Don't serialize $_SESSION...or any other of those superglobal variables either. Not bug.

I'm not sure whether you choose your words badly, or not, but Serializing is not the problem. Serializing the $_SESSION data works fine (as my example shows). The problem is filling $_SESSION again by UNserializing the serialized representation.

Also, nowhere in the manual it is pointed out that the (un)serialize function can't be used with these superglobals. (and if this is really true it should do so!!)

Is there really a reason why this should not be done / doesn't work, or is it a bug after all and this the answer i get because no one at php is gonna fix it?

Ok, sorry, i don't mean to flame, but this is a very unsatisfactory answer - i spent a lot of time on this function and also a lot of time creating a proper bug-report!

Just answer this question for me then:
If i create 3 temporary arrays, by filling them with the data from $_GET, $_POST and $_SESSION -> i serialize Them and store them in my db. And then when i want to restore them i unset() $_SESSION again (unsetting $_GET and $_POST won't be necessart at this point); i unserialize the data from the database, store them in 3 temporary arrays and then assign those arrays again to $_SESSION, $_GET and $_POST
($_SESSION = $temporary_array;)
That should, in theory, work then, right?

I'm reopening the bug.

I just did what i suggested in my last post. i created those temporary arrays, thereby not serializing the $_SESSION data directly.
This should, in my humble opion, by allowed.
Since this:
$_SESSION['key'] = "value";
and this:
unset($_SESSION['key']);
is both valid code, i don't see how this
=>=>=>=>:
$temp_session = $_SESSION;
$serialized_session = serialize($temp_session);
<=<=<=<=:
unset($_SESSION);
$temp_session = unserialize($serialized_session);
$_SESSION = $temp_session;
is different?

However, the later produces the initial bug i reported
(if i use it in my script)

Superglobals don't work like this. You can not overwrite them by assigning them. Not a bug -> bogus

Well, i could agree on this part about the $_POST and $_GET superglobals. In fact i think doing that is a little dirty myself. But i do not agree about the $_SESSION superglobal!
I am simply doing what i would be doing with session_register() and session_unregister() in PHP < 4.1!
Why is this suddenly not allowed?

From the manual:
"You can also create a session variable by simply setting the appropriate member of the $_SESSION"
"Note: If $_SESSION is used, use unset() to unregister a session variable."

That's all i am doing!

Could you please enlighten me why this is suddenly bogus?
(i promise i won't touch the $_POST and $_GET anymore, i simply want an answer on the $_SESSION one)

(p.s. i changed the status back the open - i wasn't sure if this is necessary to get another comment from you)

> From the manual:
> "You can also create a session variable by simply setting
> the appropriate member of the $_SESSION"

It says *member* *of* the *$_SESSION* not $_SESSION itself. You can not re-assign to $_SESSION, or any other super global without it losing it's special functions. It's not a bug, leave the status set to Bogus.

k, sorry about that status thing: as i said i wasn't sure.

Just did some more testing and i found out that the real problem was unset($_SESSION);
I take you on your word about that *each member* thing, i am simply reporting here, that in my case, $_SESSION = $array also works fine, as long as i _unset_ *each member* individually (as opposed to simply doing unset($_SESSION))
(However, i'm setting the values the clean way now, don't worry).
I do think that the manual could be a bit more specific about this. When reading something and trying to learn, it's normal that you make generalizations. And in the abscense of any information suggesting otherwise (on this point in the manual) i did so too for the member thing (unconsciously). A simple line stating that you should not try to unset to whole session superglobal would've prevented that.

thanks for your support

I'll add some warnings here and there...

Derick