$_SESSION[rString] HELP
Moderator: General Moderators
-
danp_canucks
- Forum Newbie
- Posts: 4
- Joined: Tue Aug 15, 2006 3:57 am
$_SESSION[rString] HELP
Hi everyone!
I'm making a addition to a client's website. They have the following variable everywhere $_SESSION[rString]. Also they are not using session_start() , session_register(), or define("rString", foo) anywhere in the site. There are no errors on their site when proccessing this statement. My question is what could this possibly be. I'm not really a newbie, but I have not come across anything like this.
I would very much appreciate any input you may have.
I'm making a addition to a client's website. They have the following variable everywhere $_SESSION[rString]. Also they are not using session_start() , session_register(), or define("rString", foo) anywhere in the site. There are no errors on their site when proccessing this statement. My question is what could this possibly be. I'm not really a newbie, but I have not come across anything like this.
I would very much appreciate any input you may have.
It's a session variable, oddly enough.
although session_register() is regarded as deprecated, and any session variables/values should be assigned directly to the $_SESSION superglobal array. (simply put: $_SESSION['var'] = 'val'; )
The last snip (define('rString', 'foo'); ) is a constant.
Are you experiencing any particular problems?
although session_register() is regarded as deprecated, and any session variables/values should be assigned directly to the $_SESSION superglobal array. (simply put: $_SESSION['var'] = 'val'; )
The last snip (define('rString', 'foo'); ) is a constant.
Are you experiencing any particular problems?
Last edited by Jenk on Tue Aug 15, 2006 4:14 am, edited 1 time in total.
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
Echo out the two things and see what is coming out of them...
Code: Select all
<?php
echo rString;
echo $_SESSION[rString];
?>-
danp_canucks
- Forum Newbie
- Posts: 4
- Joined: Tue Aug 15, 2006 3:57 am
Thank You all for the responses.
I will address each of your comments individually:
-The live site works perfectly fine
-This is a third party project and I don't have access to the server, so I cannot play around with the settings, or upload test files. All I have are the site files and database dump.
-I could rebuild the file structure on my system and check it that way, but it's way too complicated and they are not paying me enough to do so.
-I checked all the included/required files, nowhere is rString defined.
I am beginning to lean to the hypothesis that they disabled error reporting, but $_SESSION[rString] appears way too often, and clearly the programming was done by an advanced programming judging from the rest of the code.
Is there anything else it could be? I know it's a bit of a vague description, and I would be happy to answer any other question.
I will address each of your comments individually:
-The live site works perfectly fine
-This is a third party project and I don't have access to the server, so I cannot play around with the settings, or upload test files. All I have are the site files and database dump.
-I could rebuild the file structure on my system and check it that way, but it's way too complicated and they are not paying me enough to do so.
-I checked all the included/required files, nowhere is rString defined.
I am beginning to lean to the hypothesis that they disabled error reporting, but $_SESSION[rString] appears way too often, and clearly the programming was done by an advanced programming judging from the rest of the code.
Is there anything else it could be? I know it's a bit of a vague description, and I would be happy to answer any other question.
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
What exactly about this leads you to believe it was an advanced developer? Error reporting is disabled by default in a lot of hosted environments. Relying on it a bad practise. Most developers worth their salt will develop their apps to the most strict environment (E_ALL error reporting and display_errors on) just to make sure the stuff works properly.danp_canucks wrote:I am beginning to lean to the hypothesis that they disabled error reporting, but $_SESSION[rString] appears way too often, and clearly the programming was done by an advanced programming judging from the rest of the code.
Just a question, that's all.
-
danp_canucks
- Forum Newbie
- Posts: 4
- Joined: Tue Aug 15, 2006 3:57 am
Thank You for the replies
I wish I could perform live testing of the code, but not having access to the server severly limits me in what I can do to test.
I am absolutely sure that I have all the include files that are refered to in the code and rString is not defined anywhere.
The reason why I think that the code is written by an advanced programmer is because the site is written in an OOP paradigm. The site is huge (several hundred pages), and the OOP does a lot to help with writing clean and efficient code.
Is it possible that it's a reference to some Flash ActionScript variable?
I wish I could perform live testing of the code, but not having access to the server severly limits me in what I can do to test.
I am absolutely sure that I have all the include files that are refered to in the code and rString is not defined anywhere.
The reason why I think that the code is written by an advanced programmer is because the site is written in an OOP paradigm. The site is huge (several hundred pages), and the OOP does a lot to help with writing clean and efficient code.
Is it possible that it's a reference to some Flash ActionScript variable?
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
It could very well be a mistake. Using an unquoted array index is acceptable, but not recommended. PHP has to guess what you mean when you leave the quotes off. And just because there are 100 pages of code that appears to be OOP, doesn't mean it was an advanced developer.
Getting to my next point, if you have access to the code, why not set the code up on your own computer (making your computer a server is fairly easy). Then you can turn error reporting on locally and see exactly what is happening on the server.
Getting to my next point, if you have access to the code, why not set the code up on your own computer (making your computer a server is fairly easy). Then you can turn error reporting on locally and see exactly what is happening on the server.
-
danp_canucks
- Forum Newbie
- Posts: 4
- Joined: Tue Aug 15, 2006 3:57 am
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA