| Re: Completely stumped (still) [message #185091 is a reply to message #185088] |
Tue, 25 February 2014 23:29   |
Thomas 'PointedEars'
Messages: 701
Registered: October 2010
Karma:
|
Senior Member |
|
|
Christoph Michael Becker wrote:
> Thomas 'PointedEars' Lahn wrote:
>> Christoph Michael Becker wrote:
>>> Thomas 'PointedEars' Lahn wrote:
>>>> Christoph Michael Becker wrote:
>>>> > I'm still confused that it seems that register_globals makes the
>>>> > respective global variables *references* to the session variables.
>>>>
>>>> Or both of them are references to the same array element. Whatever the
>>>> implementation, it is the case that they yield the same value then, and
>>>> it is – if I may say so – a *logical* consequence of how
>>>> register_globals is supposed to work.
>>>
>>> However, GPC parameters are *copied* to the respective global variables.
>>
>> How did you get that idea?
>
> As it doesn't seems to be explicitely documented, and I wanted some
> confirmation before posting, I had made a quick test with following
> script:
>
> var_dump($_GET['x']);
> var_dump($x);
> $x = 'bar';
> var_dump($x);
> var_dump($_GET['x']);
>
> I requested the script with a query string of "x=foo". The output:
>
> string(3) "foo" string(3) "foo" string(3) "bar" string(3) "foo"
>
> (tested with PHP 5.2.13, FCGI, register_globals=On)
>
> With $HTTP_GET_VARS instead of $_GET I get the same results
> (register_long_arrays=On), by the way.
ACK. Session variables must be different, though.
>>> Why is it logical to make global variables references to session
>>> variables (resp. let both reference the same variable/element)?
>>
>> The (error-prone, unsafe) shortcut that register_globals allowed would
>> have been inconsistent otherwise.
>
> IMHO only if the other parameters were also referenced.
Do you think it is a consistent implementation if you can read a session
value using a global variable, but not modify it this way?
>>>> $*_VARS were first.
>>>
>>> According to the manual $HTTP_SESSION_VARS and $_SESSION are different
>>> variables, anyway.[1]
>>>
>>> [1] <http://www.php.net/manual/en/reserved.variables.session.php>
>>
>> $_SESSION is a superglobal; $HTTP_SESSION_VARS is/was not (i.e., it needs
>> to be declared a global if it is to be accessed from local context). But
>> I am quite certain that when both were still supported, if you modified
>> one, you modified the other (I have only PHP 5.5.9 to test with, where
>> there is no $HTTP_SESSION_VARS anymore).
>
> The manual says:
>
> | $HTTP_SESSION_VARS contains the same initial information, but is not
> | a superglobal. (Note that $HTTP_SESSION_VARS and $_SESSION are
> | different variables and that PHP handles them as such)
I *know* what the manual says. That does not prove anything.
(Puzzling, but probably not relevant because of the newer PHP version:
$ php -r 'session_start(); var_dump($HTTP_SESSION_VARS["foo"]);
$_SESSION["foo"] = "bar"; var_dump($HTTP_SESSION_VARS["foo"]);
var_dump($_SESSION);'PHP Notice: Undefined variable: HTTP_SESSION_VARS in
Command line code on line 1
PHP Stack trace:
PHP 1. {main}() Command line code:0
NULL
PHP Notice: Undefined variable: HTTP_SESSION_VARS in Command line code on
line 1
PHP Stack trace:
PHP 1. {main}() Command line code:0
NULL
array(1) {
'foo' =>
string(3) "bar"
}
$ php -r 'session_start(); global $HTTP_SESSION_VARS;
var_dump($HTTP_SESSION_VARS["foo"]); $_SESSION["foo"] = "bar";
var_dump($HTTP_SESSION_VARS["foo"]); var_dump($_SESSION);'
NULL
NULL
array(1) {
'foo' =>
string(3) "bar"
}
$ php -v
PHP 5.5.9-1 (cli) (built: Feb 8 2014 00:52:52)
Copyright (c) 1997-2014 The PHP Group
Zend Engine v2.5.0, Copyright (c) 1998-2014 Zend Technologies
with XCache v3.1.0, Copyright (c) 2005-2013, by mOo
with Zend OPcache v7.0.3, Copyright (c) 1999-2014, by Zend Technologies
with Xdebug v2.2.3, Copyright (c) 2002-2013, by Derick Rethans
with XCache Optimizer v3.1.0, Copyright (c) 2005-2013, by mOo
with XCache Cacher v3.1.0, Copyright (c) 2005-2013, by mOo
with XCache Coverager v3.1.0, Copyright (c) 2005-2013, by mOo
)
PointedEars
--
realism: HTML 4.01 Strict
evangelism: XHTML 1.0 Strict
madness: XHTML 1.1 as application/xhtml+xml
-- Bjoern Hoehrmann
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]