Menu
▾
▴
[phpBT-dev] Session vars since recent changes
|
From: John W. <joh...@wi...> - 2002-03-28 00:03:49
|
All,
I updated by local dev copy of phpbt from cvs last week and subsequently
found that I could not successfully log in - or rather that after
logging
in, the next page load would 'forget' I'd logged in.
After many hours, I think that I've found the root cause to be the
setting for register_globals in php.ini.
The default out-of-the-box RedHat 7.2 install has this set to
register_globals = On
The result of this appears to be that calls such as
$HTTP_SESSION_VARS['fred']='wilma';
have no affect (ie no data gets written to the session file,
typically /tmp/sess_*).
Now located, this is easily changed to
register_globals = Off
and all seems to work properly.
However, my concern is that I've had to change a default setting from
the default ini file in one of the most recent Linux distros - it's more
than likely that this could catch out others - particularly first time
installers that may just give up on phpbt.
It's hardly a real sample, but I've just checked my web hosts' PHP
config
and they too have register_globals=On - so it's not just my strange
config.
At the least, I think it would be worth adding something to the install
script such as :
if(ini_get("register_globals")==1){
echo "having register_globals = On will cause trouble";
/* or words to this effect! */
}
Or, should the session code be independant of the setting of
register_globals?
john
--
email : jp...@us... | usenet user since 1995
Linux Counter Project : Registered user #21442 (http://counter.li.org)
|
