ID: 15551
User updated by: postings dot php dot net at hans-spath dot de
Reported By: postings dot php dot net at hans-spath dot de
-Status: Bogus
+Status: Closed
Bug Type: Session related
Operating System: Win32
PHP Version: 4.1.1
New Comment:
Although this bug was set to "Bogus",
someone fixed it ...
... very strange :-P
(tested with 4.2.3)
Previous Comments:
------------------------------------------------------------------------
[2002-02-23 16:31:33] zantispam at netscape dot net
[EMAIL PROTECTED] wrote:
> If you cannot control the setting of register_globals,
> you should use the session_register() functions
while earlier he wrote:
> If you are using $HTTP_SESSION_VARS/$_SESSION, do not use
> session_register(), session_is_registered() and
> session_unregister() unless you know internal of session
> module.
> In other words, don't use register_globals(on) and
> $_SESSION together.
So then, how exactly am I supposed to make sessions work if I can't
access the session arrays? $GLOBALS? $_GLOBALS?
$*GLOBALS != sessions.
I must admit that I'm sorely disappointed in the way PHP development
has been proceding as of 4.0.6 Sessions are horribly broken, the
documentation is just plain wrong, there's very little developer
support, and the default answer to every session problem seems to be
'don't use session_* with any of the session arrays. Don't use any of
the session arrays if the ini file has been modified from the defaults.
Learn the internals of the session module."
Which leavs PHP, for all intents and purposes, without session
support.
Might I suggest the developers and documentation maintainers advise
against the use of sessions until such time as they work? With 'work'
defined as backward-compatible with prior versions of PHP AND (this is
important) functional with respect to what the documentation says.
I really don't feel like should have to grok the internals of the
session module just to be able to use sessions. This is why the
session module is a module (module being defined as a black box
componant).
HAND
------------------------------------------------------------------------
[2002-02-14 12:17:29] postings dot php dot net at hans-spath dot de
Funny guy, as you could see in my demonstration script, I'm capable of
unregistering variables from session having register_globals enabled. I
just don't like the way how that has to be done.
By and by I get tired of writing new workarounds for new bugs (from
which almost all were session related). My session handling class
meanwhile contains three workarounds, which are applied depending on
the php version and its configuration. If session handling would work
as expected, I wouldn't have to use my (workaround-bloated)class
anymore.
Furthermore it makes no sense to me, to introduce a new clean way of
handling session variables, while making it impossible to be used by
developers that have to consider backwards compatibility. (By the way,
I belive this silly behaviour could be fixed ...)
------------------------------------------------------------------------
[2002-02-14 09:11:21] [EMAIL PROTECTED]
If you cannot control the setting of register_globals, you should use
the session_register() functions _or_ learn the internals of the
session module :)
Regards, Marc.
------------------------------------------------------------------------
[2002-02-14 08:28:51] postings dot php dot net at hans-spath dot de
And how I'm supposed to write good, compatible code while I can't tell
my customers what they have to configure on their server, because my
application is not supposed to be the only one running there?
If the references would point to $_SESSION[*] and be stored in
$GLOBALS[*] instead of pointing to $_GLOBALS[*] and being stored in
$_SESSION[*], you could use $_SESSION[*] regardless of
register_globals.
------------------------------------------------------------------------
[2002-02-14 07:16:42] [EMAIL PROTECTED]
extract from the session documentation:
If register_globals is enabled, [...] users must register variables
with session_register() function.
If you are using $HTTP_SESSION_VARS/$_SESSION, do not use
session_register(), session_is_registered() and session_unregister()
unless you know internal of session module.
In other words, don't use register_globals(on) and $_SESSION together.
Regards, Marc.
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
http://bugs.php.net/15551
--
Edit this bug report at http://bugs.php.net/?id=15551&edit=1
