Session Problems w/PHP5

I am getting the following error with my script using PHP5, tried looking at the manual on but can't seem to figure out what is wrong here. I can't turn off the message in php.ini because I don't have access to it. Please help.

Warning: Unknown: Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively. in Unknown on line 0

Here is my script:

define('CAPTCHA_PATH', $_SERVER['DOCUMENT_ROOT'].'/www/vPod/system/classes/captcha/'); // Path to captcha
include_once(dirname (_FILE__).'/system/templates/js-inc/layer_forms.js');
include_once(dirname (_FILE__).'/system/pear/Validate.php');
include_once(dirname (_FILE__).'/system/classes/TextManipulation/FormFilter.php');
include_once(dirname (_FILE__).'/system/classes/Validators/ValidateUser.php');
include_once(dirname (_FILE__).'/system/classes/Validators/ValidatePassword.php');
include_once(dirname (_FILE__).'/system/classes/Validators/ValidateEmail.php');
include_once(dirname (_FILE__).'/system/classes/Validators/ValidateCaptcha.php');

$smarty->assign('php_host', $_SERVER['HTTP_HOST']);
$smarty->assign('php_self', $_SERVER['PHP_SELF']);

// securely declare variables
$errors = array();

/* start processing registration */

if(isset($_POST["regeng"]) ) {
$formFilter = &new FormFilter();

$errors = array();

// check form security
$captcha = captcha_validate();

  // Collection of validators
  $validators = array();
  $validators[] = new ValidateUser($_SESSION['_login_handle']);
  $validators[] = new ValidatePassword(array(
      $_REQUEST['password'], $_REQUEST['password_confirm']));
  $validators[] = new ValidateEmail($_SESSION['_emaila']);
  $validators[] = new ValidateCaptcha($captcha);

    // Iterate over the validators, validating as we go
    foreach($validators as $validator) {
        if (!$validator->isValid()) {
            while ( $error = $validator->fetch() ) {

// display errors

if ( isset($errors) && count($errors) > 0 ) {
$smarty->assign('errors', $errors);

} else {

echo "register user";

} else {



Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

few things to try:

1. search ALL your other files.  do you make ANY calls to session_ functions in them?
2. maybe don't pass $_SESSION variables direct to the validators.  they're in $_REQUEST, so try that, or try intermediaries.  Don't think it's an issue, but.
3. maybe don't direct-assign from $_REQUEST to $_SESSION.  Put them into temp array or variables, then put into the session.
4. don't even bother sessing $_SESSION stuff until after you've run your validation (just a thought, not really an issue here.).


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Oh, and it could be on of the classes/includes trying to use older session management functions behind your back that is the actual issue...  you could remove all use yourself of $_SESSION in this script, and see if that eliminates the error -- if not, sessions are being 'talked to' in some other file...

savetheorcasAuthor Commented:
Very frustrating to say the least. Can you verify for me that I am in fact assigning these variables to sessions in the correct way?

I've even changed from $_REQUEST to $_POST, still get the error. I even removed the entire block where I assign the variables to sessions and I still get the error. There are calls to session_start(); in other files which are included, I haven't tried removing these yet.

Perhaps if you could explain to me the correct way to use sessions with php5, the php docs don't seem to explain this clearly. It's very confusing.

HTML5 and CSS3 Fundamentals

Build a website from the ground up by first learning the fundamentals of HTML5 and CSS3, the two popular programming languages used to present content online. HTML deals with fonts, colors, graphics, and hyperlinks, while CSS describes how HTML elements are to be displayed.

savetheorcasAuthor Commented:
The only other file which is included in the script I posted here that calls to a session is captcha.php, here are the calls:

      $length = strlen($_SESSION['captcha']);

Could this be the problem?
have you looked for other "session_" functions?  There are 'old' techniques for setting session variables using functions instead of the superglobal.

no, your code looks fine to me by eye.

also, so far as I know calling session_start multiple times will generate an E_NOTICE level error but otherwise isn't a problem.

I would try commenting out files until you find one causing the error to come up, and trace down from there.  I've never seen this error myself, so I'm just trying to help you brainstorm how to locate the particular chunk of code that is causing the runtime to throw that error.

btw, changing from REQUEST to POST wouldn't have made a difference, as they are both superglobals.  Again, I'm not sure the exact context of the error, but it is possible that an assignment into the $_SESSION variable, or passing $_SESSION[something] into a function that maybe expects a by-reference parameter, could be causing the issue.

If you can hunt down the code causing the error, I can probably be of more use. ;)

If the script is working, and you just need to silence the error, I think you can set error reporting levels at runtime using ini_set. PHP help file shows something like this:
ini_set('error_reporting', E_ERROR);



This should stop PHP from displaying warnings, but still show actual errors.
Yeah, I don't advise disabling WARNING level errors -- NOTICE level is a different matter.  And, in this case, a further upgrade or ini change could then completely break the script.

I'd still try to hunt down the issue.  If commenting out blocks doesn't seem to help, you could try using ini_set to turn off session.bug_compat_42 so that it should flag as an error not a warning (not sure that'll help find the issue or not).

Everything I'm reading about this bug would seem to indicate that it has to do with assigning a global variable into a session -- I'm not sure whether that means assigning from $_REQUEST/$_POST.  You could TRY moving all handling of the session into functions -- changing the scoping of the code.  

Again, does any of the code you are including use session functions other than _start?  like session_register?

savetheorcasAuthor Commented:
I'm not sure here, but the issue might be with my COPA script which is also calling a session_start(). I'm still playing around with things, but so so far (after starting from scratch) I have not seen the error return.

I'll keep this question open for a bit until I know for sure.

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.