MFH (bug 26737)

3 files changed, 39 insertions, 7 deletions

diff --git a/NEWS b/NEWS
index be954d5cec..1fcb55797d 100644
--- a/NEWS
+++ b/NEWS
@@ -14,6 +14,9 @@ PHP                                                                        NEWS
   (Christian, Rob)
 - Fixed bug #29656 (segfault on result and statement properties). (Georg)
 - Fixed bug #29447 (Reflection API issues). (Marcus)
+- Fixed bug #26737 (private/protected properties not serialized when user
+  declared method __sleep() exists). E_NOTICE thrown when __sleep() returns
+  name of non-existing member. (Andrey, Curt)
 
 12 Aug 2004, PHP 5.0.1
 - Changed destructor mechanism so that destructors are called prior to request
diff --git a/ext/standard/var.c b/ext/standard/var.c
index 6d512fac1e..f69606b6f3 100644
--- a/ext/standard/var.c
+++ b/ext/standard/var.c
@@ -579,13 +579,40 @@ static void php_var_serialize_class(smart_str *buf, zval **struc, zval *retval_p
 				continue;
 			}
 
-			php_var_serialize_string(buf, Z_STRVAL_PP(name), Z_STRLEN_PP(name));
-
 			if (zend_hash_find(Z_OBJPROP_PP(struc), Z_STRVAL_PP(name), 
 						Z_STRLEN_PP(name) + 1, (void *) &d) == SUCCESS) {
-				php_var_serialize_intern(buf, d, var_hash TSRMLS_CC);	
+				php_var_serialize_string(buf, Z_STRVAL_PP(name), Z_STRLEN_PP(name));
+				php_var_serialize_intern(buf, d, var_hash TSRMLS_CC);
 			} else {
-				php_var_serialize_intern(buf, &nvalp, var_hash TSRMLS_CC);	
+				zend_class_entry *ce;
+				ce = zend_get_class_entry(*struc TSRMLS_CC);
+				if (ce) {
+					char *prot_name, *priv_name;
+					int prop_name_length;
+					
+					do {
+						zend_mangle_property_name(&priv_name, &prop_name_length, ce->name, ce->name_length, 
+									Z_STRVAL_PP(name), Z_STRLEN_PP(name) + 1, ce->type & ZEND_INTERNAL_CLASS);
+						if (zend_hash_find(Z_OBJPROP_PP(struc), priv_name, prop_name_length, (void *) &d) == SUCCESS) {
+							php_var_serialize_string(buf, priv_name, prop_name_length-1);
+							php_var_serialize_intern(buf, d, var_hash TSRMLS_CC);
+							break;
+						}
+						zend_mangle_property_name(&prot_name, &prop_name_length,  "*", 1, 
+									Z_STRVAL_PP(name), Z_STRLEN_PP(name) + 1, ce->type & ZEND_INTERNAL_CLASS);
+						if (zend_hash_find(Z_OBJPROP_PP(struc), prot_name, prop_name_length, (void *) &d) == SUCCESS) {
+							php_var_serialize_string(buf, prot_name, prop_name_length - 1);
+							php_var_serialize_intern(buf, d, var_hash TSRMLS_CC);
+							break;
+						}
+						php_error_docref(NULL TSRMLS_CC, E_NOTICE, "\"%s\" returned as member variable from __sleep() but does not exist", Z_STRVAL_PP(name));
+						php_var_serialize_string(buf, Z_STRVAL_PP(name), Z_STRLEN_PP(name));
+						php_var_serialize_intern(buf, &nvalp, var_hash TSRMLS_CC);
+					} while (0);
+				} else {
+					php_var_serialize_string(buf, Z_STRVAL_PP(name), Z_STRLEN_PP(name));
+					php_var_serialize_intern(buf, &nvalp, var_hash TSRMLS_CC);
+				}
 			}
 		}
 	}
diff --git a/tests/classes/bug26737.phpt b/tests/classes/bug26737.phpt
index 2fbcca3829..39ac9b1edc 100644
--- a/tests/classes/bug26737.phpt
+++ b/tests/classes/bug26737.phpt
@@ -2,6 +2,7 @@
 Bug #26737 (Protected and private variables are not saved on serialization when a user defined __sleep is used)
 --FILE--
 <?php
+error_reporting(E_ALL);
 class foo
 {
 	private $private = 'private';
@@ -10,12 +11,13 @@ class foo
 
 	public function __sleep()
 	{
-		return array('private', 'protected', 'public');
+		return array('private', 'protected', 'public', 'no_such');
 	}
 }
 $foo = new foo();
 $data = serialize($foo);
 var_dump(str_replace("\0", '\0', $data));
 ?>
---EXPECT--
-string(76) "O:3:"foo":3:{s:7:"private";N;s:9:"protected";R:2;s:6:"public";s:6:"public";}"
+--EXPECTF--
+Notice: serialize(): "no_such" returned as member variable from __sleep() but does not exist in %s on line %d
+string(130) "O:3:"foo":4:{s:12:"\0foo\0private";s:7:"private";s:12:"\0*\0protected";s:9:"protected";s:6:"public";s:6:"public";s:7:"no_such";N;}"