PHP session side-effect warning - how to get solve?
I'm fairly new to php, and am sure this is easy, but I'd like to do it the right way. I have this script:
<?php
if ($_POST["username"]=="") {
include($_SERVER['DOCUMENT_ROOT'] ."/login.inc.php");
} else {
$username=$_POST["username"];
$password=$_POST["password"];
session_start();
if ($开发者_如何学Gousername=="bob" AND $password=="123"){ $permission="yes";}
$username=$_POST["username"];
session_register("permission");
session_register("username");
if ($permission=="yes"){
// Show stuff
}
}
?>
Excuse the funky formatting of my code - can't seem to get it to show properly.
So, I keep getting this error:
Warning: Unknown: Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively in Unknown on line 0
Which I'm assuming means I need to change one of my variable names so it doesn't conflict with the session variable right? That's what I read, but I'm not sure which one to change.
Can anyone help / show me please?
Thanks
osu
It is happening because of
session_register("username");
It is not recommended, and deprecated as of PHP 5.3.
If you want your script to work regardless of register_globals, you need to instead use the $_SESSION array as $_SESSION entries are automatically registered. If your script uses session_register(), it will not work in environments where the PHP directive register_globals is disabled.
Source.
As we all know, register_globals is terrible, and should always be off.
The most common way to register a session var is with the $_SESSION superglobal, i.e.
$_SESSION['username'] = $username;
You better start on getting rid of deprecated functions such as session_register().
Use the $_SESSION array, e.g.
$_SESSION['username'] = $_POST['username'];
加载中,请稍侯......
精彩评论