PHP :: Bug #22642 :: After saving a session var in a var, nulling the session var clears the 2nd var

Bug #22642	After saving a session var in a var, nulling the session var clears the 2nd var
Submitted:	2003-03-11 15:54 UTC	Modified:	2003-03-12 16:47 UTC
From:	dave at orangechicken dot com	Assigned:
Status:	Not a bug	Package:	Session related
PHP Version:	4.3.1	OS:	Linux / Apache 1.3.27
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	dave at orangechicken dot com
New email:
PHP Version:		OS:

New Comment:

[2003-03-11 15:54 UTC] dave at orangechicken dot com

OK, the summary was too short to concisely enter what I mean. Here's the real version:

After assigning a stored $_SESSION var to another variable, assigning null to the $_SESSION var clears the other variable too.

This worked before 4.3.1 (possibly occurred in 4.3.0 - we skipped from 4.2.7 to 4.3.1).

Here's a snippet where the problem occurs. $_SESSION[ 'login_redirect' ] contains the value 'checkout.php'.

================================
$redirect = $_SESSION[ 'login_redirect' ];
echo $redirect; // outputs checkout.php
$_SESSION[ 'login_redirect' ] = null;
echo $redirect; // outputs <nothing>
================================

Here's the configure string
'./configure' '--with-apxs=/usr/local/apache/bin/apxs' '--with-xml' '--enable-bcmath' '--enable-calendar' '--with-curl' '--enable-ftp' '--with-gd' '--with-jpeg-dir=/usr/local' '--with-png-dir=/usr' '--with-xpm-dir=/usr/X11R6' '--with-imap' '--with-imap-ssl' '--with-kerberos' '--with-mcrypt' '--enable-magic-quotes' '--with-mysql' '--with-pear' '--enable-xslt' '--with-xslt-sablot' '--enable-sockets' '--enable-track-vars' '--with-ttf' '--with-freetype-dir=/usr' '--enable-gd-native-ttf' '--enable-versioning' '--with-zlib'

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2003-03-11 21:07 UTC] sniper@php.net

Please provide a short but complete example script.

And is register_globals=off ?
And what about session.bug_compat_42 and session.bug_compat_warn?

Put 'error_reporting(E_ALL);' as first line in your script,
you propably get some errors..

[2003-03-12 03:27 UTC] dave at orangechicken dot com

I'm uber-tarded. I found the solution an hour later or so (and it's the same one suggested above). I used an .htaccess file to turn register_globals off. I had been working in my dev environment so long (with register_globals off in php.ini) that I didn't even think about that when I moved to the live environment (which defaults to on).

My bad. Case closed.

[2003-03-12 16:47 UTC] sniper@php.net

Not PHP bug.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Thu Jul 03 13:01:33 2025 UTC