[php-maint] Bug#416262: php4: $_SESSION overwrite by ordinary
variables in the case of register_globals = On
Sugano Yoshihisa(E)
koshian at misao.gr.jp
Mon Mar 26 11:05:29 UTC 2007
Package: php4
Version: 4:4.3.10-19
Severity: normal
ex.
<?php
session_start();
print $foo.'<br>';
$_SESSION['foo'] = 'foo';
$foo = 'bar';
print $_SESSION['foo'].'<br>';
?>
1st time.
-------------
<br>foo<br>
2nd time.
-------------
foo<br>bar<br>
3rd time.
-------------
bar<br>bar<br>
$_SESSION['foo'] overwrite by $foo.
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.12.2
Locale: LANG=ja_JP.eucJP, LC_CTYPE=ja_JP.eucJP (charmap=EUC-JP) (ignored: LC_ALL set to ja_JP.eucJP)
Versions of packages php4 depends on:
ii libapache-mod-php4 4:4.3.10-19 server-side, HTML-embedded scripti
ii php4-common 4:4.3.10-19 Common files for packages built fr
-- no debconf information
More information about the pkg-php-maint
mailing list