php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #18468 "global $_SESSION;" breaks sessions handling
Submitted: 2002-07-22 12:51 UTC Modified: 2002-07-22 20:29 UTC
From: pratesi at telug dot it Assigned:
Status: Not a bug Package: Session related
PHP Version: 4.2.1 OS: Red Hat Linux 7.3
Private report: No CVE-ID: None
 [2002-07-22 12:51 UTC] pratesi at telug dot it
The following code evidences the problem:

<?php

session_start();

if (!isset($_SESSION["foobar"])) {
        echo "Foobar not set, now we set it to 1";
        $_SESSION["foobar"] = 1;
} else {
        $_SESSION["foobar"]++;
        echo "Foobar is set and is = " . $_SESSION["foobar"];
}

echo "\n<br>";

if (!isset($_SESSION["counter"])) {
        echo "Counter not set, now we set it to 1";
        set_counter();
} else {
        $_SESSION["counter"]++;
        echo "Counter is set and is = " . $_SESSION["counter"];
}

echo "\n<br>";

if (!isset($_SESSION["foobar2"])) {
        echo "Foobar2 not set, now we set it to 1";
        $_SESSION["foobar2"] = 1;
} else {
        $_SESSION["foobar2"]++;
        echo "Foobar2 is set and is = " . $_SESSION["foobar2"];
}

function set_counter() {
        global $_SESSION;
        $_SESSION["counter"] = 1;
}

echo "<pre>";
var_dump($_SESSION);
echo "</pre>";

?>

Loading and reloading the page, $_SESSION["counter"] and
$_SESSION["foobar2"] remain undefined, due to the
global $_SESSION;
put in function set_counter()
The problem disappears commenting out
// global $_SESSION;

I realize that it makes no sense to declare as "global"
a superglobal, but I was doing it only for compatibility
with PHP 4.0, after the following code:
if (!isset($_SESSION)) $_SESSION = $HTTP_SESSION_VARS;

I think that it would be nice to get a warning due to the
attempt of declaring a superglobal as "global"; it would
also be nice if such a statement would be sistematically
ignored (this would also allow to avoid breaking
compatibility with PHP 4.0)

BTW, a really strange thing: I ahve observed this problem
both with PHP 4.1.2 and PHP 4.2.1, but not on each platform
tested by me and my friends: Red Hat 7.3 and SuSE are
affected, while Debian Woody and Mandrake 8.2 are not.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-07-22 20:29 UTC] sniper@php.net
Don't do that. And you should be using $HTTP_SESSION_VARS anyway, if you want to keep backwards compatibility..
and then 'global' is in order.

 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Mar 29 05:01:28 2024 UTC