Fix PHP 8.2 deprecated warnings in Dokan Lite

[midu-01]

All Submissions:

• My code follow the WordPress' coding standards
• My code satisfies feature requirements
• My code is tested
• My code passes the PHPCS tests
• My code has proper inline documentation
• I've included related pull request(s) (optional)
• I've included developer documentation (optional)
• I've added proper labels to this pull request

---

Changes proposed in this Pull Request:

This pull request fixes PHP 8.2 deprecated warnings in Dokan Lite caused by legacy serialization handling.

• Replaced deprecated __wakeup() usage with __unserialize() as required by PHP 8.2.
• Updated method signatures to align with current PHP standards.
• No functional or behavioral changes introduced.

These changes remove deprecated notices from PHP error logs and improve forward compatibility.

---

Related Pull Request(s)

• N/A

---

Closes

• Closes https://github.com/getdokan/dokan-pro/issues/5359

---

How to test the changes in this Pull Request:

1. Install WordPress with Dokan Lite enabled.
2. Set PHP version to 8.2.x.
3. Enable WP_DEBUG and WP_DEBUG_LOG.
4. Load Dokan Lite related pages.
5. Verify that no PHP deprecated warnings appear in the error log.

---

Changelog entry

Fix PHP 8.2 deprecated warnings in Dokan Lite

Previously, Dokan Lite triggered PHP 8.2 deprecated warnings due to outdated serialization handling. This update aligns the code with modern PHP standards while preserving existing behavior.

---

Before Changes

• PHP 8.2 logged deprecated warnings related to legacy serialization methods.
• Error logs were noisy and indicated future compatibility risks.

---

After Changes

• No PHP deprecated warnings on PHP 8.2.
• Dokan Lite codebase aligns with current PHP standards.
• Cleaner error logs without any behavior change.

---

Feature Video (optional)

N/A

---

PR Self Review Checklist:

• Code follows code style guidelines
• Naming is clear and understandable
• KISS principle followed
• DRY principle followed
• Code is readable and maintainable
• No performance issues introduced
• No unnecessary complexity
• No grammar errors

---

FOR PR REVIEWER ONLY:

As a reviewer, your feedback should be focused on the idea, not the person. Seek to understand, be respectful, and focus on constructive dialog.

As a contributor, your responsibility is to learn from suggestions and iterate your pull request should it be needed based on feedback. Seek to collaborate and produce the best possible contribution to the greater whole.

• Correct — The change resolves PHP 8.2 deprecated warnings in Dokan Lite.
• Secure — No security concerns introduced.
• Readable — The changes are easy to understand and maintain.
• Elegant — The solution fits well within the existing Dokan Lite architecture.

Summary by CodeRabbit

• Refactor
  • Updated serialization handling to align with modern PHP standards across the codebase.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

📝 Walkthrough

Walkthrough

The pull request updates two files by replacing the deprecated PHP 8.2 magic method __wakeup() with __unserialize(array $data): void to align with current PHP serialization standards and eliminate deprecation warnings.

Changes

Cohort / File(s)	Summary
Serialization Magic Method Modernization includes/ReverseWithdrawal/ReverseWithdrawal.php, includes/Traits/ChainableContainer.php	Replaced deprecated __wakeup() method with __unserialize(array $data): void signature in both classes. Added typed $data parameter and void return type. Updated docblocks to document the new parameter. Maintains existing behavior of preventing unserialization.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

Suggested labels

QA approved, :+1: Dev Review Done, Upcoming Release

Suggested reviewers

• mrabbani
• kzamanbd
• shohag121

Poem

🐰 Deprecated magic fades away,
__unserialize() saves the day!
PHP 8.2 warnings cease their call,
Modern methods matter most of all! ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: fixing PHP 8.2 deprecated warnings in Dokan Lite.
Description check	✅ Passed	The PR description is comprehensive and follows the template well, including changes, testing instructions, changelog, and before/after details.
Linked Issues check	✅ Passed	The PR directly addresses the objectives from issue #5359 by replacing __wakeup() with __unserialize() in ReverseWithdrawal and ChainableContainer classes.
Out of Scope Changes check	✅ Passed	All changes are directly related to fixing PHP 8.2 deprecated warnings by updating serialization method signatures, with no unrelated modifications present.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In `@includes/ReverseWithdrawal/ReverseWithdrawal.php`:
- Around line 38-43: The __unserialize method in ReverseWithdrawal (and the
identical method in the ChainableContainer trait/class) accepts the required
array $data parameter but never uses it, triggering linter warnings; to fix, add
unset( $data ); at the start (or before returning) of the __unserialize( array
$data ): void method in ReverseWithdrawal.php and the same __unserialize
implementation in includes/Traits/ChainableContainer.php so the parameter is
explicitly marked as unused and the linter warning is suppressed.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

# Find and examine the ReverseWithdrawal.php file
find . -name "ReverseWithdrawal.php" -type f

Repository: getdokan/dokan

Length of output: 216

---

🏁 Script executed:

# Read the file to see the full method context
if [ -f "includes/ReverseWithdrawal/ReverseWithdrawal.php" ]; then
  cat -n "includes/ReverseWithdrawal/ReverseWithdrawal.php"
fi

Repository: getdokan/dokan

Length of output: 3700

---

🏁 Script executed:

# Check if there's a __serialize method (companion to __unserialize)
rg "__serialize|__unserialize" --context 5 "includes/ReverseWithdrawal/ReverseWithdrawal.php"

Repository: getdokan/dokan

Length of output: 502

---

🏁 Script executed:

# Check for phpcs directives or linter configuration in the repository
find . -name "phpcs.xml*" -o -name ".phpcs.xml*" -o -name "phpstan.neon*" -o -name "psalm.xml*" | head -5

Repository: getdokan/dokan

Length of output: 74

---

🏁 Script executed:

# Check phpcs configuration
cat phpcs.xml.dist

Repository: getdokan/dokan

Length of output: 9931

---

🏁 Script executed:

# Look for patterns of unused parameter handling in the codebase
rg "unset\(" --context 2 | head -30

Repository: getdokan/dokan

Length of output: 1827

---

🏁 Script executed:

# Check if there are phpcs inline suppressions for unused parameters in similar contexts
rg "phpcs:ignore.*unused|@phpstan-ignore-next-line" --context 2 | head -30

Repository: getdokan/dokan

Length of output: 40

---

🏁 Script executed:

# Search for other __unserialize or magic methods in the codebase to see patterns
rg "__unserialize|__serialize|__clone" --context 3

Repository: getdokan/dokan

Length of output: 2775

---

🏁 Script executed:

# Check if ChainableContainer.php has the same issue and if it's addressed
cat -n includes/Traits/ChainableContainer.php | grep -A 5 "__unserialize"

Repository: getdokan/dokan

Length of output: 457

---

🏁 Script executed:

# Verify PHP magic method signature requirements for __unserialize
web_search "PHP __unserialize magic method signature requirements"

Repository: getdokan/dokan

Length of output: 108

---

🌐 Web query:

PHP __unserialize magic method signature parameter required

💡 Result:

Short answer: The required signature is

public function __unserialize(array $data): void

Details:

• __unserialize was introduced as part of the new serialization API in PHP 7.4. [1][2]
• The method must be public and accept a single parameter typed as array; using a different signature (including different parameter type or missing the parameter) is a fatal error. [1]
• It should not return a value (declare return type void). [1][3]

Sources:
[1] PHP Manual — Magic Methods.
[2] PHP RFC: Phasing out Serializable (introducing __serialize/__unserialize).
[3] PHP Manual — examples for builtins showing signature (e.g. SplFixedArray/DateTime __unserialize).

---

Add unset( $data ); to suppress unused parameter warning—apply same fix to ChainableContainer.php for consistency.

The $data parameter is required by the PHP magic method signature but unused in the implementation. While functionally correct, linters flag it. The same unused parameter issue exists identically in includes/Traits/ChainableContainer.php at line 31, so both should be updated consistently.

Suggested fix

 public function __unserialize( array $data ): void {
+    unset( $data ); // Intentionally unused.
     $message = ' Backtrace: ' . wp_debug_backtrace_summary();
     _doing_it_wrong( __METHOD__, $message . esc_html__( 'Unserializing instances of this class is forbidden.', 'dokan-lite' ), DOKAN_PLUGIN_VERSION ); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
 }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	*
	* @param array $data Unserialized data.
	*/
	public function __wakeup() {
	public function __unserialize( array $data ): void {
	$message = ' Backtrace: ' . wp_debug_backtrace_summary();
	_doing_it_wrong( __METHOD__, $message . esc_html__( 'Unserializing instances of this class is forbidden.', 'dokan-lite' ), DOKAN_PLUGIN_VERSION ); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
	*
	* `@param` array $data Unserialized data.
	*/
	public function __unserialize( array $data ): void {
	unset( $data ); // Intentionally unused.
	$message = ' Backtrace: ' . wp_debug_backtrace_summary();
	_doing_it_wrong( __METHOD__, $message . esc_html__( 'Unserializing instances of this class is forbidden.', 'dokan-lite' ), DOKAN_PLUGIN_VERSION ); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped

🧰 Tools

🪛 PHPMD (2.15.0)

41-41: Avoid unused parameters such as '$data'. (undefined)

(UnusedFormalParameter)

🤖 Prompt for AI Agents

In `@includes/ReverseWithdrawal/ReverseWithdrawal.php` around lines 38 - 43, The
__unserialize method in ReverseWithdrawal (and the identical method in the
ChainableContainer trait/class) accepts the required array $data parameter but
never uses it, triggering linter warnings; to fix, add unset( $data ); at the
start (or before returning) of the __unserialize( array $data ): void method in
ReverseWithdrawal.php and the same __unserialize implementation in
includes/Traits/ChainableContainer.php so the parameter is explicitly marked as
unused and the linter warning is suppressed.