Bug 185357

Summary: local variables clobber session variables
Product: Red Hat Enterprise Linux 4 Reporter: Jason Bradley Nance <jbnance>
Component: phpAssignee: Joe Orton <jorton>
Status: CLOSED NOTABUG QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: medium    
Version: 4.0   
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-03-21 11:30:19 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Script that will reproduce the bug. none

Description Jason Bradley Nance 2006-03-13 22:53:14 UTC 
Description of problem:
Local variables clobber session variables.

Version-Release number of selected component (if applicable):
4.3.9-3.9

How reproducible:
Always.

Steps to Reproduce:
1. Create a php script with the following code:

<?php
session_start();
$_SESSION['foo'] = "foo";
$foo = "bar";
echo $_SESSION['foo'];
?>

2. Run the script.

  
Actual results:
Script outputs "bar".


Expected results:
Script should output "foo".


Additional info:
register_globals if off
Comment 1 Jason Bradley Nance 2006-03-13 22:53:14 UTC 
Created attachment 126076 [details]
Script that will reproduce the bug.
Comment 2 Jason Bradley Nance 2006-03-13 22:54:44 UTC 
Sorry, that should say under "Additional info" that register globals *is* off
(not if).
Comment 3 Jason Bradley Nance 2006-03-16 17:57:19 UTC 
I am an idiot...

There was a .htaccess file turning on register_globals...

*sigh*

Please close this bug as I'm not the owner and bugzilla won't allow me to.
Comment 4 Joe Orton 2006-03-21 11:30:19 UTC 
Thanks for contacting us.  Glad to hear you tracked the issue down.