#10 Serious Bug calling krumo(get_defined_vars())

[Passh Reloaded]

I'm rewriting the code from a Job website. The original program is called php-Jobsite from Bitmixsoft. It is one one worst programs I have even seen. It is so insecure that pass $_POST and $_GET variables directly into DB.
However my client doesn't want to to pay a whole redesign or buy new software, so I'm patching some pages to make it work (out of the box is pure garbage).

I used krumo to debug some pages. Finally I'm working on the last page and calling krumo(get_defined_vars()) unsets several variables from $_SESSION array.

i.e.
krumo( $_SESSION );
krumo( get_defined_vars() );
krumo( $_SESSION );

will print the second dump of $_SESSION almost empty.

Maybe this is a bug on the way krumo writes values to $_SESSION. I would like to debug the debugger krumo but I'm so tired of the Bitmixsoft crap that I won't.

So, first. If you are getting user access errors, try commenting krumo.
Second, if you you are using php-Jobsite, change immediately to a different application from other vendor. It is so easy to delete the whole DB with a hacked URL!

[Kaloyan K. Tsvetkov]

Logged In: YES
user_id=1595533
Originator: NO

Thank you, will investigate this issue.