ID: 25753
Updated by: [email]sniperphp.net[/email]
Reported By: [email]sniperphp.net[/email]
-Status: Open
+Status: Critical
Bug Type: Apache related
Operating System: *
-PHP Version: 4CVS-2003-10-04 (stable)
+PHP Version: 4CVS, 5CVS


Previous Comments:
------------------------------------------------------------------------

[2003-10-04 00:48:12] [email]sniperphp.net[/email]

Description:
------------
If (for example) one virtualhost configuration has
set "php_admin_flag register_globals off", in some situations the
setting persists between requests.
-> php.ini settings are NOT reset between requests.

1. php.ini has register_globals = On
2. Request is made into [url]www.foobar.com[/url]
(which has "php_admin_flag register_globals off")
3. Next request (same apache child) is made into [url]www.barfoo.com[/url] (which
does not have the setting)

This applies to ALL php.ini directives.

Some related reports:

bug #6374 (include_path in .htaccess across multiple vhosts)
bug #7174 (Round-robin -like values for include_path)
bug #19292 (Random error: open_basedir restriction..)
bug #21564 (corrupted paths coming to open_basedir)
bug #23462 ("php_admin_value open_basedir" in httpd.conf)
bug #23580 (Random values for include_path)
bug #24282 (Strange Open Base Dir Restriction Errors)
bug #24974 (random open_basedir errors)
bug #25172 ($HTTP_HOST sometimes empty)

For all who think they're experiencing this problem:
DO NOT add any comments here unless you have some extra information to
give which is not already given in above mentioned reports.
Any comment which has no extra value will be deleted.




------------------------------------------------------------------------


--
Edit this bug report at [url]http://bugs.php.net/?id=25753&edit=1[/url]