From: kraziej at ta2 dot so-net dot ne dot jp Operating system: linux PHP version: 4.3.6 PHP Bug Type: Scripting Engine problem Bug description: SESSION peculiar behavior
Description: ------------ Hi, I apologize beforehand if this is a known issue. I wasn't exactly sure if the behavior was a bug or a feature since various google search results and mail-list archives had slight differences in their descriptions. If anybody can give me some clarity on this issue, it would be very helpful and certainly appreciated. Thank you very much in advance. Using sessions, initializing a variable with NULL and "" (empty string) gives different results, with "" it behaves as expected but with NULL I get the warning : Warning: Unknown(): Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled.......(goes on) Yes, I know php changed the way to handle sessions, but the confusion I have is that why php behaves completely differently when initializing variables in 2 different ways. I get this with php-4.3.(4|5|6) and register_globals is off. apache-1.3.2x and 1.3.31. php is compiled into apache (and not by apxs dso module). OS: linux (glibc-2.2.5 gcc-2.9.6 kernel-2.4.26) Reproduce code: --------------- initializing with NULL and "" in test1.php will give different results. -- example code of test1.php: <? session_start(); $_SESSION['test'] = NULL; # warnings #$_SESSION['test'] = ""; # expected results print "<a href=\"test2.php\">link test2.php</a><BR>\n"; ?> -- example code of test2.php: <? session_start(); $test = "abcde"; print_r($_SESSION); ?> Expected result: ---------------- click the link test2.php and: When initialized with "" I get no warning, and $_SESSION['test'] and $test are handled as different variables like expected. /tmp/sess_............. stays untouched like expected. Actual result: -------------- click the link test2.php and: When initialized with NULL I get the warning. Whats worse is if I refresh test2.php, the warning disappears and the value of $_SESSION['test'] gets over-written by $test. /tmp/sess_............. also gets written with the value of $test. It seems like it behaves as if global_registers is on (it gets overrided into the "old way") where $_SESSION['test'] and $test was handled as same variables. -- Edit bug report at http://bugs.php.net/?id=28482&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=28482&r=trysnapshot4 Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=28482&r=trysnapshot5 Fixed in CVS: http://bugs.php.net/fix.php?id=28482&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=28482&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=28482&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=28482&r=needscript Try newer version: http://bugs.php.net/fix.php?id=28482&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=28482&r=support Expected behavior: http://bugs.php.net/fix.php?id=28482&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=28482&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=28482&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=28482&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=28482&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=28482&r=dst IIS Stability: http://bugs.php.net/fix.php?id=28482&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=28482&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=28482&r=float
