Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

difficulty tracking down session side-effect error

Status
Not open for further replies.
monkle

monkle

Programmer
Joined
Feb 11, 2004
Messages
132
Location
US
php 4.3.7
Win 2k
IIS 5

One of my scripts that I thought I had finished started spitting out this error message at me:

Code: 
Warning: Unknown(): Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively. in Unknown on line 0

The script is rather complex, including other scripts in a number of places, which include scripts, etc., so the "Unknown on line 0" is even worse than it would be otherwise. I've tried to go through the script that I got it on, and all of the scripts that it can possibly include, looking at all $_GET $_POST, and $_SESSION variables used. I may have missed something, but they all looked like normal usages to me, that work fine in other parts of the site. Examples:
Code: 
$username = $_SESSION['userarray']['username'];

if (!isset($_POST['shipaddr']))

At this point, I don't even know where the code that is that is causing the problems. I'm looking for suggestions of what I should be looking for.
 
Sort by date Sort by votes
Its a security risk, but just to see if it works, go into php.ini and turn register globals to on and see if it fixes the problem. I dont think that the built in arrays for Session and Post were meant to be mult dimensional.

___________________________________
[morse]--... ...--[/morse], Eric.
 
Upvote 0 Downvote
I turned register globals on, and the error message went away. Thanks for the suggestion.

I don't really see that as a valid solution in my case (due to the security risk that you mentioned), but it does give me another clue in what to look for.
 
Upvote 0 Downvote
Are you invoking session_register()? If so, I recommend that you abandon that function in favor of simple creation of elements in the $_SESSION array.

There are security risks associated with having register_globals turned on.



Want the best answers? Ask the best questions!

TANSTAAFL!!
 
Upvote 0 Downvote
I have been working on the set of scripts in question, and found several other issues. When I tested the last updates that I made to the scripts (sometime last week), I apparently missed a scenario. After fixing the other issues that I missed, the problem seems to have straightened itself out.
 
Upvote 0 Downvote
sleipnir214: I believe that you posted while I was in the process of writing my last post. I am not using the session_register() function, but simply creating elementsin the $_SESSION array, as you suggest. Also, as the project that I am currently working on is an e-commerce website, having register_globals on isn't really an option, due to the security risks
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

mervgh
  • Locked
  • Question Question
My own custom error handler
Replies
1
Views
679
Chris Miller
Chris Miller
pc3957
  • Locked
  • Question Question
Any ideas how I can download a file from a web site that requires login mimicking clicks
Replies
1
Views
372
spamjim
spamjim
Krus1972
  • Locked
  • Question Question
Syntax Error - Confused
Replies
2
Views
397
spamjim
spamjim
southbeach
  • Locked
  • Question Question
Haunted by vanishing session
Replies
4
Views
419
southbeach
southbeach
notsoevilgenius
  • Locked
  • Question Question
Error Updating From mySQL To MySQLi
Replies
2
Views
391
vacunita
vacunita

Part and Inventory Search

Sponsor

Back
Top