By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
440,180 Members | 1,012 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 440,180 IT Pros & Developers. It's quick & easy.

Session problems with register globals enabled

P: n/a
Hi,
i have a login script which makes use of sessions.

Login script
***********

session_start()
.....
.....
....
if(!empty($row["roll_no"]))
{
$_SESSION['bo_id']=$bo_id;
$_SESSION['pass']=$passw;
.....
.....

and sets the session varaibles if authentication is successful.

Then there is another script which is used to check if the user is
ADMIN
session_start();
.....
......

function isadmin()
{
if($_SESSION['bo_id'] != "ADMIN")
{
global $wwwroot;
include("style.html");
?>
<html><head><title>Must Be admin</title>
<meta http-equiv="Refresh"
content="5 ; URL=<?=$wwwroot?>/userf/login.php">
</head>
<br><br><center>
<font color="brown"><h4>Only Administerators Can Access
This Page</h4></font>
<br>You will be redirected to <a
href="<?=$wwwroot?>/userf/login.php">Login Page</a> in 5 seconds
</center></body></html>

<?
exit;
}
}
Now with the newer PHP versions(that which comes with RH9 ) all this
works perfectly.
(Register globals is off and session.auto_start is 1 )
But with older PHP versions 4.1.2 etc this script doesn't work because
$_SESSION['bo_id'] is empty in the admin authentication script(2nd
script).
But this session variable is set in the login script !!
(In old PHP versions register globals is on and session_auto_start is
off)

Can anyone plz tell me how to make this work in all PHP versions!!

Thanx
Manu
Jul 17 '05 #1
Share this Question
Share on Google+
1 Reply


P: n/a
<snip>

Now with the newer PHP versions(that which comes with RH9 ) all this
works perfectly.
(Register globals is off and session.auto_start is 1 )
But with older PHP versions 4.1.2 etc this script doesn't work because
$_SESSION['bo_id'] is empty in the admin authentication script(2nd
script).
But this session variable is set in the login script !!
(In old PHP versions register globals is on and session_auto_start is
off)

Can anyone plz tell me how to make this work in all PHP versions!!

Thanx
Manu


Hi Manu,

That is probably because $_SESSION[] array is new. So in your older versions
of PHP you just create the $_SESSION-array and store something in it.
That is why your other script cannot retrieve values from it because it
simply isn't there. (It is destroyed as the script ends)

You can always use $HTTP_SESSION_VARS[] to get/set values in your session,
allthough it is not superglobal as $_SESSION is.

So you should make it global if you cannot reach it somewhere (function).

Hope this helps.

Regards,
Erwin Moller
Jul 17 '05 #2

This discussion thread is closed

Replies have been disabled for this discussion.