Since PHP 7.4 magic methods of
__unserialize() were added, since then Serializable interfece is obsolete and in fact broken with new PHP 8.x features. This also includes deprecating of
PDO::FETCH_SERIALIZE flag of PDO object that will be remove completely in PHP 9.
A class is “only Serializable” if it is non-abstract, implements
Serializable, and does not implement
- In PHP 8.1, declaring an “only Serializable” class will throw a deprecation warning. Other implementations of
Serializablewill be accepted without a deprecation warning, because libraries supporting PHP < 7.4 will generally need to implement both the old and new mechanisms.
- In PHP 9.0 the
Serializableinterface will be removed and
unserialize()will reject payloads using the
Cserialization format. Code needing to support both PHP < 7.4 and PHP >= 9.0 may polyfill the
Serializableinterface, though it will have no effect on serialization.
If a class implements both
__unserialize(), the latter take precedence (on versions that support them), and the
Serializable interface is only used to decode existing serialization payload using the obsolete
C format. To migrate to the new mechanism, it’s possible to either replace
Serializable entirely (if support for PHP 7.3 and below is not needed) or to implement both (if it is needed).
More about PHP 8.1
Read about all PHP 8.1 features and changes in here.