php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #48101 PHP resore old session values after session_destroy
Submitted: 2009-04-28 13:55 UTC Modified: 2009-04-28 17:41 UTC
From: gianksmail at gmail dot com Assigned:
Status: Not a bug Package: Session related
PHP Version: 5.2.9 OS: Debian Lenny
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: gianksmail at gmail dot com
New email:
PHP Version: OS:

 

 [2009-04-28 13:55 UTC] gianksmail at gmail dot com 
Description:
------------
Hi,

i'm having an issue with session_destroy();

This is a script sample:
$_SESSION['username'] = (isset($_POST['username']))? $_POST['username']: $_SESSION['username'];

In this case, after user login, than logout via session_destroy, if the user reloads the page, the first time the server raises this warning: 
Warning: Unknown: Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively. in Unknown on line 0

in var_dump i can see $_SESSION['username'] and $_SESSION['password'] to be unset after session_destroy. the second time, just reloading the page, these variables are set to NULL (correctly i think, missing the previous value for them). The third time the user may now access all contents as still logged in: i can  see the old variables values restored as before the session destroy, now!

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-04-28 17:41 UTC] jani@php.net 
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Sun Jul 06 05:01:37 2025 UTC