From: [EMAIL PROTECTED] Operating system: Red Hat 8.0 PHP version: 4.2.2 PHP Bug Type: Variables related Bug description: Overridden Get, Post and Cookie data with register_globals turned on
With register_globals turned on, if 3 variables WITH THE SAME NAME are defined in your script (one as a Get variable, one as a Post variable and one as a Cookie variable) and if this name is an ARRAY ELEMENT (let's say foo[ab]), then $_GET["foo"]["ab"] and $_POST["foo"]["ab"] will both be set to $_COOKIE["foo"]["ab"]. Let's try it. First, write the script "print_gpc.php" : <?php echo '$_GET'; echo "<PRE>"; print_r($_GET); echo "</PRE>"; echo '$_POST'; echo "<PRE>"; print_r($_POST); echo "</PRE>"; echo '$_COOKIE'; echo "<PRE>"; print_r($_COOKIE); echo "</PRE>"; ?> Then call the form below ("test.php") in your browser : <?php setcookie("foo[ab]","I_am_a_cookie"); ?> <FORM METHOD="POST" ACTION="print_gpc.php?foo[ab]=I_am_a_get_value"> <INPUT TYPE="submit" NAME="foo[ab]" VALUE="OK"> </FORM> and clic on the OK button. If you have register_globals turned off, you will see what you expect : $_GET Array ( [foo] => Array ( [ab] => I_am_a_get_value ) ) $_POST Array ( [foo] => Array ( [ab] => OK ) ) $_COOKIE Array ( [foo] => Array ( [ab] => I_am_a_cookie ) ) but if you have register_globals turned on, you will have $_GET["foo"]["ab"] == "I_am_a_cookie" and $_POST["foo"]["ab"] == "I_am_a_cookie". Strangly, this problem does not occur if the cookie name is NOT an array element EVEN if register_globals is turned On. (Try to replace "foo[ab]" by "foo" in the "test.php" form.) -- Edit bug report at http://bugs.php.net/?id=20796&edit=1 -- Try a CVS snapshot: http://bugs.php.net/fix.php?id=20796&r=trysnapshot Fixed in CVS: http://bugs.php.net/fix.php?id=20796&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=20796&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=20796&r=needtrace Try newer version: http://bugs.php.net/fix.php?id=20796&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=20796&r=support Expected behavior: http://bugs.php.net/fix.php?id=20796&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=20796&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=20796&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=20796&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=20796&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=20796&r=dst IIS Stability: http://bugs.php.net/fix.php?id=20796&r=isapi