Hello Everyone!

I had a script running perfectly fine in VBulletin 3.0.x which allowed me to do this:

Basically, the script is offers.php and if you go to offers.php?action=blah then it registers action=blah like PHP would normally do, however, VB blocks this and only allows certain variables go through as *WAS* defined in init.php:

$_allowedvars

Now, I upgraded to VB 3.5.x and I just can't find where on Earth they moved the $_allowedvars so that I can throw all the variables in there.

Anyone know where they moved it?

Yes, I searched numerous times with numerous keywords. Result: nada.

Thanks in advance,
Matt

Sorry for the bump, I just really need this answered. Can anyone help? TIA

This is interesting, I would like an answer for this too! :P

I don't know why they would possibly need this.
With GPC, the GLOBALS cleanup becomes useless, so I suppose they removed that code.

Say you are creating a script that integrates with vBulletin.

The script: test.php

Inside of test.php (which is integrated and includes global.php) includes:


if($action == "blah")
{

echo ("hi");
}


Now, if you go to http://url.com/forum/test.php?action=blah

It only sees test.php without the declartion of "action" being "blah." In the earlier version of VB, you could just add in "action" to the "allowedvars" in init.php and bam, that fixed the problem.

I am just trying to find out where on earth that went in 3.5.x

if ($_GET['action'] == 'blah')
{
echo 'hi';
}

or

$vbulletin->input->clean_array_gpc('g', array(
'do' => TYPE_STR,
'threadid' => TYPE_INT,
'action' => TYPE_STR
));

if ($vbulletin->GPC['action'] == 'value')
{
echo 'eggnog';
}

If you are going to use the values for anything other than script nav, you should pass it through the gpc functions first to sanitize the data.

Can $vbulletin->GPC be accessed from a style template, though?

The reason that $_allowedvars was needed in previous versions was that there was VB code that explicitly called "deregister_globals" on anything that was not in the $_allowedvars array.

Somewhere in the new version, similar code is being executed (though not with the deregister_globals function -- I grep'd for it), because the globals I've defined are getting cleared out.

No, you may not access GPC from templates.
You must put
$myvar =& $vbulletin->GPC['myvar'];
if you want to use the variable in a template (note the "&" sign - it establishes a reference rather than copying the variable - for memory saving purposes).

Somewhere in the new version, similar code is being executed (though not with the deregister_globals function -- I grep'd for it), because the globals I've defined are getting cleared out.

You should not be defining globals unless it's after you've included global.php.

Problem has been solved.

I placed a $_GET on all of my variables, passes through globals.php just fine.

Thanks SirAdrian.

There is no reason why you can't use $vbulletin->GPC[myvar] in templates.