I just intend to bring my little contribution to the use of DOMDocument::save() function along with PHP serialize() function.
Sometimes you could have to serialize a PHP object before you put it into a XML structure (or other..). And then I suppose you could have to save this XML structure in a file. Of course, you will further need to read this file and unserialize it before to use its content.
The problem appears when there are some properties described as Protected in the object to be serialized.
As it’s written in the PHP documentation, serialize function add for those protected properties an asterisk before the name of the property along with a NULL character on each side of the asterisk.
In this case, the DOMDocument::save function will stop the save operation just before the first NULL character met in the string to be saved, because PHP consider it as a potential risk.
So, after that, the unserialize operation of the file become impossible.
To solve that, here is a first solution to apply :
For the serialize , before the DOMDocument::save() ::
$data_serial = explode("\x00\x2A\x00", serialize($object)); //take off the 'NULL * NULL' string
$data_serial = implode("\x5C\x30\x2A\x5C\x30", $data_serial); //and replace with '\0*\0' string
Before the unserialize :
$data_serial = explode("\x5C\x30\x2A\x5C\x30", $serialized_object); // take off the '\0*\0' string
$serial_object = implode("\x00\x2A\x00", $data_serial); // and replace with 'NULL * NULL' string as included by the previous serialize
And a second solution :
For the serialize, before the DOMDocument::save() :
$serialized_object = addslashes(serialize($object)) ;
Before re-using the object in your application :
$object = unserialize(stripslashes($serialized_object)) ;
Hope this will help some.