You are not logged in.
Pages: 1
Topic closed
So basically I've been wanting to add a custom registration/login system on my Wordpress-based website. I added my tables to the database and wrote the registration/login code and everything.
My problem is this function wp_unregister_globlas which is defined in wp-includes/load.php and called on /wp-settings.php:
function wp_unregister_GLOBALS() {
if ( !ini_get( 'register_globals' ) )
return;
if ( isset( $_REQUEST['GLOBALS'] ) )
die( /*WP_I18N_GLOBALS_OVERWRITE*/'GLOBALS overwrite attempt detected'/*/WP_I18N_GLOBALS_OVERWRITE*/ );
// Variables that shouldn't be unset
$no_unset = array( 'GLOBALS', '_GET', '_POST', '_COOKIE', '_REQUEST', '_SERVER', '_ENV', '_FILES', 'table_prefix' );
$input = array_merge( $_GET, $_POST, $_COOKIE, $_SERVER, $_ENV, $_FILES, isset( $_SESSION ) && is_array( $_SESSION ) ? $_SESSION : array() );
foreach ( $input as $k => $v )
if ( !in_array( $k, $no_unset ) && isset( $GLOBALS[$k] ) ) {
$GLOBALS[$k] = null;
unset( $GLOBALS[$k] );
}
}
After some googling, I added the session_start() to my functions.php file located in my theme root and hooked it to the init.
When the user logs in, I save his id in $_SESSION but I get nothing when I echo it (for testing purposes) after I redirect him to his profile. $_SESSION is empty ...
I tried adding _SESSION to the $no_unset array and that didn't work for me.
The ultimate question: is it safe for me to comment wp_unregister_globals in /wp-settings?
Calling wp_unregister_globals in wp-settings clears all your global variables. You can comment out any calls to wp_unregister_GLOBALS() and your global session variables and other global variables values wont be cleared anymore.
But I am not sure if stopping all calls to that function would actually affect the work of WordPress(Not sure), most probably it would in one way or another. A possible solution for setting custom session variables would be to add session_start(); at the very top of your wp-config.php that should enable sessions.
Because here is how it works:
wp_unregister_GLOBALS() actually clears the corresponding values in $GLOBALS hash and does not actually affect the actual value in $_SESSION. So if you set $_SESSION['somevalue'], wp_unregister_GLOBALS() would actually unset $GLOBALS['somevalue'] and the value becomes unaccessable but that does not affect $_SESSION['somevalue'] that is still holding them. Those stored values can be re-used after you initialize the session with session_start().
Try it out and let me know if it works.
Hope that was helpful, have a good day :)
Hey Ayman, thanks for your reply.
I added session_start() to my wp-config file and I still get nothing when I echo my $_SESSION("my_variable") after the user logs in and is redirected to his profile page.
I ended up settling for Wordpress's own way of handling global variables, I don't need session_start anymore and I don't have to deal with the awfulness of wp_unregister_globals.
Topic "solved".
Pages: 1
Topic closed