> On 27 Oct 2014, at 08:03, Stas Malyshev <smalys...@sugarcrm.com> wrote: > > I'd like to have a vote on unserialize() improvement proposal outlined here: > https://wiki.php.net/rfc/secure_unserialize
Suggestion on improving the API: Why bother with three values? If there’s no parameter, use current behaviour. If there’s an array, it’s allowed classes. If that array is empty, obviously there are no allowed classes. -- Andrea Faulds http://ajf.me/ -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
