PHP :: Bug #19586 :: unset( $_SESSION['variable'] ) <- Fails with registered

Bug #19586

unset( $_SESSION['variable'] ) <- Fails with registered_globals 'on'

Submitted:

2002-09-24 22:23 UTC

Modified:

2002-10-13 17:26 UTC

Votes:	8
Avg. Score:	4.8 ± 0.7
Reproduced:	7 of 7 (100.0%)
Same Version:	7 (100.0%)
Same OS:	6 (85.7%)

From:

jpenn at cheetah-soft dot com

Assigned:

Status:

Closed

Package:

Session related

PHP Version:

4.2.2

OS:

ALL

Private report:

CVE-ID:

None

View Developer Edit

[2002-09-24 22:23 UTC] jpenn at cheetah-soft dot com

Below is the PHP Documentation on unregistering session variables...
------------
Note: If $_SESSION (or $HTTP_SESSION_VARS for PHP 4.0.6 or less) is used, use unset() to unregister a session variable.
------------
unset( $_SESSION['variable'] ) fails to unset the given session variable with registered_globals turned 'on' in ini file. It is safe to say that this is true on all operating systems. PHP versions this was tested on is 4.1.1 and 4.2.2, accross many different operating systems. Using unset( $_SESSION['variable'] ) will unset the variable on the current page only, and will not unset it in the global space.

We have come up with a workaround that works fine with registered_globals on. See Below -->

---------------
unset( $_SESSION['variable'], $variable );
---------------

The above works fine. I believe that the documentation needs to reflect this problem as countless developers in our community (Forums @ DevShed) has posted related problems using 'unset( $_SESSION['variable'] )'....

This applies only when registered_globals is truned 'on'.

unset( $_SESSION['variable'] ) works fine with registered_globals 'off'.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2002-09-25 06:36 UTC] kalowsky@php.net

Please try using this CVS snapshot:

  http://snaps.php.net/php4-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php4-win32-latest.zip

I think this was fixed in 4.2.3, but it might just be in head.  It's been awhile since I saw the fix... try it anyways.

[2002-10-12 23:45 UTC] aarong at thinkcomputer dot com

This problem is definitely not fixed in version 4.2.3. I'm running Linux on a Cobalt RaQ 3i, and this is driving me up a wall...

[2002-10-13 12:21 UTC] jpenn at cheetah-soft dot com

aarong@thinkcomputer.com:

Did you use the solution I provided ->
unset( $_SESSION['variable'], $variable );

This works fine as a workaround until they can fix the problem...

[2002-10-13 17:26 UTC] sniper@php.net

This bug has been fixed in CVS.

In case this was a PHP problem, snapshots of the sources are packaged
every three hours; this change will be in the next snapshot. You can
grab the snapshot at http://snaps.php.net/.
 
In case this was a documentation problem, the fix will show up soon at
http://www.php.net/manual/.

In case this was a PHP.net website problem, the change will show
up on the PHP.net site and on the mirror sites in short time.
 
Thank you for the report, and for helping us make PHP better.

[2002-12-01 21:15 UTC] tbp1998 at yahoo dot com

Workaround does not work vith PHP Version 4.1.1

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sun Nov 24 00:01:27 2024 UTC