In php 3.1.x the super globals were deactivated but we need them for integration purposes,
for example: people registrate on our site outside phpbb (via an external script)
User input is collected via forms,
and to make our integration scripts work with phpbb we added:
at several places.
Immediately reverting to
in our scripts is difficult,
since files are included, form-data are transported between pages etcetera.
So, we don't revert al all, and simply use
Is this safe? We only do it in external scripts, not directly on any pages of the phpbb-forum itself. I mean, on some pages we do include phpbb-files to make the integration work, but we never access those phpbb-files directly.
User input that we use in our scripts, like $_REQUEST variables, is sanitized via our own scripts.
So, this concerns scripts like this:
file "our-own_php", with for example in it:
--- some included phpbb-files ---
--- further scripts of ourselves with possible further includes---
--- end ---