PHP 8.1 – Deprecated Serializable interface

PHP 8.1 – Deprecated Serializable interface

abstract clouds

Since PHP 7.4 magic methods of __seralize() and __unserialize() were added, since then Serializable interfece is obsolete and in fact broken with new PHP 8.x features. This also includes deprecating of PDO::FETCH_SERIALIZE flag of PDO object that will be remove completely in PHP 9.

A class is “only Serializable” if it is non-abstract, implements Serializable, and does not implement __serialize() and __unserialize(). Then:

  • In PHP 8.1, declaring an “only Serializable” class will throw a deprecation warning. Other implementations of Serializable will be accepted without a deprecation warning, because libraries supporting PHP < 7.4 will generally need to implement both the old and new mechanisms.
  • In PHP 9.0 the Serializable interface will be removed and unserialize() will reject payloads using the C serialization format. Code needing to support both PHP < 7.4 and PHP >= 9.0 may polyfill the Serializable interface, though it will have no effect on serialization.

If a class implements both Serializable and __serialize()/__unserialize(), the latter take precedence (on versions that support them), and the Serializable interface is only used to decode existing serialization payload using the obsolete C format. To migrate to the new mechanism, it’s possible to either replace Serializable entirely (if support for PHP 7.3 and below is not needed) or to implement both (if it is needed).

More about PHP 8.1

Read about all PHP 8.1 features and changes in here.

Leave a Comment