5 replies to this topic

[oldcelt]

I'm using osc 2.2 because I know that the multistore addon doesn't work with the latest version.   So, I use the register_globals_off workaround because I can't alter the php.ini file.

Initailly, all seemed well but when I try to log in to the admin side I get an error:-

Quote

Warning: Unknown: Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively in Unknown on line 0

I've searched on line for a solution and I've tried adding lines to .htaccess (no joy), also to place a sessions.php file in my root directory as follows:

<? php
// Added to turn off php warnings (see register_globals contrib/patch readme)
ini_set("session.bug_compat_warn", "off");
ini_set("session.bug_compat_42", "off");
?>

Further, the download .zip file containing the workaround information no longer has a README.TXT file which we're urged to read!

Nothing has worked for me - any bright ideas please?

[spooks]

Perhaps the easiest solution would be to convert the add-on code so its rg on requirement is negated, it often just means altering some variables

[MrPhil]

Your host doesn't give you any way to set PHP settings? Most hosts will let you create your own php.ini, with just the changes in it. They certainly won't let you change the master php.ini file! Use

<?php phpinfo(); ?>

to check PHP settings before and after changing php.ini, to confirm that they've taken effect. On some systems, you need to add a pointer to php.ini in .htaccess. Your host should be able to clarify all this.

I agree that you're best off leaving register global variables off. Do check to see if any code remains which is still using register globals, and change them to use $_REQUEST['var name']. It also sounds like there's something in various "sessions" calls that needs updating (i.e., breaks when register global variables are off). Which osC version are you at? What PHP version are you using?

Your two ini_set() calls should probably go near the top of the two includes/functions/sessions.php files, rather than in /sessions.php. See 2.2 RC2 or later. I don't think there is any place that file will be called, at least in standard osC. That may be part or all of your sessions problem.

[oldcelt]

Thanks for the advice guys.  There is no way I can modify the php.ini file I'm afraid.  I have tried several suggested solutions for this with no luck.   Unfortunately, it looks like the multistore addon is not very well supported; maybe not much demand for it?

Edited by oldcelt, 25 April 2012 - 10:20 AM.

[MrPhil]

You're saying that you can't add your own php.ini file, to override selected settings in the default master php.ini? It's a strange host that won't let you do that. Even if you can set register global variables on in your own php.ini, it would still be a good idea to bring your site into the 21^st century and update it to not need register globals. And as I said before, adding a /sessions.php file will do nothing for you. You need to add those settings elsewhere (either inside the existing sessions.php files, or in the application_top.php files).

[spooks]

register globals is removed as of PHP5.4 so attempting to enable for any use will, even if successful, be a very short term solution.