Published: 05/02/10 02:49 PM
A friend of mine recently had a mysterious problem. He stored an object in $_SESSION and fetched it from the $_SESSION. When he fetched it, it had magically turned it’s type from the concrete class to the type of the super-class. To get even more mysterious, the problem only occured on the production server, which is hosted by 1&1. The error didn’t occur on his local xampp.Here’s what happened.
We first thought it was a problem related to serialization / deserialization and debugged the concerned parts of the code. Then we found out that the type of the object in the session changed between some lines of code (without an explicit new assignment), not between HTTP-Requests.
His session object was assigned to $_SESSION["oProject"] and there was an assignment to a totally different object $oProject in the code before reading $_SESSION["oProject"].
Well.. I would have thought no serious provider turns on register_globals, well.. surprise surprise, 1&1 does that at the time of this writing.
You cannot simply do this:
//doesn't work!! You cannot set register_globals off while a script is running. ini_set("register_global",0);
As recommended by php.net, you could add the following code to your .htaccess file:
php_flag register_globals onThis isn’t allowed by 1&1 though, but 1&1 recommends the following workaround, which may only work with 1&1:
Create a php.ini file and put it into the directory, you want it to apply for. The file may contain only the following line:
register_globals = offIf that wouldn’t work for you, you could as well make sure that your $_SESSION-indices are unique and don’t collide with local variables, but it’s not only the $_SESSION that is affected by register_globals, it’s $_GET and $_POST and so on. This can be highly dangerous, as it can inject values into your code, thus change the behaviour of your code.
Here’s a simple solution for those of you who are not allowed to change register_globals (I didn’t test it though and the other solutions on the page linked above might work even better).
Heya,
would have been of great help if I only had been able to read this useful post a bit earlier …
Pinky
Hey Pinky, why are you chatting around? I thought we had a plan for tonight..
Brain