/**
* Reverse of dumps, throw an Exception in case of bad signature.
*
* @param string Signed key
* @param string Key (null)
* @param string Extra key ('')
* @return mixed The dumped signed object
*/
public static function loads($s, $key = null, $extra_key = '')
{
if ($key === null) {
$key = Pluf::f('secret_key');
}
$base64d = self::unsign($s, $key . $extra_key);
$decompress = false;
if ($base64d[0] == '.') {
// It's compressed; uncompress it first
$base64d = substr($base64d, 1);
$decompress = true;
}
$serialized = Pluf_Utils::urlsafe_b64decode($base64d);
if ($decompress) {
$serialized = gzinflate($serialized);
}
return unserialize($serialized);
}
