Connecting Tech Pros Worldwide Forums | Help | Site Map
bytes > topic > php > answers

Session problems with register globals enabled

Manu J
Guest
  
Posts: n/a
#1: Jul 17 '05
Hi,
i have a login script which makes use of sessions.

Login script
***********

session_start()
.....
.....
....
if(!empty($row["roll_no"]))
{
$_SESSION['bo_id']=$bo_id;
$_SESSION['pass']=$passw;
.....
.....

and sets the session varaibles if authentication is successful.

Then there is another script which is used to check if the user is
ADMIN


session_start();
.....
......

function isadmin()
{
if($_SESSION['bo_id'] != "ADMIN")
{
global $wwwroot;
include("style.html");
?>
<html><head><title>Must Be admin</title>
<meta http-equiv="Refresh"
content="5 ; URL=<?=$wwwroot?>/userf/login.php">
</head>
<br><br><center>
<font color="brown"><h4>Only Administerators Can Access
This Page</h4></font>
<br>You will be redirected to <a
href="<?=$wwwroot?>/userf/login.php">Login Page</a> in 5 seconds
</center></body></html>

<?
exit;
}
}


Now with the newer PHP versions(that which comes with RH9 ) all this
works perfectly.
(Register globals is off and session.auto_start is 1 )
But with older PHP versions 4.1.2 etc this script doesn't work because
$_SESSION['bo_id'] is empty in the admin authentication script(2nd
script).
But this session variable is set in the login script !!
(In old PHP versions register globals is on and session_auto_start is
off)

Can anyone plz tell me how to make this work in all PHP versions!!

Thanx
Manu

Erwin Moller
Guest
  
Posts: n/a
#2: Jul 17 '05

re: Session problems with register globals enabled

<snip>
[color=blue]
>
> Now with the newer PHP versions(that which comes with RH9 ) all this
> works perfectly.
> (Register globals is off and session.auto_start is 1 )
> But with older PHP versions 4.1.2 etc this script doesn't work because
> $_SESSION['bo_id'] is empty in the admin authentication script(2nd
> script).
> But this session variable is set in the login script !!
> (In old PHP versions register globals is on and session_auto_start is
> off)
>
> Can anyone plz tell me how to make this work in all PHP versions!!
>
> Thanx
> Manu[/color]

Hi Manu,

That is probably because $_SESSION[] array is new. So in your older versions
of PHP you just create the $_SESSION-array and store something in it.
That is why your other script cannot retrieve values from it because it
simply isn't there. (It is destroyed as the script ends)

You can always use $HTTP_SESSION_VARS[] to get/set values in your session,
allthough it is not superglobal as $_SESSION is.

So you should make it global if you cannot reach it somewhere (function).

Hope this helps.

Regards,
Erwin Moller
Closed Thread

« previous question | next question »

Similar PHP bytes

/bytes/development

/bytes/it

Forums
Visit our community forums for general discussions and latest on Bytes

Our staff and community areas have moved to bytes.com/forums/

/bytes/about

We are a network of experts and professionals in IT and software development that help one another with answers to tough questions and share insights. Get the best answers to your questions from over 226,537 network members.

dev questions:
algorithms | asp | asp.net | c/c++ | coldfusion | c# | flash | html/css | java | javascript |
mobile dev | .net | perl | php | python | ruby | software dev | vb.net | visual basic | xml
it questions:
access | apache | careers | db2 | iis | macosx | mysql | networking | oracle | postgresql | sql server | unix | windows

About Bytes | Copyright 1995-2009 BYTES. All rights Reserved