By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
424,667 Members | 2,214 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 424,667 IT Pros & Developers. It's quick & easy.

What? Assigning a session variable also assigns the local variable?

P: n/a
Alright, what the hell is going on here?

In the following code, I expect the printed result to be:
DEBUG: frank's last name is burns.

Instead, what I get is:
DEBUG: frank's last name is burns.

Here is the code:
$frank = "burns";
$_SESSION['frank'] = "black";
echo "DEBUG: frank's last name is is $frank";

What is coming into play here? I thought of register_globals but I
thought that only dealt with GET, POST, REQUEST, etc.

Jul 17 '05 #1
Share this Question
Share on Google+
2 Replies


P: n/a
thecrow wrote:
Alright, what the hell is going on here?

In the following code, I expect the printed result to be:
DEBUG: frank's last name is burns.

Instead, what I get is:
DEBUG: frank's last name is burns.
That is than excactly what you wanted. :P

Here is the code:
$frank = "burns";
$_SESSION['frank'] = "black";
echo "DEBUG: frank's last name is is $frank";
So what is your problem?
$frank contains "burns", so what else should PHP print?

If you want the content for the session-var 'frank', use it.
Like:
echo "DEBUG: frank's last name is is ".$_SESSION['frank'];

What is coming into play here? I thought of register_globals but I
thought that only dealt with GET, POST, REQUEST, etc.


Indeed.

Go get a cup of coffee.
You are just being sloppy. :-)

Regards,
Erwin Moller
Jul 17 '05 #2

P: n/a
Erwin Moller wrote:
thecrow wrote:
Alright, what the hell is going on here?

In the following code, I expect the printed result to be:
DEBUG: frank's last name is burns.

Instead, what I get is:
DEBUG: frank's last name is burns.


That is than excactly what you wanted. :P

Here is the code:
$frank = "burns";
$_SESSION['frank'] = "black";
echo "DEBUG: frank's last name is is $frank";


So what is your problem?
$frank contains "burns", so what else should PHP print?

If you want the content for the session-var 'frank', use it.
Like:
echo "DEBUG: frank's last name is is ".$_SESSION['frank'];

What is coming into play here? I thought of register_globals but I
thought that only dealt with GET, POST, REQUEST, etc.


Indeed.

Go get a cup of coffee.
You are just being sloppy. :-)

Regards,
Erwin Moller


I think thecrow meant to say:
In the following code, I expect the printed result to be:
DEBUG: frank's last name is burns.

Instead, what I get is:
DEBUG: frank's last name is black.

Here is the code:
session_start();
$frank = "burns";
$_SESSION['frank'] = "black";
echo "DEBUG: frank's last name is is $frank";

I tried this test with register_globals turned on and turned off. With
it on, I got what thecrow got. With it off, I got what thecrow had
hoped for. So yes, register_globals is the culprit.

It makes sense for $_SESSION to trump other variables when
register_globals is turned on. Imagine if a malicious user passed
"user_level=admin" on the query string. And in that PHP page, you
populated $_SESSION['user_level'] with the result of a database query.
What would you like to see when accessing $user_level? The data you
explicitly put into $_SESSION or the data the malicious user passed to
your script?

It is because of the confusing and possibly dangerous side-effects of
register_globals that it was disabled by default as of PHP 4.2.0

Jul 17 '05 #3

This discussion thread is closed

Replies have been disabled for this discussion.