Menu
I'm hosted at IX webhosting, and I came across something that struck me as strange. All my $_SESSION variables are automatically assigned to a regular variable of the same name. Is that normal PHP behavior? I looked it up in the php.net manual and didn't find an answer. Here's an example script:
<?php
$_SESSION['myvar'] = "hello";
echo $myvar; // after a page refresh, displays hello
$myvar = "goodbye";
echo $_SESSION['myvar']; // displays goodbye
?>
On my localhost I get an error msg in the likes of undefined variable: $myvar but at IX, the script works! Hazardous or normal PHP behavior? Thanks in advance.
403
This "feature" controlled by a php.ini directive called register_globals. It has been disabled by default since PHP 4.2 and totally removed in PHP 5.4.
Unless you have legacy code depending on it, I would sincerely recommend that you turn it off if you can. Suffice to say, the security implications are pretty major.
175
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
