diff options
| author | Stanislav Malyshev <stas@php.net> | 2014-11-22 22:23:55 -0800 |
|---|---|---|
| committer | Stanislav Malyshev <stas@php.net> | 2014-11-22 22:25:57 -0800 |
| commit | 77f172725a37c8ddee750bf6970529a1570fbc86 (patch) | |
| tree | 5a763e9ce856dd7df4ab6ec2a9467e6b5c5422fe | |
| parent | 9d7c5dbed941c4d4c18d7d5ed308a07897b7596d (diff) | |
| download | php-git-77f172725a37c8ddee750bf6970529a1570fbc86.tar.gz | |
Add NEWS & UPGRADING
| -rw-r--r-- | NEWS | 4 | ||||
| -rw-r--r-- | UPGRADING | 5 |
2 files changed, 8 insertions, 1 deletions
@@ -17,7 +17,9 @@ PHP NEWS . Implemented FR #38409 (parse_ini_file() looses the type of booleans). (Tjerk) . Fixed #67959 (Segfault when calling phpversion('spl')). (Florian) . Implemented the RFC `Catchable "Call to a member function bar() on a - non-object"` (Timm) + non-object"`. (Timm) + . Added options parameter for unserialize allowing to specify acceptable + classes (https://wiki.php.net/rfc/secure_unserialize). (Stas) . Fixed bug #68185 ("Inconsistent insteadof definition."- incorrectly triggered). (Julien) - DBA: @@ -76,6 +76,11 @@ PHP X.Y UPGRADE NOTES - parse_ini_file(): - parse_ini_string(): Added scanner mode INI_SCANNER_TYPED to yield typed .ini values. +- unserialize(): + Added second parameter for unserialize function + (RFC: https://wiki.php.net/rfc/secure_unserialize) allowing to specify + acceptable classes: + unserialize($foo, ["allowed_classes" => ["MyClass", "MyClass2"]); ======================================== |