Using session_register() with $_SESSION (or not!)

Keld

I have recently read on the official PHP website on the session_register part of the documentation, thatyou should not use this function along with using $_SESSION. However, it doesn't mention why not to do this.

I've had a quick search around but cannot find any more information on this. Can anybody shed any light on this and any effects this may have.

Thanks 🙂

Weedpacket

Well, why would you want to use both together? So you've registered $session_var and you've already got $_SESSION['session_var'] and you're working away on both and they're both overwriting each other. It's just making more work for yourself keeping track of this extra layer of invisible interaction (and in some older versions of PHP, the result will even be inconsistent).

On top of that, session_register() won't work when register_globals is turned off (I think there is a mention of this in the manual). And that alone is good enough reason.

Keld

Thanks for the reply WeedPacket. I know its a bit of a silly question and I would in fact never want to do such a thing 🙂

I was just referencing the sessions section of the PHP manual and came accross the caution in question and it got me thinking.

We have a system at the moment that still has some old code being used and it may be possible that this is happening. IE old code is using session_register, and new code being including in the header is using the preffered method of $_SESSION.

I havent checked for this yet (but am about to) but decided to try and find out what the result may be first. Hence my post here 🙂

So its just curiosity more than anything, although may be useful to my findings.

Thanks

Stinger51

On top of that, session_register() won't work when register_globals is turned off (I think there is a mention of this in the manual). And that alone is good enough reason. <<

I have globals turned off but I am still able to use session_register('your_var_here') without any problems. I'm using Apache 1.32 and PHP 4.3.6.

I agree with your analysis, but I also agree with Keld. The PHP manual on this is VERY confusing, and I've read this part many times. I think they need to get a team of technical writers to go over the entire manual and straighten it all out. Programmers should never, never be allowed to document anything without a few English majors looking over their shoulders, IMHO, as they are too left-brained to hande such things. :p

Keld

At least I know its not just me then 😃

Anybody have any info of possible implications of using session_register() with $_SESSION?

Thanks in advance

Weedpacket

Originally posted by Stinger51
I have globals turned off but I am still able to use session_register('your_var_here') without any problems. I'm using Apache 1.32 and PHP 4.3.6.

Curious. PHP5.0.0 CLI:

<?php
session_start();
session_register('foo');
$_SESSION['foo'] = 42;
echo $foo;
?>

Expected result (i.e., 'without any problems'):
42

Actual result:
Notice: Undefined variable: foo in test.php on line 5

(and null output).

There is of course the obvious reason: using $_SESSION[] exclusively is tidier and self-documenting.