yohgaki Thu Feb 14 20:58:23 2002 EDT
Modified files:
/phpdoc/en/functions session.xml
Log:
Fixed description for users enable register_globals
Index: phpdoc/en/functions/session.xml
diff -u phpdoc/en/functions/session.xml:1.80 phpdoc/en/functions/session.xml:1.81
--- phpdoc/en/functions/session.xml:1.80 Sat Feb 2 10:36:09 2002
+++ phpdoc/en/functions/session.xml Thu Feb 14 20:58:23 2002
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="iso-8859-1"?>
-<!-- $Revision: 1.80 $ -->
+<!-- $Revision: 1.81 $ -->
<reference id="ref.session">
<title>Session handling functions</title>
<titleabbrev>Sessions</titleabbrev>
@@ -147,11 +147,21 @@
<caution>
<para>
If you are using
- <varname>$HTTP_SESSION_VARS</varname>/<varname>$_SESSION</varname>,
+ <varname>$HTTP_SESSION_VARS</varname>/<varname>$_SESSION</varname>
+ and disable <link
+ linkend="ini.register-globals"><literal>register_globals</literal></link>,
do not use <function>session_register</function>,
<function>session_is_registered</function> and
- <function>session_unregister</function> unless you know internal
- of session module.
+ <function>session_unregister</function>.
+ </para>
+ <para>
+ If you enable <link
+ linkend="ini.register-globals"><literal>register_globals</literal></link>,
+ <function>session_unregister</function> should be used since
+ session variables are registered as global variables when
+ session data is deserialized. Disabling <link
+ linkend="ini.register-globals"><literal>register_globals</literal></link>
+ is recommended for both security and performance reason.
</para>
</caution>
<example>