autodoc.git
/
traditional_manual
/
chapter_21.html
version
»
Context lines:
10
20
40
80
file
none
3
autodoc.git/traditional_manual/chapter_21.html:1214:
<dt class='head--doc'>See also</dt> <dd class='body--doc'><p><code>strftime()</code>, <code>time()</code>, <code>localtime()</code>, <code>gmtime()</code>, <code>mktime()</code></p> </dd></dl> <hr /> <dl class='group--doc'> <dt class='head--type'><span class='homogen--type'>Method</span> <span class='homogen--name'><b>decode_value</b></span> </dt>
-
<dd><p><code><code class='datatype'>mixed</code> <b><span class='method'>decode_value</span>(</b><code class='datatype'>string</code> <code class='argument'>coded_value</code>, <code class='datatype'>void</code>|<code class='object unresolved'>Codec</code> <code class='argument'>codec</code><b>)</b></code></p></dd>
+
<dd><p><code><code class='datatype'>mixed</code> <b><span class='method'>decode_value</span>(</b><code class='datatype'>string</code> <code class='argument'>coded_value</code>, <code class='datatype'>void</code>|<code class='object unresolved'>Codec</code>
|<code
class='datatype'>int(-1..-1)
<
/
code
>
<code
class='argument'>codec</code><b>)</b></code></p></dd>
<dt class='head--doc'>Description</dt> <dd class='body--doc'><p>Decode a value from the string <code>coded_value</code>.</p> <p> This function takes a string created with <code>encode_value()</code> or <code>encode_value_canonic()</code> and converts it back to the value that was coded.</p> <p> If <code>codec</code> is specified, it's used as the codec for the decode. If none is specified, then one is instantiated through <code class='expr'>master()->Decoder()</code>. As a compatibility fallback, the
-
master itself is used if it has no <code class='expr'>Decoder</code> class.</p>
+
master itself is used if it has no <code class='expr'>Decoder</code> class.
+
If
<
code>codec<
/
code> is the special value <code class='expr'>-1</code>, then decoding of
+
types, functions, programs and objects is disabled.</
p>
</dd>
-
+
<dt class='head--doc'>Note</dt>
+
<dd class='body--doc'><p>Decoding a <code>coded_value</code> that you have not generated yourself
+
is a <b>security risk</b> that can lead to execution of arbitrary
+
code, unless <code>codec</code> is specified as <code class='expr'>-1</code>.</p>
+
</dd>
<dt class='head--doc'>See also</dt> <dd class='body--doc'><p><code>encode_value()</code>, <code>encode_value_canonic()</code></p> </dd></dl> <hr /> <dl class='group--doc'> <dt class='head--type'><span class='homogen--type'>Method</span> <span class='homogen--name'><b>depth</b></span> </dt>