esport Posted October 14, 2008 Share Posted October 14, 2008 Hi guys, I noticed that if I have a variable named the same as a session variable name, it cause conflict. For example, I set a session $_SESSION['username'] = 'Joe'; and when I set the variable $username = 'John' The session variable is effected. Can anyone elaborate on this? Daniel Quote Link to comment Share on other sites More sharing options...
Lamez Posted October 14, 2008 Share Posted October 14, 2008 I think a $_SESSION variable over rights a regular variable. I always add something to my session variables like $_SESSION['s_username']; then you can do something like $username = $_SESSION['s_username'] Quote Link to comment Share on other sites More sharing options...
genericnumber1 Posted October 14, 2008 Share Posted October 14, 2008 Do you have register globals enabled? I still wouldn't think it would affect it since I'm pretty sure the variables created by the directive aren't references, but it's the only thing I can think of. Make sure register_globals is disabled in your php.ini. Quote Link to comment Share on other sites More sharing options...
esport Posted October 14, 2008 Author Share Posted October 14, 2008 yes, register_globals is enabled. I will turn it off and get back to you. Its not a major concern, there are obvious ways around this, but it took me almost half a day to figure out why my sessions kept on dropping out, to only relise my variables were effecting them. Quote Link to comment Share on other sites More sharing options...
genericnumber1 Posted October 14, 2008 Share Posted October 14, 2008 Disabling it should fix your problem... register_globals is an extreme security risk if you're not planning for it when you program, and it will be removed altogether in php 6. Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted October 14, 2008 Share Posted October 14, 2008 Register_globals were turned off in php4.2 in the year 2002 because of this security hole (anyone can send your code post/get/cookies with the same name as a session or program variable and set your session or program variable to any value they want.) That was six years ago. No new hosting or development system should have been setup after that point in time that had register_globals turned on. I am surprised we are still seeing people wasting time troubleshooting variables getting overwritten this long after the problem was known and the setting that caused it was turned off. Quote Link to comment Share on other sites More sharing options...
esport Posted October 14, 2008 Author Share Posted October 14, 2008 Not everyone is a guru and is aware of this. This is the first time I have ever come across this problem. Quote Link to comment Share on other sites More sharing options...
genericnumber1 Posted October 14, 2008 Share Posted October 14, 2008 Not everyone is a guru and is aware of this. This is the first time I have ever come across this problem. It's understandable, just be 100% sure it's off for all your php configurations until php6 finally redeems us from the hassle. Quote Link to comment Share on other sites More sharing options...
esport Posted October 14, 2008 Author Share Posted October 14, 2008 thanks guys for the info. at least i know what is going on now. maybe i should of done a bit more research before i posted this thread. Quote Link to comment Share on other sites More sharing options...
genericnumber1 Posted October 14, 2008 Share Posted October 14, 2008 Well it's understandable, if you don't know it's register_globals it's hard to google "why is a local variable linked to a global variable?" Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.