logoalt Hacker News

hdjrudniyesterday at 8:15 AM1 replyview on HN

Don't forget PHP's serialize/unserialize, it's also sketchy. Looks like they at least put up a big warning in their docs: https://www.php.net/manual/en/function.unserialize.php

Not hating on PHP, to be clear. It has its warts, but it has served me well.

Replies

nchmyyesterday at 7:16 PM

igbinary is often a good drop-in replacement for native serialize/unserialize. Faster and smaller.