XML (5) serialized and written to an xml file

Use the Xml serializer in. NET to write the content to the xml file. Serialization of the list set is introduced here. Use the Xml serializer in. NET to write the content to the xml file. Serialization of the list set is introduced here.

What is serialization first? What is the function? Serialization

Serialization converts the object state information to a stored or transmitted form. During serialization, the object writes its current state to the temporary or persistent storage area. Later, you can re-create the object by reading or deserializing the object status from the bucket.

Serialization allows other code to view or modify the object instance data that cannot be accessed without serialization. Specifically, special permissions are required for code serialization: SecurityPermission with the SerializationFormatter flag specified. By default, code downloaded over the Internet or Intranet code is not granted with this permission; only code on the local computer is granted with this permission.

Generally, all fields of the object instance are serialized, which means that the data is expressed as the serialized data of the instance. In this way, codes in this format may be able to determine the value of the data without the access of the member. Similarly, deserialization extracts data from the serialized representation and directly sets the object status, which is irrelevant to the accessibility rules.

For any object that may contain important security data, if possible, the object should not be serialized. If it must be serializable, try to generate a specific field to save important data that cannot be serialized. If this cannot be achieved, you should note that the data will be disclosed to any code with serialization permissions, and that this permission will not be obtained by any malicious code.

To sum up: Serialization refers to converting a complex object stream to facilitate storage and information exchange. In terms of security, I do not know much about it. The main reason is that if some information needs to be kept confidential, it is defined as non-serializable to prevent others from being deserialized. You are a Cainiao.

public class person    {        public string Name        {            set;            get;        }        [XmlIgnore]        public int Age        {            get;            set;        }        public string Email        {            get;            set;        }    }

Note: in the code above, [XmlIgnore] is unable to serialize the Age attribute. This is a proprietary non-serializable feature of the Xml serializer. For other objects, [NonSerialized] is used.
(2) add data through the list set for xml Serialization

List
 
  
List = new List
  
   
(); List. add (new person () {Name = "istari", Age = 22, Email = "1061399756@qq.com"}); list. add (new person () {Name = "ss", Age = 22, Email = "1061399756@qq.com"}); list. add (new person () {Name = "ww", Age = 22, Email = "521@qq.com"}); // implement xml serialization XmlSerializer xml = new XmlSerializer (typeof (List
   
    
); Using (FileStream fs = File. openWrite ("List. xml ") {xml. serialize (fs, list);} Console. writeLine ("OK"); Console. readKey ();
   
  
 

(3) Result

   
     
  
   istari
      
  
   1061399756@qq.com
    
   
     
  
   ss
      
  
   1061399756@qq.com
    
   
     
  
   ww
      
  
   521@qq.com
    
 

PS

The format used to write data to an xml file in this way is the format set in the Xml serializer. You do not need to change it. You can also create a serializer by yourself without using the system serializer. The next article will share with you.

The above is the content written into the XML file serialized in xml (5). For more information, see PHP Chinese network (www.php1.cn )!