php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #81377 unset() of $GLOBALS sub-key yields warning
Submitted: 2021-08-21 20:00 UTC Modified: 2021-08-23 14:11 UTC
Votes:1
Avg. Score:4.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:0 (0.0%)
From: fmg at inspiredminds dot at Assigned: nikic (profile)
Status: Closed Package: *General Issues
PHP Version: 8.1Git-2021-08-21 (Git) OS:
Private report: No CVE-ID: None
 [2021-08-21 20:00 UTC] fmg at inspiredminds dot at
Description:
------------
Trying to unset a sub-key in $GLOBALS yields an "Undefined global variable $foo" warning in PHP 8.1. See https://3v4l.org/3TLGo vs. https://3v4l.org/3TLGo/rfc for instance. The latter yields:

Warning: Undefined global variable $foo in /in/3TLGo on line 4

only in the current master version (for PHP 8.1).

Test script:
---------------
// This is fine
unset($GLOBALS['foo']);

// This yields an "Undefined global variable $foo"  warning
unset($GLOBALS['foo']['bar']);

Expected result:
----------------
unset() should not yield warnings for undefined $GLOBALS sub-keys.

Actual result:
--------------
The second unset() yields "Warning: Undefined global variable $foo"

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2021-08-22 15:30 UTC] antonino dot spampinato86 at gmail dot com
From php 8.0.9 Creating/modifying with square bracket syntax $GLOBALS https://www.php.net/manual/en/language.types.array.php#language.types.array.syntax.modifying otherwise fatal error.
The isset function checks initialization and if not null of a variable, I think the change in reading has changed the behavior for unset on GLOBALS, yes it's a bug.

But it is good programming practice to know the available predefined types of php and the types of your code even if you are not sure to find the variable, otherwise the code change is synonymous with something that the programmer did not foresee .. It can mean hacker attack or more simply code modified by third parties (also the personalization of the php source and which does not coincide with the php team).

I think with this short piece of code it helps to understand, Rightly $GLOBALS, $_POST can be multidimensional or monodimensional arrays and therefore if you apply the fatal error in the writing phase it must coincide with all the variables that are arrays.
So this is a request not to show warnings on unset $GLOBALS even if the key/index does not exist or the variable is non-existent. Also, the features go to all types of array returns

Note* $_POST = null and valid context for array "function valid_superglobal()"

$var = array(array(null));
$_POST = null;
//if $_GET, $_POST, $_COOKIE, $_FILES, $_SERVER, $GLOBALS not multidimensional,
// or monodimensional array is bad code

$string = 'not valid';
if(valid_superglobal())
$string = 'valid';
unset($GLOBALS['var'][0]);
echo $string;
//delete all
unset($GLOBALS['var']);


function valid_superglobal() {
$result = false;
$return = false;
if(isset($GLOBALS) === true)
if(is_array($GLOBALS) === true) {
$return = true;
$result = array_key_exists('var', $GLOBALS);
if($result === true)
$result = array_key_exists(0, $GLOBALS['var']);
}
if($result !== true) {
unset($GLOBALS['var']);
$GLOBALS['var'] = null;
unset($GLOBALS['var']);
$GLOBALS['var'] = array(0 => null);
}

return $return;
}
 [2021-08-23 14:11 UTC] cmb@php.net
-Assigned To: +Assigned To: nikic
 [2021-08-23 14:11 UTC] cmb@php.net
This is caused by the implementation of
<https://wiki.php.net/rfc/restrict_globals_usage>.  Not sure if
that is deliberate.  Nikita?
 [2021-08-24 13:06 UTC] git@php.net
Automatic comment on behalf of nikic
Revision: https://github.com/php/php-src/commit/a40ccd758cb856bb4a175e0e025113ea7e9de50a
Log: Fixed bug #81377
 [2021-08-24 13:06 UTC] git@php.net
-Status: Assigned +Status: Closed
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Sun Nov 28 09:03:14 2021 UTC