The basic structure is as follows:
Scalar types:
-
Booleans are serialized as:
b:<i>;
where
<i>
is an integer with a value of either0
(false) or1
(true). -
Integers are serialized as:
i:<i>;
where
<i>
is the integer value. -
Floats are serialized as (with
d
meaning double):d:<f>;
where
<f>
is the float value. -
Strings are serialized as:
s:<i>:"<s>";
where
<i>
is an integer representing the string length of<s>
, and<s>
is the string value.
Special types:
-
null
is simply serialized as:N;
Compound types:
-
Arrays are serialized as:
a:<i>:{<elements>}
where
<i>
is an integer representing the number of elements in the array, and<elements>
zero or more serialized key value pairs:<key><value>
where
<key>
represents a serialized scalar type, and<value>
any value that is serializable. -
Objects are serialized as:
O:<i>:"<s>":<i>:{<properties>}
where the first
<i>
is an integer representing the string length of<s>
, and<s>
is the fully qualified class name (class name prepended with full namespace). The second<i>
is an integer representing the number of object properties.<properties>
are zero or more serialized name value pairs:<name><value>
where
<name>
is a serialized string representing the property name, and<value>
any value that is serializable.There’s a catch with
<name>
though:<name>
is represented ass:<i>:"<s>";
where
<i>
is an integer representing the string length of<s>
. But the values of<s>
differs per visibility of properties:a. With public properties
<s>
is the simple name of the property.b. With protected properties, however,
<s>
is the simple name of the property, prepended with\0*\0
— an asterix, enclosed in twoNUL
characters (i.e.chr(0)
).c. And with private properties,
<s>
is the simple name of the property, prepended with\0<s>\0
—<s>
, enclosed in twoNUL
characters, where<s>
is the fully qualified class name.
There are a few other cases, such as R:<i>;
, that represents references, that I haven’t mentioned here (because I honestly haven’t figured out the exact workings of it yet), but this should give you a decent idea about PHP’s serializing mechanism.