[PHP-DEV] PHP 4.0 Bug #8772 Updated: user level session storage fails when register_globals off From: serge <email protected>
Date: 03/04/01

ID: 8772
User Update by: serge <email protected>
Status: Open
Bug Type: *Session related
Description: user level session storage fails when register_globals off

I would like to know if there is any news with regards to this bug? The workaround involves using "register_globals on" and I really don't like this aproach.

Thanks, Serge

Previous Comments:
---------------------------------------------------------------------------

[2001-02-22 18:39:01] serge <email protected>
Steve Chadsey has reported that he has the same bug as me:
His message follow.

For the record, I am having the *exact* problem you describe. It's on a RedHat 6.2 system, kernel 2.4.1, PostgreSQL 7.0.3, Apache/1.3.17 (Unix) mod_perl/1.25 PHP/4.0.4pl1. With register_globals off, the session
write function is never getting called. With register_globals on, it works fine.

Do you think I should add a new bug report? Can I add a "me too" to
your bug report?

Thanks, 

-- 
Steve Chadsey <tyr <email protected>>

---------------------------------------------------------------------------

[2001-02-03 07:14:11] serge <email protected>
Looks like someone else is having the same problem.

See bug number 9002

Serge

---------------------------------------------------------------------------

[2001-01-25 14:39:36] serge <email protected>
Below are my php.ini settings and Virtual Host settings
Serge

# php.ini file
[PHP]

engine			=	On 
short_open_tag	=	On
asp_tags		=	Off
precision		=	14
y2k_compliance	=	Off
output_buffering	= Off
output_handler		=
implicit_flush		= Off
allow_call_time_pass_reference	= Off

; Safe Mode
safe_mode		=	Off
safe_mode_exec_dir	=
safe_mode_allowed_env_vars = PHP_
safe_mode_protected_env_vars = LD_LIBRARY_PATH
disable_functions	=								

#zend_optimizer.optimization=15
#zend_extension="/usr/local/Zend/lib/ZendOptimizer.so"

zend_extension="/usr/local/Zend/lib/ZendDebugger.so"

; Colors for Syntax Highlighting mode.  Anything that's acceptable in <font color=???> would work.
highlight.string	=	#DD0000
highlight.comment	=	#FF8000
highlight.keyword	=	#007700
highlight.bg		=	#FFFFFF
highlight.default	=	#0000BB
highlight.html		=	#000000

; Misc
expose_php	=	Off

;;;;;;;;;;;;;;;;;;;
; Resource Limits ;
;;;;;;;;;;;;;;;;;;;

max_execution_time = 60
memory_limit = 8M

error_reporting	=	E_ALL & ~E_NOTICE & ~E_WARNING
display_errors	=	On
display_startup_errors = Off
log_errors		=	Off
track_errors	=	On
;error_prepend_string = "<font color=ff0000>"   
;error_append_string = "</font>"
;error_log	=	filename
;error_log	=	syslog
warn_plus_overloading	=	Off

;;;;;;;;;;;;;;;;;
; Data Handling ;
;;;;;;;;;;;;;;;;;
variables_order		=	"GPCS"
register_globals	=	Off
register_argc_argv	=	Off
post_max_size		=	8M
gpc_order			=	"GPC"

; Magic quotes
magic_quotes_gpc	=	Off
magic_quotes_runtime=	Off
magic_quotes_sybase	=	Off

; automatically add files before or after any PHP document
auto_prepend_file	=
auto_append_file	=

; PHP's built-in default is text/html
default_mimetype = "text/html"
;default_charset = "iso-8859-1"

;;;;;;;;;;;;;;;;;;;;;;;;;
; Paths and Directories ;
;;;;;;;;;;;;;;;;;;;;;;;;;
include_path	=
doc_root		=
user_dir		=
extension_dir	=	./
enable_dl		= On

;;;;;;;;;;;;;;;;
; File Uploads ;
;;;;;;;;;;;;;;;;
file_uploads	= On
;upload_tmp_dir	=
upload_max_filesize = 15M

;;;;;;;;;;;;;;;;;;
; Fopen wrappers ;
;;;;;;;;;;;;;;;;;;
allow_url_fopen = On

;;;;;;;;;;;;;;;;;;;
; Module Settings ;
;;;;;;;;;;;;;;;;;;;

[Syslog]
define_syslog_variables	= Off

[mail function]
SMTP			=	localhost
sendmail_from	=	webmaster <email protected>
sendmail_path	=	'/var/qmail/bin/qmail-inject -N'

[Debugger]
debugger.host	=	localhost
debugger.port	=	7869
debugger.enabled	=	False

[Logging]
;logging.method    = db
;logging.directory = /path/to/log/directory

[Java]

[SQL]
sql.safe_mode	=	Off

[ODBC]
odbc.allow_persistent	=	On
odbc.check_persistent  = 	On
odbc.max_persistent	=	-1
odbc.max_links			=	-1
odbc.defaultlrl	=	4096
odbc.defaultbinmode	= 	1

[MySQL]
mysql.allow_persistent	=	On
mysql.max_persistent	=	-1
mysql.max_links			=	-1
mysql.default_port		=	
mysql.default_socket	=
mysql.default_host		=
mysql.default_user		=
mysql.default_password	=

[mSQL]
msql.allow_persistent	=	On
msql.max_persistent		= -1
msql.max_links			= -1

[PostgresSQL]
pgsql.allow_persistent	=	On
pgsql.max_persistent	=	-1
pgsql.max_links			= -1

[Sybase]
sybase.allow_persistent	=	On
sybase.max_persistent	=	-1
sybase.max_links		=	-1
;sybase.interface_file	=	"/usr/sybase/interfaces"
sybase.min_error_severity	=	10
sybase.min_message_severity	=	10
sybase.compatability_mode	= Off

[Sybase-CT]
sybct.allow_persistent	=	On
sybct.max_persistent	=	-1
sybct.max_links			=	-1
sybct.min_server_severity	=	10
sybct.min_client_severity	=	10

[bcmath]
bcmath.scale	=	0

[browscap]

[Informix]
ifx.default_host		=		
ifx.default_user		=		
ifx.default_password		=		
ifx.allow_persistent		=	On	
ifx.max_persistent		=	-1	
ifx.max_links			=	-1	
ifx.textasvarchar		=	0	
ifx.byteasvarchar		=	0	
ifx.charasvarchar		=	0	
						
ifx.blobinfile			=	0	
						
ifx.nullformat			=	0	
						

[Session]
session.save_handler      = user
session.save_path         = php_sessions
session.use_cookies       = 1
session.name              = PHPSESSID  
session.auto_start        = 0
session.cookie_lifetime   = 0
session.cookie_path       = /   
session.cookie_domain     =     
session.serialize_handler = php 
session.gc_probability    = 10  
session.gc_maxlifetime    = 1200
session.referer_check     =     
session.entropy_length    = 0   
;session.entropy_file      =    
session.entropy_length    = 16
session.entropy_file      = /dev/urandom
session.cache_limiter     = nocache
session.cache_expire      = 180
session.use_trans_sid     = 1

url_rewriter.tags         = "a=href,area=href,frame=src,input=src,form=fakeentry"

[MSSQL]
mssql.allow_persistent		=	On
mssql.max_persistent		=	-1
mssql.max_links				=	-1
mssql.min_error_severity	=	10
mssql.min_message_severity	=	10
mssql.compatability_mode	=  Off
;mssql.textlimit			= 4096
;mssql.textsize				= 4096
;mssql.batchsize			=	 0

[Assertion]
;assert.active				=	Off
;assert.warning				=	On
;assert.bail				=	Off
;assert.callback			=	0
;assert.quiet_eval			=	0

[Ingres II]
ingres.allow_persistent		=	On
ingres.max_persistent		=	-1
ingres.max_links			=	-1
ingres.default_database		=
ingres.default_user			=
ingres.default_password		=

[Verisign Payflow Pro]

[Sockets]
sockets.use_system_read		=	Off

========================
========================

# virtual host settings
<VirtualHost 192.168.0.7>
        ServerAdmin webmaster <email protected>
        DocumentRoot /www/medialib-dev/htdocs
        ServerName medialib-dev.globalbeach.com
        ErrorLog        /www/medialib-dev/logs/error_log
        CustomLog       /www/medialib-dev/logs/access_log common
        php_flag register_globals off
        php_flag track_vars on
        php_value auto_prepend_file "/usr/local/apache/conf/pgsql_session_handler.php"
        php_value include_path "/www/medialib-dev/libs"
        php_value open_basedir "/www/medialib-dev"
</VirtualHost>

---------------------------------------------------------------------------

[2001-01-25 14:06:12] serge <email protected>
P.S.

Whith register_globals on, this works fine.

session_register("myvar");
$myvar = "VarVar";
exit;

and $myvar gets registerd with its value by the handler just
fine.

Serge

---------------------------------------------------------------------------

[2001-01-25 14:02:23] serge <email protected>
OK, here is some more info....

I just installed the Zend IDE and did some debugging.

What I noticed was the following using this test code:

<?php
    session_register("myvar");  
    $HTTP_SESSION_VARS['myvar'] = "VarVar";
    print "This is a test";
    exit;
?>

if register_globals is off (Note: setting this in a virtual server with  php_flag register_globals off)

session_register("myvar") calls open_session in my session handler, and then calls read_session in the handler
I assign a value to $HTTP_SESSION_VARS['myvar']
upon exit; the following happens
close_session is called in the session handler and thats the end! ---> write_session was never called?

####

if register_globals is on (Note: setting this in a virtual server with  php_flag register_globals on)

session_register("myvar") calls open_session in session handler, and then calls read_session in the handler.
I assign a value to $HTTP_SESSION_VARS['myvar']
upon exit; write_session is called and the value passed is 
!myvar| <---- missing the value of $myvar.
close_session is called and thats that.

Questions:

In the first example, why is write_session never called?
In the second example, why does !myvar| NOT have the value I assigned to it like so $HTTP_SESSION_VARS['myvar'] = "VarVar";

Thanks, Serge

---------------------------------------------------------------------------

The remainder of the comments for this report are too long.  To view the rest of the comments, please view the bug report online.

Full Bug description available at: http://bugs.php.net/?id=8772

-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: php-dev-unsubscribe <email protected>
For additional commands, e-mail: php-dev-help <email protected>
To contact the list administrators, e-mail: php-list-admin <email protected>