php反序列化存储在DB字段中的序列化对象

Store it in a BLOB / BINARY column, not in TEXT or (VAR)CHAR. Serialization of certain properties contain NULL-bytes for instance.

As @Barmar says, the documentation states this explicitly:

Note that this is a binary string which may include null bytes, and needs to be stored and handled as such. For example, serialize() output should generally be stored in a BLOB field in a database, rather than a CHAR or TEXT field.

To illustrate:

<?php
class Foo { private $bar = "baz";} 
$string = serialize(new Foo()); 
echo $string.PHP_EOL;
for($i = 0; $i < strlen($string); $i++){ 
    echo $string[$i]."(".dechex(ord($string[$i])).")";
}

Outputs visually:

O:3:"Foo":1:{s:8:"Foobar";s:3:"baz";}

BUT: there's more then the eye can see:

O(4f):(3a)3(33):(3a)"(22)F(46)o(6f)o(6f)"(22):(3a)1(31):(3a){..
    (7b)s(73):(3a)8(38):(3a)"(22)(0)F(46)o(6f)o(6f)(0)b(62)a(61)r(72)"
                                  ^ ----------------^-- there's two of your NULL bytes.