php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #10423 HTTP_ENV_VARS is bigger, overwrites session vars
Submitted: 2001-04-20 11:42 UTC Modified: 2001-04-20 16:31 UTC
From: colin at easydns dot com Assigned:
Status: Closed Package: Performance problem
PHP Version: 4.0 Latest CVS (20/04/2001) OS: RH7.0
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: colin at easydns dot com
New email:
PHP Version: OS:

 

 [2001-04-20 11:42 UTC] colin at easydns dot com 
After updating my CVS version of PHP, a dump of HTTP_ENV_VARS showed several new environment variables that weren't set in an earlier version of PHP (4.0.3pl1 for instance).

Specifically in my case, HTTP_ENV_VARS['USER'] is now being set.  It took me a while to figure out why my scripts, which use $USER as a session variable, were getting messed up.

Any reason why these env vars are getting set now where they weren't before?

I have register_globals turned on.  I suppose I should turn it off, and refer to everything as HTTP_*_VARS if I need it, right?

Finally, if register_globals is off, is $GLOBALS useable?  I have some functions that manipulate variables in the global scope.

- Colin

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2001-04-20 16:31 UTC] colin at easydns dot com 
Quick fix was to edit php.ini from:

    variables_order = "EGPCS"

to:

    variables_order = "GPCS"

so HTTP_ENV_VARS is not set, nor are the respective global vars.

- Colin
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Mon Feb 10 23:01:30 2025 UTC