[thelist] Trouble with PHP Include

Sarah Adams sarahwbs at gmail.com
Tue Feb 18 07:46:25 CST 2014

> 1.  Is it only declared session variables that become global or all
> variables.  In my case it kind of looked like all variables.

All variables become global. I don't know why anyone ever thought this
would be a good idea.

> 2. Should you use session_unset() at the end when logging out of the
> session?

I think you might want to use session_destroy(), actually, but do some
reading on this before taking my word for it :)

> 3. Even if register_globals is on, and  if I use the code $clubdraws =
> $_SESSION['clubdraws']; will this ensure that $clubdraws has the value that
> I intended it to have.  i.e. is it a safer way to write the script?

Absolutely this is the best way to do it. That's the problem with
register_globals, it makes it so you can never be totally sure where
your variables are coming from (e.g. if the same variable appeared in
the query string), so setting it explicitly is the way to go. While
you are still using your host that has register_globals on you might
even be better off to use a different local variable name altogether.


More information about the thelist mailing list