On Sat, 3 Nov 2001, [iso-8859-1] Lo�c wrote:
Hi List!
Ok for session but as to me they are still quite buggy :(
For example, with "track_vars" set:
1. Just try to set register_globals to "off" (it's the
recomended value) and you'll face a really annoying bug that
exists from php 4.0.1-pl1 to the current 4.0.6 version (it seems
to be fixed in the current cvs for the 4.1.0 version) :
$HTTP_SESSION_VARS is not updated when you use
session_register('my_var')!
2. No set register_globals to "on" and you will see that
$HTTP_SESSION_VARS is not more updated (while it should
because "track_vars" is on).
See also php bug reports #5329, #11861, #12600.... and users notes at this
url:
http://www.php.net/manual/en/ref.session.php
In a few words it means it will be very hard to know "which" session data to
use.
Could we possibly get around this by setting/unsetting the
register_globals in the config.inc.php3 ?
'session'
session-based, customized login panel, session id propagated by URL
(still use stduser?)
Hum, how can we skip "stduser" ? The problem is not
related to session
IMHO but to the MySQL version: if 3.23.4+ we may skip "stduser" since
the "SHOW GRANTS" MySQL statement is usable, else there is no better
way than "stduser" to get the user privileges.
We would still need the
stduser account to get the database list. SHOW
GRANTS does not show databases that everybody has access to. It only shows
databases where explict rights have been granted to the user.
--
Robin Hugh Johnson
"Robbat2"
QTOD: "I used to be an idealist, but I got mugged by reality."
E-Mail : robbat2(a)orbis-terrarum.net
ICQ# : 30269588 or 41961639
Home Page :
http://www.orbis-terrarum.net
Time Zone : Pacific Daylight (GMT - 8)
-----BEGIN GEEK CODE-----
geekcode.com ebb.org/ungeek
GCS/M/IT d-(+) s+:- a--- C++++
U++++ L++++ P--(+) W++ K++ PS+
N++ w--- O E---- M-(+) V-- Y++
PE++ PGP++ t-- 5 X+ R tv- b+++
D++ G++ e(*) h! r-- !y+
------END GEEK CODE------
-----PGP INFO-{---
Key ID:0x7E20DFA1
FingerPrint:
5447C73A 30FB144C 89521B69 2D6A615E 7E20DFA1
---}-PGP INFO-----