php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #14566 Session variables become read only
Submitted: 2001-12-17 15:47 UTC Modified: 2002-03-22 01:57 UTC
Votes:4
Avg. Score:4.2 ± 1.3
Reproduced:4 of 4 (100.0%)
Same Version:3 (75.0%)
Same OS:1 (25.0%)
From: dward at maidencreek dot com Assigned:
Status: Closed Package: Session related
PHP Version: 4.1.0 OS: Solaris 7
Private report: No CVE-ID: None
View Developer Edit
 [2001-12-17 15:47 UTC] dward at maidencreek dot com 
In PHP 4.1.0 it seems that session variables can only be set once and will not be updated from subsequent pages (when using a user save_handler at least).  The same code works fine in PHP 4.0.6.

It seems that the write handler registered with session_set_save_handler() gets the same session data that was read with the read handler except that newly set session variables get added.

Patches

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2001-12-17 15:55 UTC] derick@php.net 
Can you post your script, and tell use the settings of register_globals?

Derick
 [2001-12-18 12:55 UTC] dward at maidencreek dot com 
register_globals is on.

I have been trying to narrow everything down to a simple test case, but have not yet been able to.

It now appears that something acts differently in 4.1.0 that changes the reference of the global variable to something different than the HTTP_SESSION_VARS[] variable which did not do so in 4.0.6.

A workaround is to set HTTP_SESSION_VARS[varname] =& GLOBALS[varname] before the end of the script.
 [2002-01-06 22:20 UTC] yohgaki@php.net 
This comment is work around for the bug.
Do not use session_register(), but use only $HTTP_SESSION_VARS or $_SESSION to register/unregister session vars. 

To register,
$_SESSION['var'] = 1234;

To unregister
unset($_SESSION['var']);

Then your script should work.
 [2002-01-14 12:42 UTC] christian at metamerge dot com 
I get the same problem on Solaris 8. Code that worked fine in PHP 4.0.6 does not work anymore with 4.1.1:

 - new vars are registered correctly into the session
 - already defined session vars cannot be modified

My register_globals setting is on.
 [2002-01-14 22:03 UTC] yohgaki@php.net 
BTW, my last comment works for you?

To register,
$_SESSION['var'] = 1234;

To unregister
unset($_SESSION['var']);

What is your session save handler? files/mm/user/other?
 [2002-01-16 11:57 UTC] dward at maidencreek dot com 
The workaround to use $_SESSION['var'] is not viable right now as most places we use the global $var to access the variable and there is too much code to change this immediately.  In trying to set the global $var =& $_SESSION['var'] on one of the variables that has a problem, it seems that the reference is still being lost by something in PHP 4.1.1 (still tracking by what) which did not lose the reference in PHP 4.0.6.

We are using a user save handler and have checked that it is saving what it receives into the database.
 [2002-02-20 17:11 UTC] jmartinez at fdch dot com 
Hi yohgaki@php.net:

My problem is the same. I seem to be able to set the vars, but then when trying to unset them, or change them, in other pages, they refuse to change. 

I have tried unsuccessfully to unset session vars using:

unset($_SESSION[foo]);

Using Solaris 8/PHP 4.1.1/Apache 1.23/Sessions saved in /tmp

I have this in my php.ini:

session.auto_start = 1

All other values are default values.

Jorge
 [2002-02-21 03:10 UTC] yohgaki@php.net 
I always start session by self.
Could you try session.auto_start=Off? See if it helps?
 [2002-02-21 05:28 UTC] yohgaki@php.net 
s/self/myself/g
 [2002-03-22 00:00 UTC] php-bugs at lists dot php dot net 
No feedback was provided for this bug for over a month, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 [2002-03-22 01:57 UTC] yohgaki@php.net 
This bug has been fixed in CVS.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sun Aug 18 14:01:28 2024 UTC