From 185cae8f28babc99bee801a80c1cd0d9fb4d4e5f Mon Sep 17 00:00:00 2001
From: Matthias Schmidt <gravatronics@live.com>
Date: Wed, 20 Jul 2011 12:59:02 +0200
Subject: [PATCH] Disable serialization of SingletonFactory classes

If you don't disable the serialization of SingletonFactory classes, it's
 possible to create multiple instances simply be serializing the existin
g instance and and unserializing it again.
---
 wcfsetup/install/files/lib/system/SingletonFactory.class.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/wcfsetup/install/files/lib/system/SingletonFactory.class.php b/wcfsetup/install/files/lib/system/SingletonFactory.class.php
index e182f7106e..39cccc72d2 100644
--- a/wcfsetup/install/files/lib/system/SingletonFactory.class.php
+++ b/wcfsetup/install/files/lib/system/SingletonFactory.class.php
@@ -36,6 +36,11 @@ abstract class SingletonFactory {
 	 */
 	protected final function __clone() { }
 	
+	/**
+	 * Object serialization is disallowed.
+	 */
+	protected final function __sleep() { }
+	
 	/**
 	 * Returns an unique instance of current child class.
 	 * 
-- 
2.20.1