In PHP, why are my session variables persisted as references?

Question

Here\'s the code. It\'s a simple operation to check that a session ID isn\'t being spoofed by verifying the IP address:

session_start();
$session_ip_address = $_         


        

Answer 1

One of my customers had a very similar problem.

Make sure your PHP configuration (PHP.ini) has register_globals Off otherwise regular variables overwrite superglobals including PHP sessions.