Forum Moderators: coopster
On other pages I've worked on without sessions, when I submit
a form I would get the $_POST['var'] and $var. And if I went
$var="whatever" it didn't affect $_POST['var'] at all.
I thought registered globals just created extra vars named after array keys. Hmm, now that I think about it, it uses superglobals, right? I just checked php.net and it doesn't say anything about priority. If I have $_POST['var'] $_GET['var'] $_SESSION['var'] or even if 'var' coincides with some $_SERVER variable... what order is the priority in?
Anyway, with sessions it's really messing me up. registered globals are registering $_SESSION variables over $_POST variables.
And if I go $address = "else" then $_SESSION['address'] becomes "else" as well. I don't know why or how they are linked, but I don't like it at all. How can I stop them from being linked? So $address and $_SESSION['address'] aren't sharing the same memory address.
I know, obvious answer is disable registered globals, but this site is in a subfolder of another site that uses registered globals all over the place, I don't think $_POST[] is even used once, nor are sessions.
And I thought registered globals weren't supposed to be &.
Thanks,
Adam
Just put extensions on your variables, e.g.
$_SESSION['ses_address']
$_POST['form_address']
$var_address
This will add to security aswell.
Works for me.
Thanks.
[php.net...]
Though since they are all parsed the same, it doesn't make sense that if it parses a $_POST['var'] it's passed to $var by value, but if it parses $_SESSSION['var'] it's passed to $var reference.
Why is that happening?
-Adam
the only way to fix it is to turn register_globals off or to make sure no varnames are the same, then they can never be overwritten
and this doesn't have anything to do with variables_order
