[wp-trac] [WordPress Trac] #58778: global _SERVER accessed in load.php without a global statement
WordPress Trac
noreply at wordpress.org
Tue Jul 11 16:25:40 UTC 2023
#58778: global _SERVER accessed in load.php without a global statement
--------------------------+------------------------------
Reporter: xswarren | Owner: (none)
Type: defect (bug) | Status: closed
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 6.2.2
Severity: normal | Resolution: invalid
Keywords: | Focuses:
--------------------------+------------------------------
Comment (by xswarren):
Ah, thanks for the docs pointer; that makes sense.
Let me know if this extended discussion should be moved somewhere else
since it's no longer a bug in the code.
Below is the change made to php.ini, which caused the issue. I'm curious
why the change caused the issue. As far as I can tell, the change simply
altered the representation of some boolean values, but didn't change the
logical value of those variables. Can you comment on this? Maybe this is
due the PHP JIT thing our hosting provider (SiteGround) seems to have
enabled; maybe it has some bug in php.ini handling?
Thanks for any hints.
{{{
root at severn:/mnt/severn_backup/severn.wwwdotorg.org/sequence# diff -B -u
bkp.[21]/home/swarren/backup_fcch_webhost/data/www/fortcollinscreatorhub.org/public_html/php.ini
root at severn:/mnt/severn_backup/severn.wwwdotorg.org/sequence# diff -B -u
bkp.[10]/home/swarren/backup_fcch_webhost/data/www/staging5.fortcollinscreatorhub.org/public_html/php.ini
---
bkp.0/home/swarren/backup_fcch_webhost/data/www/staging5.fortcollinscreatorhub.org/public_html/php.ini
2023-07-10 15:18:29.538858974 -0600
+++
bkp.1/home/swarren/backup_fcch_webhost/data/www/staging5.fortcollinscreatorhub.org/public_html/php.ini
2021-08-18 06:00:37.873260027 -0600
@@ -1158,17 +1397,21 @@
; where MODE is the octal representation of the mode. Note that this
; does not overwrite the process's umask.
; http://php.net/session.save-path
+
; Whether to use cookies.
; http://php.net/session.use-cookies
-session.use_cookies = On
+session.use_cookies = 1
+
; http://php.net/session.cookie-secure
;session.cookie_secure =
+
; This option forces PHP to fetch and use a cookie for storing and
maintaining
; the session id. We encourage this operation as it's very helpful in
combating
; session hijacking when not specifying and managing your own session id.
It is
; not the end all be all of session hijacking defense, but it's a good
start.
; http://php.net/session.use-only-cookies
-session.use_only_cookies = On
+session.use_only_cookies = 1
+
; Name of the session (used as cookie name).
; http://php.net/session.name
session.name = PHPSESSID
@@ -1172,9 +1415,11 @@
; Name of the session (used as cookie name).
; http://php.net/session.name
session.name = PHPSESSID
+
; Initialize session on request startup.
; http://php.net/session.auto-start
-session.auto_start = Off
+session.auto_start = 0
+
; Lifetime in seconds of cookie or, if 0, until browser is restarted.
; http://php.net/session.cookie-lifetime
session.cookie_lifetime = 0
@@ -1281,7 +1542,8 @@
; - User may access your site with the same session ID
; always using URL stored in browser's history or bookmarks.
; http://php.net/session.use-trans-sid
-session.use_trans_sid = Off
+session.use_trans_sid = 0
+
; Select a hash function for use in generating session ids.
; Possible Values
; 0 (MD5 128 bits)
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/58778#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list