strange behaviour of php session

im using php a server, that uses ubuntu 8.04 :

PHP 5.2.4-2ubuntu5.12 with Suhosin-Patch 0.9.6.2 (cli) (built: Sep 20 2010 13:33:05)
Copyright (c) 1997-2007 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies

i found a strange behaviour:

<?php
session_name('session');
session_start();

$_SESSION['username']='realName';
$username='otherName';
?>

this leads to, that php saves in the session variable 'otherName' (instead of 'realName'). why is php saving the $username into the session variables? How can i disable this?

thanks in advan开发者_StackOverflowce for any help... :)

It looks like you have register_globals = on in your php.ini. This option has been deprecated as of PHP 5.3 and you should turn it off. More information can be found here: http://www.php.net/manual/en/security.globals.php