Jump to content

variable names and session name conflict

esport

By esport
in PHP Coding Help

 Share

Recommended Posts

esport Member

esport

Posted
Posted

Hi guys,

I noticed that if I have a variable named the same as a session variable name, it cause conflict. For example, I set a session 

$_SESSION['username'] = 'Joe';

and when I set the variable 

$username = 'John'

The session variable is effected.

 

Can anyone elaborate on this?

 

Daniel

 

 

genericnumber1 Member

genericnumber1

Posted
Posted

Do you have register globals enabled? I still wouldn't think it would affect it since I'm pretty sure the variables created by the directive aren't references, but it's the only thing I can think of. Make sure register_globals is disabled in your php.ini.

esport Member

esport

Posted
  • Author
Posted

yes, register_globals is enabled. I will turn it off and get back to you. Its not a major concern, there are obvious ways around this, but it took me almost half a day to figure out why my sessions kept on dropping out, to only relise my variables were effecting them.

PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

Register_globals were turned off in php4.2 in the year 2002 because of this security hole (anyone can send your code post/get/cookies with the same name as a session or program variable and set your session or program variable to any value they want.) That was six years ago. No new hosting or development system should have been setup after that point in time that had register_globals turned on.

 

I am surprised we are still seeing people wasting time troubleshooting variables getting overwritten this long after the problem was known and the setting that caused it was turned off.

genericnumber1 Member

genericnumber1

Posted
Posted

Not everyone is a guru and is aware of this. This is the first time I have ever come across this problem.

 

It's understandable, just be 100% sure it's off for all your php configurations until php6 finally redeems us from the hassle.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.