PHP :: Bug #44721 :: Calling session_register() can create inaccessible array entries

Bug #44721	Calling session_register() can create inaccessible array entries
Submitted:	2008-04-14 16:09 UTC	Modified:	2008-04-14 17:46 UTC
From:	antphill at uk dot ibm dot com	Assigned:
Status:	Not a bug	Package:	Session related
PHP Version:	5.2.6RC5	OS:	Windows XP and Linux
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	antphill at uk dot ibm dot com
New email:
PHP Version:		OS:

New/Additional Comment:

[2008-04-14 16:09 UTC] antphill at uk dot ibm dot com

Description:
------------
If I call session_register with a string key that is in fact an integer, then it creates an entry in $_SESSION that is inaccessible using array indexes by a script. I think this is because the extension is adding the key to the array directly rather than using the hash APIs that convert string keys to integers where possible.


Reproduce code:
---------------
<?php
session_start();
session_register("123");
var_dump($_SESSION);
var_dump($_SESSION["123"]);
var_dump($_SESSION[123]);
?>


Actual result:
--------------
array(1) {
  ["123"]=>
  NULL
}

Notice: Undefined index:  123 in D:\ant.php on line 5
NULL

Notice: Undefined offset:  123 in D:\ant.php on line 6
NULL

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2008-04-14 17:46 UTC] jani@php.net

RTFM.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Jun 01 02:01:32 2024 UTC