Serialization in PHP

Today we will be learning a very important topic in OOP’s called serialization which is used between webpages and applications, in this Serialization in PHP tutorial.

• Serialization is used to convert an object to a byte-stream representation and vice-versa.
• This is useful when we need to pass object data in the form of string of text between scripts and applications.
• There are various situations in which we need to pass objects in the form of string such as:
• Converting object to string and storing it in a text file or a database table.
• Converting and passing objects in URL query string.
• Carrying objects between webpages in the session, etc.
• To convert a object to a string and then back to object when required we can use following functions:
• serialize(): the serialize() function takes the object and converts it to a string representation containing class name and its properties.
• unserialize(): the unserialize() function takes the serialized string or string that is obtained from object and converts it again to the object.
• When the object is serialized, the content is placed with some type of a specifier followed by a colon, then followed with the actual data followed by a semi-colon.
• When we serialize an object it stores the class name and all its properties. It doesn’t store methods of the class. Hence to unserialize the serialized object the class should be present in the script before unserializing it.
• So we have to unserialize the object in the script where the class is defined or we can include the class in the script where we want to unserialize the object with the include statement as shown below:

<?php
	include(“worker.inc”);
	//some code here
	unserialize($work);
?>

• Now let us see how the object is serialized and unserialized using the function serialize() and unserialize() in the following code shown below:

<?php
class Worker
{
	private $id;
	protected $name;
	protected $dept;
	
	public function __construct($id,$name,$dept)
	{
		$this->id=$id;
		$this->name=$name;
		$this->dept=$dept;
	}
	
	public function display()
	{
		echo "ID : ".$this->id."<br>Name : ".$this->name."<br> Department : ".$this->dept;
	}
}

//creating an instance of Worker class
$work=new Worker(1,'James Das','Development');

//serializing the object $work using serialize() function 
$serialized=serialize($work);

//displaying the serialized string
echo "*Serialized object in string format:<br>".$serialized."<br><br>";

//unserializing the string $serialized to the object back
$work1=unserialize($serialized);

//calling the function display() of the Worker class using object $work1 
echo "*Object Unserialised:<br>";
$work1->display();
?>

• In the above code, a class Worker is defined and its object $work is created and values are passed in the constructor.
• Then the object is serialized using the serialize() function, the object $work is passed as a parameter in the funciton . You can think that this data is to be stored somewhere, may in a database table or in a text file. The serialized data is stored in a variable $serialized. The statement used for it is as shown below:

$serialized=serialize($work);

• The string is displayed using the echo statement.
• After this the string variable $serialized is passed in the unserialize() function to unserialize the object using the statement shown below:

$work1=unserialize($serialized);

• Then to show that the object has been unserialized, its display() method is called using the $work1 object.
• Output of the code is shown below:


fig 1

• In the above figure, you can see that the serialized string contains the class name Worker and all its properties. Methods of class are not stored in it. The private property of Worker class, for eg. id, is preceded by the class name Worker. And the protected members are preceded with asterisk (*).
• Now it is confirmed to us that methods are not stored in the serialized string, therefore to unserialize an object we need to define or include the class from outside in that particular script.
• We have more 2 methods that notify an object that it is being serialized or unserialized.
• The two methods are __sleep() and __wakeup().
• The __sleep() method is automatically called before the serialization using serialize() function and the __wakeup() method is called automatically after unserialization of an object using unserialize() function.
• The __sleep() method does the work of cleanup before serialization of an object, the work can be closing database connection, saving/storing any data in a file or database, etc.
• The __sleep() method returns an array of data members of a class that should be written into the byte-stream during serialization. The data in the array is converted to the byte-stream and stored permanently; but if no data is passed into the array, nothing will be stored.
• The __wakeup () method performs any required action after the execution of unserialized() function such as restoring the database connections, etc.
• Let us modify our above code and include the __sleep() and __wakeup() methods in it:

<?php
class Worker
{
	private $id;
	protected $name;
	protected $dept;
	
	public function __construct($id,$name,$dept)
	{
		$this->id=$id;
		$this->name=$name;
		$this->dept=$dept;
	}
	
	public function display()
	{
		echo "ID : ".$this->id."<br>Name : ".$this->name."<br> Department : ".$this->dept;
	}
	
	public function __sleep()
	{
		echo "*Cleaning the Worker object.<br>";
		return array("name","dept");
		//return array_keys(get_object_vars($this));
	}
	
	public function __wakeup()
	{
		echo "*Setting the object.<br>";
	}
}

//creating an instance of Worker class
$work=new Worker(1,'James Das','Development');

//serializing the object $work using serialize() function 
$serialized=serialize($work);

//displaying the serialized string
echo "*Serialized object in string format:<br>".$serialized."<br><br>";

//unserializing the string $serialized to the object back
$work1=unserialize($serialized);

//calling the function display() of the Worker class using object $work1 
echo "*Object Unserialised:<br>";
$work1->display();


?>

• Here, we have just added methods __sleep() and __wakeup() to the Worker’s class.
• The __sleep() method displays a string Cleaning the Worker object and returns an array which includes only the name and dept properties of the class. This will include only the name and dept properties in the serialized string.
• The statement return array_keys(get_object_vars($this)); is commented to show you the another way to specify the array of properties.
• The get_object_cars() function takes the current object in the form of $this as its parameter and it returns all the properties of that particular object. The array_keys() will hold all those properties.
• The __wakeup() method just displays the string Setting the Worker object.
• The output is shown below:


fig 2

• In the above figure, we can see that the serialized string contains only the name and dept properties and no id property of class. This is because we specified only name and dept in the array returned from the __sleep() method. If all properties are included, all of them will be specified.
• Next thing you can see that the __sleep() method is called automatically before serialization of the object using serialize() function displaying the statement Cleaning the Worker object.
• And the __wakeup() method is called immediately after the unserialization of the object using unserialize() function displaying the statement Setting the Worker object.

Thus we can convert an object to byte stream and again retrieve the string to an object using serialization and unserialization respectively, which is very useful to pass data between scripts, and applications. Serialization is mostly used in sessions.
So today we learned a new and interesting term in this Serialization in PHP tutorial.