9 {{ upvoteCount | shortNum }}
9 {{ upvoteCount | shortNum }}

Can't use global register session, any workaround?

by Joseph Then
7 replies
In my current host, I enabled register_global = on

It means that I can access the variable directly like $a and $b

However, I move this website to another host.

In this host, they don't allow the setting and so I have to use variable like this:

$_SESSION["a"]
$_SESSION["b"]

Is there a workaround where I don't need to change the variable coding? Like a session header file?

If I cannot do so, it's a lot of work for me if I have to manually change all the $a to $_SESSION["a"]!
#global #register #session #workaround
  • Profile picture of the author Mark Brian
    I believe the only workaround is by setting register_globals to on. There is a reason why the host doesn't allow that. It's actually a security risk and it is one of PHPs mistake and they are removing this feature in PHP 6. So it's better to change everything and conform to register_globals = off as it is the recommended setting.
    Signature

    {{ DiscussionBoard.errors[1908498].message }}
  • Profile picture of the author Joseph Then
    So I have to manually change ALL my codes?

    I believe there should be a workaround, like header file that auto assign sessions?
    Signature
    {{ DiscussionBoard.errors[1908545].message }}
    • Profile picture of the author Luke Graham
      You can use the extract function in your page header, or just write your own....

      PHP: extract - Manual

      You would be well advised to read the warnings on that page before doing so.

      However, it sounds like you seriously need to rethink your design as you are asking for trouble.......
      Signature
      Best Ways To Make Money Online

      Eight bytes walk into a bar. The bartender asks, “Can I get you anything?”
      “Yeah,” reply the bytes. “Make us a double.”
      {{ DiscussionBoard.errors[1908553].message }}
  • Profile picture of the author Mark Brian
    Well I guess you could do something like this in your header file:

    $a = $_SESSION["a"];
    $b = $_SESSION["b"];
    Signature

    {{ DiscussionBoard.errors[1908549].message }}
  • Profile picture of the author Joseph Then
    All along I was working on a dedicated server, so there isn't an issue as all the sites are with me. Now I have to move this website out to a sharing hosting, that's why the issue starts.

    extract seems like a solution.

    Any other ideas?
    Signature
    {{ DiscussionBoard.errors[1909231].message }}
    • Profile picture of the author KirkMcD
      Place this code at the top of the page.

      foreach ($_REQUEST as $k=>$v) $$k=$v;


      This will simulate global variables for $_GET, $_POST and $_COOKIE

      If you want to use $_SESSION, change $_REQUEST to $_SESSION.
      {{ DiscussionBoard.errors[1910033].message }}
  • Profile picture of the author Andy Fletcher
    Using Register Globals opens you up to a lot of security vulnerabilities that just aren't worth it for the slight time saving.

    In PHP4 register globals defaulted to on.
    In PHP5 register globals defaulted to off.
    In PHP6 there will be no register globals.

    If you're prepared to accept the consequences then call -

    PHP Code:
    extract( $ _SESSION ); 
    In your script and it will achieve the same effect but I would *strongly* advise you not to do it.

    There are tons of articles about why it's such a security vulnerability all over the web so I won't belabour the point here.

    Cheers,

    Andy
    Signature
    {{ DiscussionBoard.errors[1910111].message }}

Trending Topics