1

With phpbb3.1 it appears they have disabled more superglobals. I have tried passing a variable between using sessions, but have had no success.

$_SESSION['example'] = 'example';
$example = $_SESSION['example'];

Nothing is stored because nothing is there due to phpbb disabling superglobals. What's the next best and most secure way to pass variables in between pages?

Waffles
  • 407
  • 3
  • 11

2 Answers2

2

You might want to take a look at this answer, where I explained that you can also temporarily (or globally) switch Superglobals back:

Globally

Open the /phpbb/config/parameters.yml file and change the core.disable_super_globals key from true to false.

Programmatically

This is a sample code that can be used to temporarily enable superglobals (per-request scope):

// temporarily enable superglobals
$request->enable_super_globals();

// TODO: do your stuff here.

// disable superglobals again
$request->disable_super_globals();

You can also read this blog post that I wrote on this topic for further info.

Darkseal
  • 9,205
  • 8
  • 78
  • 111
1

I'm not sure if $_SESSION is included, but try phpBBs request class...

$example = $request->variable('example','');

Docs for the class are here - https://wiki.phpbb.com/PhpBB3.1/RFC/Request_class

Eeji
  • 1,648
  • 3
  • 17
  • 22
  • 1
    No it doesn't, I found out to add a new session variable in phpbb I have to add a new row to the database and add some code to a couple php files. However, this is how you request cookies and url queries in phpbb. So if the data you want to send over to the next page is not something you want to keep private, you could absolutely use this. – Waffles Feb 15 '16 at 20:19
  • You can also use it to access `$_POST` values too if thats any help – Eeji Feb 16 '16 at 21:30