Unserialize with the upper case S is deprecated¶

When using the unserialize() function, the string should not use S (upper case S) to format a string. It should only use s (lower case S).

Other formats, such as i, b or N are already case sensitive.

PHP code¶

<?php

var_dump(unserialize('S:1:e;'));

?>

Before¶

string(1) e

After¶

PHP Deprecated:  unserialize(): Unserializing the 'S' format is deprecated

Deprecated: unserialize(): Unserializing the 'S' format is deprecated
string(1) e

PHP version change¶

This behavior changed in 8.4

Error Messages¶

Unserializing the ‘S’ format is deprecated