Serializing objects - objects in sessions
serialize() returns a string containing a
byte-stream representation of any value that can be stored in
PHP. unserialize() can use this string to
recreate the original variable values. Using serialize to
save an object will save all variables in an object. The
functions in an object will not be saved, only the name of
the class.
In order to be able to unserialize() an object, the
class of that object needs to be defined. That is, if you have an object
$a of class A on page1.php and serialize this, you'll
get a string that refers to class A and contains all values of variabled
contained in $a. If you want to be able to unserialize
this on page2.php, recreating $a of class A, the
definition of class A must be present in page2.php. This can be done for
example by storing the class definition of class A in an include file and
including this file in both page1.php and page2.php.
If you are using sessions and use session_register()
to register objects, these objects are serialized automatically
at the end of each PHP page, and are unserialized automatically on
each of the following pages. This basically means that these objects
can show up on any of your pages once they become part of your
session.
It is strongly recommended that you include the class
definitions of all such registered objects on all of your
pages, even if you do not actually use these classes on all
of your pages. If you don't and an object is being
unserialized without its class definition being present, it
will lose its class association and become an object of class
__PHP_Incomplete_Class_Name without any functions available
at all, that is, it will become quite useless.
So if in the example above $a became part of a session
by running session_register("a"), you should include the
file classa.inc on all of your pages, not only page1.php
and page2.php.