From: [EMAIL PROTECTED]
Operating system: Linux
PHP version: 4.3.0
PHP Bug Type: Session related
Bug description: variables bad values - register_global - session
Hi,
a strange problem, with session and register_global.
The problem does not exist with PHP-4.2.3.
When you have a variable set to a undefined value of
$_SERVER array, and register_global set to ON, PHP set
all variables to the same value (the last value).
If you reload the page, there is no problem, it is only
the FIRST time you read the page where there is the
session variable is built.
If you try with an unset variable, there is no problem.
By the way, I don't understand the last message about
"Your script possibly relies on a session side-effect..."
when register_global is set to OFF.
Best Regards,
Nicolas
--- info PHP
PHP Version 4.3.0
register_argc_argv On
session.auto_start Off
session.bug_compat_42 On
session.bug_compat_warn On
session.cookie_domain no value
session.name PHPSESSID
session.use_cookies On
session.use_only_cookies Off
session.use_trans_sid Off
-------------- test.php -------------
+++SCRIPT+++
session_start();
$referer=$_SERVER['HTTP_REFERER']; # ERR (first time)
#$referer="----"; # OK (always)
session_register("referer");
echo "<PRE>"; echo session_encode(); echo "</PRE>";
$var1="V1";
$var2="V2";
$var3="V3";
echo "<BR>$var1 -- $var2 -- $var3 -- $var_not_affected\n";
+++
------- WITH register_global : On
At the first execution of ths script:
+++OUTPUT+++
referer|N;
V3 -- V3 -- V3 -- V3
+++
AND after reload:
+++OUTPUT+++
referer|N;
V1 -- V2 -- V3 --
+++
------- WITH register_global : Off
+++OUTPUT+++
referer|N;
V1 -- V2 -- V3 --
Warning: Unknown(): Your script possibly relies on a
session side-effect which existed until PHP 4.2.3.
Please be advised that the session extension does
not consider global variables as a
source of data, unless register_globals is enabled.
You can disable this functionality and this warning
by setting session.bug_compat_42 or
session.bug_compat_warn to off, respectively. in
Unknown on line 0
+++
--
Edit bug report at http://bugs.php.net/?id=21542&edit=1
--
Try a CVS snapshot: http://bugs.php.net/fix.php?id=21542&r=trysnapshot
Fixed in CVS: http://bugs.php.net/fix.php?id=21542&r=fixedcvs
Fixed in release: http://bugs.php.net/fix.php?id=21542&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=21542&r=needtrace
Try newer version: http://bugs.php.net/fix.php?id=21542&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=21542&r=support
Expected behavior: http://bugs.php.net/fix.php?id=21542&r=notwrong
Not enough info: http://bugs.php.net/fix.php?id=21542&r=notenoughinfo
Submitted twice: http://bugs.php.net/fix.php?id=21542&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=21542&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=21542&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=21542&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=21542&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=21542&r=gnused
