dickm Posted April 21, 2011 Share Posted April 21, 2011 I am now getting this error in my coding, since adding the last module that we have been discussing regarding single and double quotes in the previous topic: Warning: Unknown: Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively in Unknown on line 0 I have been looking thru my code and not finding any variables with the same name as the session variable. Any other causes?? dickm Link to comment Share on other sites More sharing options...
Paul Swanson Posted April 21, 2011 Share Posted April 21, 2011 I've never seen that error before, but it appears to be related to having register_globals enabled in your php.ini file. When register_globals is enabled, PHP will convert $_GET, $_POST, and other super global variables to conventional variables. In other words, if you are passing data with a query string like ?username=Fred (that's a $_GET variable), register_globals will convert that to $username automatically. Same goes for $_POST, $_SERVER and $_SESSION variables. So you may be experiencing a collision of variables related to what is currently in the $_SESSION array. The safest thing to do is to disable register_globals in your php.ini file, and always refer to external variables by referencing the super global array from which they came. There is a nice writeup on how register_globals can cause security problems unless you are very careful to initialize all variables at the very start of your script. 1 Link to comment Share on other sites More sharing options...
dickm Posted April 21, 2011 Author Share Posted April 21, 2011 Thanks for the reply Paul. Register_Globals is off in my php.ini so I am really baffled by this error. dickm Link to comment Share on other sites More sharing options...
Paul Swanson Posted April 21, 2011 Share Posted April 21, 2011 That is baffling, then! It's good that register_globals is off, though. You might be able to safely handle this by setting session.bug_compat_42 to off, but this topic is out of my comfort zone for advice. Let's see what Larry or anyone with more server admin experience advises. What version of PHP/MySQL are you on? This is very important information that should be included with all of your posts. A good practice is to create a signature in your forum profile that includes this information, like I have done. 1 Link to comment Share on other sites More sharing options...
dickm Posted April 22, 2011 Author Share Posted April 22, 2011 Just thought that I would pass along the solution to this error problem. In my coding I had the following new code additions: $cust = escape_data($_REQUEST['customer']); $_SESSION['mycustomer']=$cust; What became the indication solution for me was the part of the error statement that said "be advised that the session extension does not consider global variables as a source of data", so I changed the code as follows and the error condition did not appear: $_SESSION['mycustomer'] = escape_data($_REQUEST['customer']); Hope this helps clarify this problem for others also. dickm Link to comment Share on other sites More sharing options...
Recommended Posts