| Re: Completely stumped (still) [message #185103 is a reply to message #185091] |
Wed, 26 February 2014 18:50   |
Christoph Michael Bec
Messages: 207
Registered: June 2013
Karma:
|
Senior Member |
|
|
Thomas 'PointedEars' Lahn wrote:
> Christoph Michael Becker wrote:
>
>> Thomas 'PointedEars' Lahn wrote:
>>> Christoph Michael Becker wrote:
>>>> Thomas 'PointedEars' Lahn wrote:
>>>>
>>>> Why is it logical to make global variables references to session
>>>> variables (resp. let both reference the same variable/element)?
>>>
>>> The (error-prone, unsafe) shortcut that register_globals allowed would
>>> have been inconsistent otherwise.
>>
>> IMHO only if the other parameters were also referenced.
>
> Do you think it is a consistent implementation if you can read a session
> value using a global variable, but not modify it this way?
Well, I see your point. While it usually makes no sense to modify
$_GET, $_POST or $_COOKIE, modifying $_SESSION does. However, this
difference (reference assignment vs. copying) is still somewhat
confusing, IMHO.
>>>> > $*_VARS were first.
>>>>
>>>> According to the manual $HTTP_SESSION_VARS and $_SESSION are different
>>>> variables, anyway.[1]
>>>>
>>>> [1] <http://www.php.net/manual/en/reserved.variables.session.php>
>>>
>>> $_SESSION is a superglobal; $HTTP_SESSION_VARS is/was not (i.e., it needs
>>> to be declared a global if it is to be accessed from local context). But
>>> I am quite certain that when both were still supported, if you modified
>>> one, you modified the other (I have only PHP 5.5.9 to test with, where
>>> there is no $HTTP_SESSION_VARS anymore).
>>
>> The manual says:
>>
>> | $HTTP_SESSION_VARS contains the same initial information, but is not
>> | a superglobal. (Note that $HTTP_SESSION_VARS and $_SESSION are
>> | different variables and that PHP handles them as such)
>
> I *know* what the manual says. That does not prove anything.
Testing on a single system might not prove much more, either. Anyway, I
tested the following script on PHP 5.2.13 (FCGI, register_globals=On or
Off, register_long_arrays=On):
<?php
session_start();
var_dump($HTTP_SESSION_VARS["foo"]);
$_SESSION["foo"] = "bar";
var_dump($HTTP_SESSION_VARS["foo"]);
The result really surprised me:
string(3) "bar" string(3) "bar"
The output is the same, if I switch $HTTP_SESSION_VARS and $_SESSION. A
similar test regarding $_GET and $HTTP_GET_VARS showed the documented
behavior, by the way.
It seems that is a documentation bug. However, I suppose that's mostly
irrelevant now, because the bug tracker is concerned with PHP 5.4-5.6,
and says wrt. earlier versions: "upgrade first". But since PHP 5.4
register_long_arrays has been removed, so I conclude that the
$HTTP_*_VARS have been removed also, in which case their documentation
is even more in error, because it states they are deprecated, but
doesn't mention that they have been removed. Now I am completely stumped.
--
Christoph M. Becker
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]