Same for me (PHP4.2.1 on Win). Unset removes the variable from the session for the duration of the script, but doesn't actually remove it from the session. Using session_unregister() does remove the variable from the session. You should post it as a bug, Michal, or tell them to change the documentation.
---John Holmes... > -----Original Message----- > From: Michal Dvoracek [mailto:[EMAIL PROTECTED]] > Sent: Sunday, June 30, 2002 7:37 AM > To: [EMAIL PROTECTED] > Subject: [PHP] bug in sessions > > Hello, > > i discovered bug in sessions: > > when using unset($_SESSION[...]) insted session_unregister(...) and > before calling read _$SESSION[...] variable WILL NOT unset. > > please try these examples and see result. > > here is method how to produce this bug (you must have cookies enabled): > 1. run script > 2. reload page (you should see 2 $_SESSION arrays with the same value) > 3. click on unset link > 4. now you should see first array filled with test value and second > should be empty - that's OK - but variable test should be deleted from > session > 5. reload page > 6. here is BUG: i unset session variable test so i shouldn't exists, > but exists. > --- > > 7. comment line marked #fatal > > and go to repeat process from begining > on step 6. both arrays will be empty!!!! > > ----------------cut here---------------------------------------------- > <?php > session_start(); > echo '<pre>'; > > print_r($_SESSION); > > if (isset($_GET['submit'])) { > $test = $_SESSION['test']; # fatal > unset($_SESSION['test']); > } else { > $_SESSION['test'] = 'this is test'; > } > echo '<a href="'.$_SERVER['PHP_SELF'].'?submit=yes">unset</a><br>'; > print_r($_SESSION); > echo '</pre>'; > ?> > ----------------cut here---------------------------------------------- > > > replace unset($_SESSION['test']); with > session_unregister('test'); and repeat process - here will be > everything OK. > > http://www.php.net/manual/en/ref.session.php (see Example 3.) > > Tested on PHP 4.2.1 (win, Debian). > > Epilogue: using unset at $_SESSION array is NOT safe. > > Regards, > Michal Dvoracek [EMAIL PROTECTED] > Capitol Internet Publisher, Korunovacni 6, 170 00 Prague 7, Czech Republic > tel.: ++420 2 3337 1117, fax: ++420 2 3337 1112 > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php