PHP :: Bug #28482 :: SESSION peculiar behavior

Bug #28482	SESSION peculiar behavior
Submitted:	2004-05-22 07:06 UTC	Modified:	2004-05-24 18:57 UTC
From:	kraziej at ta2 dot so-net dot ne dot jp	Assigned:
Status:	Not a bug	Package:	Scripting Engine problem
PHP Version:	4.3.6	OS:	linux
Private report:	No	CVE-ID:	None

View Developer Edit

[2004-05-22 07:06 UTC] kraziej at ta2 dot so-net dot ne dot jp

Description:
------------
Hi,
I apologize beforehand if this is a known issue.
I wasn't exactly sure if the behavior was a bug or a feature
since various google search results and mail-list archives
had slight differences in their descriptions.
If anybody can give me some clarity on this issue, it
would be very helpful and certainly appreciated.
Thank you very much in advance.

Using sessions, initializing a variable with NULL and "" (empty string) gives different results, with "" it behaves as expected but with NULL I get the warning :

 Warning: Unknown():
 Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled.......(goes on)

Yes, I know php changed the way to handle sessions, but
the confusion I have is that why php behaves completely
differently when initializing variables in 2 different
ways.

I get this with php-4.3.(4|5|6) and register_globals is off.
apache-1.3.2x and 1.3.31.
php is compiled into apache (and not by apxs dso module).
OS: linux (glibc-2.2.5 gcc-2.9.6 kernel-2.4.26)


Reproduce code:
---------------
initializing with NULL and "" in test1.php will give different results.
-- example code of test1.php:
<?
session_start();
$_SESSION['test'] = NULL; # warnings
#$_SESSION['test'] = "";    # expected results
print "<a href=\"test2.php\">link test2.php</a><BR>\n";
?>

-- example code of test2.php:
<?
session_start();
$test = "abcde";
print_r($_SESSION);
?>


Expected result:
----------------
click the link test2.php and:

When initialized with "" I get no warning, and
$_SESSION['test'] and $test are handled as different
variables like expected.
/tmp/sess_............. stays untouched like expected.


Actual result:
--------------
click the link test2.php and:

When initialized with NULL I get the warning.
Whats worse is if I refresh test2.php, the warning
disappears and the value of $_SESSION['test'] gets over-written by $test.
/tmp/sess_............. also gets written with the
value of $test.

It seems like it behaves as if global_registers
is on (it gets overrided into the "old way") where
$_SESSION['test'] and $test was handled as same
variables.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2004-05-24 18:57 UTC] iliaa@php.net

Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

Setting a value of a session variable to NULL is equivalent 
to the destruction of said session variable.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Wed Dec 10 13:00:02 2025 UTC