Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 9 of 9
  1. #1
    Regular Coder
    Join Date
    Oct 2009
    Posts
    190
    Thanks
    12
    Thanked 2 Times in 2 Posts

    I need a second set of eyes

    I keep getting this error and don't really understand it, despite a lot of research I haven't been able to to find a solution (or, frankly, a cause).

    The error
    Warning: Unknown: Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively in Unknown on line 0
    This doesn't really make sense as I'm using PHP 5.

    This error occurs when I visit this page immediately following a successful login. If i click refresh, it goes away. My guess is that it's related to the fact that i'm including all these files, which might have the same variable names???

    Here is the page, let me know if you need to see the includes as well

    PHP Code:
    <?php //my-races.php

    #Authenticate User
    session_start();

    ?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <link rel="stylesheet" href="styles/style.css" type="text/css" />
    </head>

    <body>
    <div id="wrap">  
        <h1> Profile Page</h1>
        <?php include ('includes/nav.php');?>
        
            
            <div id="right_content">
                <?php include('includes/profile.php');?>
            </div><!--Right Content-->  
            
           <!-- <div id="center_content">      
            </div>Center Content-->
                 
                 <?php 
                
    #If user is logged in
                
    if (isset($_SESSION['username']))
                {
                    include(
    'includes/save-race-form.php');
            
                    
    ?>
            
               
            <div class="table">
                    <?php  
                    
    include('includes/race-list.php');
                }
                
    #If user is not logged in
                
    else
                {
                    
    ?>
                    <div id="saverace">
                <form method="post" action="authenticate.php">
                <fieldset>
                <legend>Please login to view races</legend>
                <label>Username</label><input type="text" name="username" />
                <label>Password</label><input type="password" name="password" />
                <input type="submit" value="Login" /> 
                <h5><a href="lostpassword.php">Forgot my password</a></h5>
                </fieldset>
                </form>
            </div><?php
                
    }?>
            </div> <!--Race List-->
            
    </div><!--Wrap-->
       
    <?php include('includes/footer.php');?>
    </body>
    </html>

  • #2
    Senior Coder
    Join Date
    May 2005
    Posts
    2,137
    Thanks
    96
    Thanked 72 Times in 72 Posts
    It appears a piece of code you are using was used up until PHP4. When PHP5 came out, the code tag no longer exists and you need to update it to the new tag.

    The other thing would be is in your .htaccess you need to enabled register_globals.
    Rowsdower! has accused me of having mental problems, and the administrator allowed it. What a great forum huh?

  • #3
    Regular Coder
    Join Date
    Dec 2009
    Location
    UK
    Posts
    495
    Thanks
    0
    Thanked 58 Times in 58 Posts
    Quote Originally Posted by masterofollies View Post
    The other thing would be is in your .htaccess you need to enabled register_globals.
    It's turned off for a reason. You should code in all the variables properly instead, and update the script to PHP5 standard
    My site: JayGilford.com
    Resources:
    PHP Pagination Class | Getting all page links | Handling PHP Errors properly
    If you like a users help, show your appreciation with the rep and thanks buttons :)

  • #4
    Regular Coder
    Join Date
    Oct 2009
    Posts
    190
    Thanks
    12
    Thanked 2 Times in 2 Posts
    Quote Originally Posted by JAY6390 View Post
    It's turned off for a reason. You should code in all the variables properly instead, and update the script to PHP5 standard
    Can you see anything in the script that isn't up to snuff?

    This is my first real PHP project and everything I'm learning (base on the text i'm learning from) is based on PHP 5 and if it doesn't come out of the text I own it comes straight from the PHP manual.

    Interestingly I can't seem to replicate it at the moment. May it have something to do with relying on sessions on a non-dedicated server?

  • #5
    Senior Coder
    Join Date
    May 2005
    Posts
    2,137
    Thanks
    96
    Thanked 72 Times in 72 Posts
    Nothing appears wrong with the script, it must be in one of the include files.
    Rowsdower! has accused me of having mental problems, and the administrator allowed it. What a great forum huh?

  • #6
    Regular Coder
    Join Date
    Oct 2009
    Posts
    190
    Thanks
    12
    Thanked 2 Times in 2 Posts
    Quote Originally Posted by masterofollies View Post
    Nothing appears wrong with the script, it must be in one of the include files.
    Is there something that would cause that error? It's telling me that the $_SESSION is relying on global variables except that $_SESSION will not accept global variables. Global variables aren't on, I wouldn't try to use them anyways.

  • #7
    Senior Coder
    Join Date
    May 2005
    Posts
    2,137
    Thanks
    96
    Thanked 72 Times in 72 Posts
    Depends on what is in those scripts. This is how I use my sessions.

    PHP Code:
    session_start();
    if(empty(
    $_SESSION['user_id'])){
     
    header("location:login.html");

    Rowsdower! has accused me of having mental problems, and the administrator allowed it. What a great forum huh?

  • #8
    Regular Coder
    Join Date
    Oct 2009
    Posts
    190
    Thanks
    12
    Thanked 2 Times in 2 Posts
    Quote Originally Posted by masterofollies View Post
    Depends on what is in those scripts. This is how I use my sessions.

    PHP Code:
    session_start();
    if(empty(
    $_SESSION['user_id'])){
     
    header("location:login.html");


    Should I really only be storing that one variable through sessions (ie. a unique user identifier)?

    As of right now i'm utilizing it for a few things related to the user.

  • #9
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,987
    Thanks
    4
    Thanked 2,660 Times in 2,629 Posts
    You can store whatever you want. You just need a particular way of defining a user as unique, which is provided by the session handling itself - the cookie or SID it will provide you with. That said you should still try you're best to validate a user for who they claim to be to prevent session hijacking.

    I myself have not used the built in session handling in years.

    The problem lies in one of you're includes I'd suspect. If it goes away on a refresh, I'd suspect something along the lines of setting a session value to an unset global value passed through you're form or url, possibly extracted. Once set, it bypasses the isset / !empty check on you're session thus allowing the warn to disappear. Pay particularly close attention to any reference handling in this one as well.

    Technically you can disable to warning, but I do not recommend it.
    Two potential changes in you're ini could fix this:
    session.bug_compat_42 = 1
    session.bug_compat_warn = 0

    Edit:
    I think I remember this one now!
    If you check, you'll likely have output_buffering enabled by default. Now, if you go through all of you're affected files with notepad or a simple text editor. Remove any spaces/bom and save. I assume that session_start() has been initiated prior to any other output. The includes will be done IN PLACE of call, so if any of those initiate a session_start after that html has been output, then its invalid again.
    If you can, disable the output buffering. Fix any errors caused by that and go from there.
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •