What is this?
It flickers by very fast with Camino but slow enough in IE 5.2.2 for me to be able to copy it, before I'm taken to the login page. It is present in 1.0.8.1 as well as all pre 1.0.9 versions.
"Warning: Unknown(): Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively. in Unknown on line 0"
I use PHP 4.3.1.
I checked php.ini and found the following...
; PHP 4.2 and less have an undocumented feature/bug that allows you to
; to initialize a session variable in the global scope, albeit register_globals
; is disabled. PHP 4.3 and later will warn you, if this feature is used.
; You can disable the feature and the warning seperately. At this time,
; the warning is only displayed, if bug_compat_42 is enabled.
session.bug_compat_42 = 1
session.bug_compat_warn = 0
As you can see I set
session.bug_compat_warn = 0
and the warning message doesn't show up anymore.
But I'm unsure what security risks there are "to initialize a session variable in the global scope, albeit register_globals is disabled".
; PHP 4.2 and less have an undocumented feature/bug that allows you to
; to initialize a session variable in the global scope, albeit register_globals
; is disabled. PHP 4.3 and later will warn you, if this feature is used.
; You can disable the feature and the warning seperately. At this time,
; the warning is only displayed, if bug_compat_42 is enabled.
session.bug_compat_42 = 1
session.bug_compat_warn = 0
As you can see I set
session.bug_compat_warn = 0
and the warning message doesn't show up anymore.
But I'm unsure what security risks there are "to initialize a session variable in the global scope, albeit register_globals is disabled".
As far as I could tell when I looked into this (there is a hot debate about it on the php mailing list) there's no risk whatsoever.
Hence: http://moodle.org/doc/?frame=install.html&sub=webserver
Hence: http://moodle.org/doc/?frame=install.html&sub=webserver
Hi,
I am experiencing the same problem. I have read through the posts in this thread, and tried the suggestions, but I'm still getting the error message (displayed on login).
The system is running Red Hat 7.2, Apache 2, PHP 4.3.1 and Moodle 1.0.8.1.
I have added the following lines in .htaccess in the /htdocs/moodle subdirectory:
php_value session.bug_compat_warn 0
php_value session.bug_compat_42 0
These settings did not exist in the php.ini file, so I added them there too:
session.bug_compat_warn 0
session.bug_compat_42 0
The setting register_globals was set to 'On', I have also reset this to 'Off'.
I had a similar problem with a system running Debian, Apache 1.3.27, PHP 4.3.1 and Moodle 1.0.8.1; on that system it was sufficient to change
session.bug_compat_warn = 1
to
session.bug_compat_warn = off
and the warning disappeared.
Any help on this would be appreciated.
Thanks in advance,
Cormac.
"Keep up the good work!"
I am experiencing the same problem. I have read through the posts in this thread, and tried the suggestions, but I'm still getting the error message (displayed on login).
The system is running Red Hat 7.2, Apache 2, PHP 4.3.1 and Moodle 1.0.8.1.
I have added the following lines in .htaccess in the /htdocs/moodle subdirectory:
php_value session.bug_compat_warn 0
php_value session.bug_compat_42 0
These settings did not exist in the php.ini file, so I added them there too:
session.bug_compat_warn 0
session.bug_compat_42 0
The setting register_globals was set to 'On', I have also reset this to 'Off'.
I had a similar problem with a system running Debian, Apache 1.3.27, PHP 4.3.1 and Moodle 1.0.8.1; on that system it was sufficient to change
session.bug_compat_warn = 1
to
session.bug_compat_warn = off
and the warning disappeared.
Any help on this would be appreciated.
Thanks in advance,
Cormac.
"Keep up the good work!"