*

boolean: b:1;

*

integer: i:1;

*

double: d:0.2;

*

string: s:4:"test";

*

array: a:3:{i:0;i:1;i:1;i:2;i:2;i:3;}

*

object: O:8:"stdClass":0:{}

*

null: N;

* * * @author Chris Smith * @copyright Copyright (c) 2009 Chris Smith (http://www.cs278.org/) * @license http://sam.zoy.org/wtfpl/ WTFPL * @param string $value Value to test for serialized form * @param mixed $result Result of unserialize() of the $value * @return boolean True if $value is serialized data, otherwise false */ function is_serialized($value, &$result = null) { // Bit of a give away this one if (!is_string($value)) { return false; } // Serialized false, return true. unserialize() returns false on an // invalid string or it could return false if the string is serialized // false, eliminate that possibility. if ($value === 'b:0;') { $result = false; return true; } $length = strlen($value); $end = ''; switch ($value[0]) { case 's': if ($value[$length - 2] !== '"') { return false; } case 'b': case 'i': case 'd': // This looks odd but it is quicker than isset()ing $end .= ';'; case 'a': case 'O': $end .= '}'; if ($value[1] !== ':') { return false; } switch ($value[2]) { case 0: case 1: case 2: case 3: case 4: case 5: case 6: case 7: case 8: case 9: break; default: return false; } case 'N': $end .= ';'; if ($value[$length - 1] !== $end[0]) { return false; } break; default: return false; } if (($result = @unserialize($value)) === false) { $result = null; return false; } return true; }