Etienne Kneuss has posted a look at using the SplObjectStorage functionality of the Standard PHP Library as a safe place to tuck away and protect your objects.

In PHP, you basically need two things to safely identify an object: a object index, the handle, and the class handlers which is how the object will react internally. This set of handlers is actually a pointer, and since disclosing valid pointers is not something that should be done, spl_object_hash is simply providing a MD5 hash of those two values concatenated.

Since arrays are hashed when they are created as well, your script is doubling the amount of work it has to do behind the scenes. Instead, Etienne suggests that you use a SplObjectStorage object instead of an array to keep objects inside. The unique identifier for it is then used directly (instead of rehashed, leaving it open for possible referencing collisions) to reference the object.

Havard Eide has a recent post to his blog that looks at a part of the Standard PHP Library (SPL) that can be used with objects to store them for later use - SplObjectStorage.

In this post I will look at SplObjectStorage: a container that allows to store objects uniquely without the need to compare them one by one.

He lets the code to most of the talking, showing how to do the standard operations for a data store - adding objects (both unique and the same), updating objects in the store, checking to see if an object is already added and removing an object from storage.