master
Swoole version	2.0.13
PHP version	7.0.25
Runtime environment	CentOS 7

Details

PHP Warning: unserialize() expects parameter 2 to be array, null given in /var/www/php/swoft/vendor/swoft/session/src/Handler/RedisSessionHandler.php on line 128


protected function unserialize($value)
    {
        return is_numeric($value) ? $value : unserialize($value,null);
    }

mixed unserialize ( string $str )
unserialize() 应该没有第二个参数的吧

inhere commented 6 years ago

有的高版本就有了,限定那些class可以反序列化

可以这样加 unserialize($value, ['allowed_classes' => false])

xiongchao123 commented 6 years ago

那这第二个参数应该是个数组类型吧 return is_numeric($value) ? $value : unserialize($value,null); 是不是要改成 return is_numeric($value) ? $value : unserialize($value,[]);

huangzhhui commented 6 years ago

已修复，请更新 swoft/session 至 v1.0.2 版本以上