Press "Enter" to skip to content

PHP Session的一个警告

警告全文如下:

PHP Warning:  Unknown: Your script possibly relies on a session side-effect
which existed until PHP 4.2.3. Please be advised that the session extension does
not consider global variables as a source of data, unless register_globals is enabled.
You can disable this functionality and this warning by setting session.bug_compat_42
or session.bug_compat_warn to off, respectively. in Unknown on

关于这个问题, 网上有多种解决办法, 但都是不知所以然的答案, 那么真正的原因是什么呢, 怎么解决呢?
请首先记住这一点. 在PHP4.2开始, register_globals默认设置为了OFF.
在4.2.3以后, 为了兼容以前的模式, PHP引入了bug_compat_42, 当启用这个选项以后(默认启用), PHP将容许自动将SESSION中的变量做为全局变量使用. 只不过如果bug_compat_warn选项开启的情况下, 会报告这个特性的被使用.
来看一段代码,

<?php
session_start();
var_dump($_SESSION);
$name = 'laruence';
$_SESSION['name'] = null;
?>

上面的代码, 在bug_compat_42开启, register_globals关闭的情况下, 俩次刷新页面的输出, 分别为:

//第一次:
	array(0) {}
//第二次
	array(1) { ["a"]=> string(8) "laruence" }

为什么第二次不是NULL呢, 因为在bug_compat_42开启的情况下, PHP会认为变量a是$_SESSION['a']的一个引用, 在session_close的时候, 会把变量a的值回写.
而在这个过程中, 如果bug_compat_warn开启, 则会抛出文章开头的警告.
So, that it is~

那么, 它具体给出警告的条件是什么呢? 知道了这些条件, 我们就可以避免这个警告了,
在PHPSRC/ext/session/session.c中, 有我们想要的一切答案:

static void php_session_save_current_state(TSRMLS_D) /* {{{ */
{
	int ret = FAILURE;
	IF_SESSION_VARS() {
		//如果存在Session数组
		if (PS(bug_compat) && !PG(register_globals)) {
			HashTable *ht = Z_ARRVAL_P(PS(http_session_vars));
			HashPosition pos;
			zval **val;
			int do_warn = 0;
			zend_hash_internal_pointer_reset_ex(ht, &pos);
			while (zend_hash_get_current_data_ex(ht
						, (void **) &val, &pos) != FAILURE) {
				if (Z_TYPE_PP(val) == IS_NULL) { //变量为null
					if (migrate_global(ht, &pos TSRMLS_CC)) {//变量回写
						do_warn = 1;
					}
				}
				zend_hash_move_forward_ex(ht, &pos);
			}
			if (do_warn && PS(bug_compat_warn)) {
				php_error_docref(NULL TSRMLS_CC, E_WARNING, "Your script possibly
 relies on a session side-effect which existed until PHP 4.2.3 ..........");
				//后面省略

可见, 如果不开启bug_compat_42(现在很少用到这个特性, 开启的话有的时候反而会造成迷惑), 或者不开始bug_compat_warn, 或者在register_globals开启的情况下, 都不会看到这个警告.
另外, 如果开启bug_compat_42, 还可能遇到如下的NOTICE..

PHP Notice:  Unknown: The session bug compatibility code will not try to
locate the global variable $324324 due to its numeric nature in Unknown on line 0

这是当你在$_SESSION中使用数字索引的时候, 可能会引发的警告.

14 Comments

  1. MarvinBiggie
    MarvinBiggie July 8, 2018

    Hello webmaster, i’ve been reading your posts for some time and
    I really like coming back here. I can see that you probably
    don’t make money on your page. I know one cool method of earning money, I think you will
    like it. Search google for: dracko’s tricks

  2. Porfirio
    Porfirio September 25, 2014

    Right now MoneyVista consumers is completely impartial.
    According to Snowden, a Sikorsky Aerospace Services announced the indictments, suggested widespread crime.
    So everything is done because a bad job.
    C I am seeking. A mortgage is particularly practical for mutation and polymorphism
    detection, and that is the very basic legal principle regarding the dehumidifiers that you get what they are working on your home in respective areas.
    my site … webpage – Porfirio,

  3. Ali
    Ali September 8, 2014

    Here is my web site :: web site (Ali)

  4. Brook
    Brook June 22, 2014

    Do not give a deposit and not try to get paid, this may
    well then it will cost you that he can deliver the mail
    fraud in a civil case by Assistant U. You will want to check these
    credentials of suggested contractor either through someone in the house and provide you with an air conditioning!
    You might be some time to spend hard earned money.
    My web-site: homepage, Brook,

  5. TottyAndBaty
    TottyAndBaty August 19, 2009

    感谢站长的回答,这是我的那个源文件,代码在php5下测试没有问题,在 php4 下报错,第二个问题也是出在这里
    <?php
    session_start();
    class cart
    {
    function cart()
    {
    if(!isset($_SESSION[“cart”]))
    {
    $_SESSION[“cart”]=array();
    }
    }
    //测试用
    function printcart()
    {
    echo “”;
    print_r($_SESSION[“cart”]);
    echo “”;
    }
    //清空购物车
    function clearcart()
    {
    unset($_SESSION[“cart”]);
    }
    //检查指定ID的商品是否存在
    function iscart($cartid)
    {
    $iscart[“action”]=false;
    foreach($_SESSION[“cart”] as $key=>$value)
    {
    if($value[“id”]==$cartid)
    {
    $iscart[“action”]=true;
    $iscart[“key”]=$key;
    }
    }
    return $iscart;
    }
    //购买,依次传入ID,数量,价格,单位,名称
    function addcart($cartid,$count,$price,$danwei,$name)
    {
    $iscart=$this->iscart($cartid);
    if($iscart[“action”])
    {
    $_SESSION[“cart”][$iscart[“key”]][“count”]+=$count;
    $c= $_SESSION[“cart”][$iscart[“key”]][“count”];
    $price= $_SESSION[“cart”][$iscart[“key”]][“price”];
    $_SESSION[“cart”][$iscart[“key”]][“total”]=$c*$price;
    }
    else
    {
    $total=$count*$price;
    $_SESSION[“cart”][]=array(“id”=>$cartid,
    “count”=>$count,
    “price”=>$price,
    “total”=>$total,
    “danwei”=>$danwei,
    “name”=>$name
    );
    }
    }
    //重复购买,默认一次为1个
    function addMore($cartid,$count=1)
    {
    $iscart=$this->iscart($cartid);
    if($iscart[“action”])
    {
    $_SESSION[“cart”][$iscart[“key”]][“count”]+=$count;
    $c= $_SESSION[“cart”][$iscart[“key”]][“count”];
    $price= $_SESSION[“cart”][$iscart[“key”]][“price”];
    $_SESSION[“cart”][$iscart[“key”]][“total”]=$c*$price;
    }
    }
    //减少数量,默认为1
    function moveout($cartid)
    {
    //删除某件商品
    $iscart=$this->iscart($cartid);
    unset($_SESSION[“cart”][$iscart[“key”]]);
    }
    //删除某件商品
    function delcart($cartid,$count)
    {
    //修改件数
    $iscart=$this->iscart($cartid);
    if($iscart[“action”])
    {
    $_SESSION[“cart”][$iscart[“key”]][“count”]-=$count;
    $c= $_SESSION[“cart”][$iscart[“key”]][“count”];
    $price= $_SESSION[“cart”][$iscart[“key”]][“price”];
    $_SESSION[“cart”][$iscart[“key”]][“total”]=$c*$price;
    if($_SESSION[“cart”][$iscart[“key”]][“count”]

  6. 雪候鸟
    雪候鸟 August 14, 2009

    @TottyAndBaty 第一个问题, 你是否在PHP5中使用了auto_load机制?
    Session在反序列化你的对象的时候, 如果找不到对象的类定义, 那么这个对象的类型就会是_PHP_Incomplete_Class Object,
    解决方法是在,session_start之前, 载入你的类定义.
    至于,第二个问题, 我没遇到过, 你能给个重现代码么?

  7. TottyAndBaty
    TottyAndBaty August 14, 2009

    文章很精彩!看到你写的这篇文章,我想起了我之前使用session做的一个购物车,
    服务器的register_globals=off,我的购物车本身的类名叫cart,而我的购物车保存在$_SESSION[“cart”]中,在php5 下运行可以,但是php4下却报错了,系统提示:__PHP_Incomplete_Class Object,当然我把类名改一下或者改一下$_SESSION问题就可以解决,不知道为什么。
    这个问题解决了,但是后来又出现问题,我使用了一个 $_SESSION[“count”],这个也报错了,好像把这里的count理解为函数了,博主是否帮忙解释一下?谢谢

  8. panjinww
    panjinww July 14, 2009

    学习了,貌似咱少的就是这种钻研的精神!

  9. sky
    sky July 14, 2009

    这种多见于兼容php4脚本的情况

  10. keyvalue
    keyvalue July 14, 2009

    好文,知其所以然的路很艰难,你却如履平地。。。

    • 雪候鸟
      雪候鸟 July 14, 2009

      你的文采真好, 夸的我开心的~ 嘿嘿

  11. xi2008wang
    xi2008wang July 13, 2009

    在源代码面前没有密码.

Comments are closed.