; PHP 4.2 and less have an undocumented feature/bug that allows you to to initialize a session variable in the global scope, even when register_globals is disabled. PHP 4.3 and later will warn you, if this feature is used. You can disable the feature and the warning separately. At this time, the warning is only displayed, if bug_compat_42 is enabled. This feature introduces some serious security problems if not handled correctly. It’s recommended that you do not use this feature on production servers. But you should enable this on development servers and enable the warning as well. If you do not enable the feature on development servers, you won’t be warned when it’s used and debugging errors caused by this can be difficult to track down.
What did you just say? Should this be on or not? Just… what?
AND WHY IS THIS EVEN AN ISSUE IN 5.X?
The relevant manual entry