PHP :: Bug #15645 :: session_unset() undefines non-session variables?

Bug #15645	session_unset() undefines non-session variables?
Submitted:	2002-02-20 08:30 UTC	Modified:	2002-02-21 03:12 UTC
From:	yannick at i4music dot net	Assigned:
Status:	Closed	Package:	Session related
PHP Version:	4.1.1	OS:	Redhat 7.1
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	yannick at i4music dot net
New email:
PHP Version:		OS:

New Comment:

[2002-02-20 08:30 UTC] yannick at i4music dot net

session_unset() seems to undefine non-session variables. It happens with register_globals = off. It seems to behave just like if register_globals was on.

Example:

$domain = $_REQUEST["domain"];
if ($domain){
  echo $domain;  // correct
  session_start();
  session_unset();
  echo $domain;  // empty
  $_SESSION["domain"] = $domain;
};

So the problem seem to be: if a previous session variable is named "abc" (thus $_SESSION["abc"]), session_unset() will clear $_SESSION["abc"] but also the variable $abc which should not be in relation with it since register_globals is off.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2002-02-21 03:12 UTC] yohgaki@php.net

This bug has been fixed in CVS.

Thanks for reporting, but  I think this is fixed by Sterling.

[2002-02-21 03:46 UTC] yannick at i4music dot net

Ok. Sorry, but I couldn't check with the CVS version, since it was on a "production" server.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Thu Nov 27 20:00:01 2025 UTC