Illegal use of $_SERVER.

Discussion forum for Extension Writers regarding Extension Development.
boardman
Registered User
Posts: 47
Joined: Wed May 06, 2015 10:08 pm

Re: Illegal use of $_SERVER.

Post by boardman » Thu May 07, 2015 8:39 pm

Hi all,

I'm in the process of upgrading from phpBB 3.0 to phpBB 3.1, and I am afraid I am having an issue with request_var().

One of my pages is semi-external, it is making use of the phpBB database by calling common.php in the beginning. I changed all instances of $_POST and $_SERVER in that script to use request_var() instead, but while it seems to work for the post variables, request_var('REMOTE_ADDR','') specifically remains empty.

I am recycling this old thread because it appears that the folks in here were able to retrieve REMOTE_ADDR just fine. Specifically I am hoping for pointers why I can get the post variables but not that one server variable. My only guess is that the server variables are added in a different step than the post variables, and that it may not be covered by calling common.php.

User avatar
AmigoJack
Registered User
Posts: 5570
Joined: Tue Jun 15, 2010 11:33 am
Location: グリーン ヒル ゾーン
Contact:

Re: Illegal use of $_SERVER.

Post by AmigoJack » Fri May 08, 2015 7:03 am

My point would be to (re)read Marc's post to understand to not omit additional parameters to the function.
The worst thing about censorship is ███████████
Affin wrote:
Tue Nov 20, 2018 9:51 am
The problem is probably not my English but you do not want to understand correctly.
...
We will not come anybody anyway, nevertheless, it's best to shit this.

boardman
Registered User
Posts: 47
Joined: Wed May 06, 2015 10:08 pm

Re: Illegal use of $_SERVER.

Post by boardman » Fri May 08, 2015 8:35 am

Sorry, I should have mentioned. I tried this:

request_var('REMOTE_ADDR', '', false, false, \phpbb\request\request_interface::SERVER)

But with the same results (gets me an empty string).

User avatar
kasimi
Extension Customisations
Extension Customisations
Posts: 3704
Joined: Sat Sep 10, 2011 7:12 pm
Location: Germany
Contact:

Re: Illegal use of $_SERVER.

Post by kasimi » Fri May 08, 2015 10:21 am

Can't you use $request->server('REMOTE_ADDR', ''); after including common.php?

boardman
Registered User
Posts: 47
Joined: Wed May 06, 2015 10:08 pm

Re: Illegal use of $_SERVER.

Post by boardman » Fri May 08, 2015 10:26 am

kasimi wrote:Can't you use $request->server('REMOTE_ADDR', ''); after including common.php?
Yay, that works - thanks so much!

Why this and not request_var()?

(EDIT: And your avatar keeps making me giggle. :lol: )

User avatar
RMcGirr83
Recognised Extension Developer
Posts: 21034
Joined: Wed Jun 22, 2005 4:33 pm
Location: Your display
Name: Rich McGirr
Contact:

Re: Illegal use of $_SERVER.

Post by RMcGirr83 » Fri May 08, 2015 10:32 am

request_var does not have those available and is from phpBB 3.0.x days. 3.1.x introduced the new $request->variable/server/etc.
In times of change, learners inherit the earth, while the learned find themselves beautifully equipped to deal with a world that no longer exists - Eric Hoffer
Former Modifications/Extensions Team Member | My extensions
Appreciate the extensions/mods/support then buy me a beer
All requests for support via PM will be ignored

User avatar
kasimi
Extension Customisations
Extension Customisations
Posts: 3704
Joined: Sat Sep 10, 2011 7:12 pm
Location: Germany
Contact:

Re: Illegal use of $_SERVER.

Post by kasimi » Fri May 08, 2015 10:37 am

It seems request_var() ends up using \phpbb\request\request_interface::REQUEST even when passing \phpbb\request\request_interface::SERVER to it.

As Rich stated, $request is the way to do it in 3.1.x, request_var() is deprecated.

boardman
Registered User
Posts: 47
Joined: Wed May 06, 2015 10:08 pm

Re: Illegal use of $_SERVER.

Post by boardman » Mon May 11, 2015 5:08 pm

Hm, I do have one more question. Before upgrading, I used:

$_REQUEST['variable']="value";

That way, "value" would also be available in included files. But this isn't working anymore ("Illegal use of $_REQUEST. You must use the request class or request_var()"). What do I use now?

rxu
Extensions Development Team
Posts: 2924
Joined: Wed Oct 25, 2006 12:46 pm
Location: Siberia, Russian Federation
Name: Ruslan
Contact:

Re: Illegal use of $_SERVER.

Post by rxu » Mon May 11, 2015 5:30 pm

boardman wrote:What do I use now?

Code: Select all

$variable = $request->variable('variable', 'some_default_value');
EDIT: Or do you mean assigning the value to the global array node?

boardman
Registered User
Posts: 47
Joined: Wed May 06, 2015 10:08 pm

Re: Illegal use of $_SERVER.

Post by boardman » Mon May 11, 2015 5:39 pm

rxu wrote:EDIT: Or do you mean assigning the value to the global array node?
Yes, that one. ;)

User avatar
kasimi
Extension Customisations
Extension Customisations
Posts: 3704
Joined: Sat Sep 10, 2011 7:12 pm
Location: Germany
Contact:

Re: Illegal use of $_SERVER.

Post by kasimi » Mon May 11, 2015 7:02 pm

boardman wrote:$_REQUEST['variable']="value";
$request->overwrite("variable", "value", \phpbb\request\request_interface::REQUEST);

boardman
Registered User
Posts: 47
Joined: Wed May 06, 2015 10:08 pm

Re: Illegal use of $_SERVER.

Post by boardman » Mon May 11, 2015 8:13 pm

Fantastic - thanks a ton.

alexander7566
Registered User
Posts: 171
Joined: Mon Mar 12, 2012 5:26 pm

Re: Illegal use of $_SERVER.

Post by alexander7566 » Wed Sep 16, 2015 4:10 pm

Is there an option to turn this check off? I have a website with tons of pages that integrates with PhpBB a little. I use my own checks for those variables and not about to convert them all. There has to be a way to turn that feature off..

marcovo
Registered User
Posts: 239
Joined: Fri Nov 16, 2012 12:19 pm
Location: The Netherlands
Name: Marco

Re: Illegal use of $_SERVER.

Post by marcovo » Wed Sep 16, 2015 4:19 pm

If you find turning it off is not possible, you might also consider copying $_SERVER into another array ($__SERVER or sth like that) before phpBB does any magic with it. Then just replace $_SERVER by $__SERVER in all your files and you're good to go. Anyways, that's how I've solved it :P .

Do note that this is probably not possible through any event; you'll have to modify core files for this I guess.. but if you know what you're doing that'll be fine.

alexander7566
Registered User
Posts: 171
Joined: Mon Mar 12, 2012 5:26 pm

Re: Illegal use of $_SERVER.

Post by alexander7566 » Wed Sep 16, 2015 4:30 pm

No still not an option.. However, I figured it out. Modified /forums/config/parameters.yml. Set core.disable_super_globals to false and delete the cache. This resolved my issue right away!

Post Reply

Return to “Extension Writers Discussion”