I'm using the session to pass data from a node to my webform (sounds bad, but it really isn't) and I've nested all of my data like so:


On my webform, I've set the default values of those 3 respective hidden fields to:


When looking at the page source the value of those 3 hidden fields are:


If I move my data up to the top level of the array like: %session[registrationNID] etc etc the webform will work correctly and as an example the hidden fields contain the actual values:

Tennis 101
Aug 24 2010 to Sept 27 2010

Members fund testing for the Drupal project. Drupal Association Learn more


devkinetic’s picture

I have a feeling that the issue has to do with line 2319 of webform.module, but I don't know enough about the module to do any real damage to this issue.

$replacement = (!is_array($value) && !is_object($value)) ? $value : '';

Like I said before a workaround would be to store your data at the top level of session, but that isn't always an option and it's not neat.

quicksketch’s picture

Title: %session token breaks on array » Webform tokens (%session, %post) do not support arrays
Category: bug » feature

I haven't been able to find the issue, but I know this has been raised a few times before. I wouldn't qualify this as a bug though, since Webform doesn't claim to work with arrays at all.

devkinetic’s picture

Fair enough. I was able to modify my code to effectively work without the array, and if you point me in the right direction, I'll take a look at this on my own time.

In case anyone is interested, here is a simplified way of dealing with not having an array to organize:

$keys = array('nid', 'class', 'times', 'location', 'days');
foreach ($keys as $key) {
      $value = "registration-" . $key;
      if (isset($_SESSION[$value])) {
        // do something
m-patate’s picture

Version: 6.x-3.0-beta5 » 7.x-3.13


I face the same issue with my webform.
Finally, I decided to code it.
Unfortunately I don't know how to build a patch.

As said #1 the hack was near to this code (beginning at line 2793) :

foreach ($variable as $key => $value) {
		 // This special case for profile module dates.
          if ($token == '%profile' && is_array($value) && isset($value['year'])) {
            $replacement = webform_strtodate(webform_date_format(), $value['month'] . '/' . $value['day'] . '/' . $value['year'], 'UTC');
          else {
			$replacement = (!is_array($value) && !is_object($value)) ? $value : '';
			/* Add to webform to access arrays values
			/* It's possible to access object too, but beware of recursion.
          $replacements[$safe_state][$token . '[' . $key . ']'] = $replacement;

I add this recursive function to build all the replacements (the function name should not be accurate) :

function _webform_replacement_token(&$replacements,$token,$keys,$values){
		foreach($values as $key => $value){
			// Recursive behaviour
		//$replacements[$token.'['.implode('][',$keys).']'] = '';
		$replacements[$token.'['.implode('][',$keys).']'] = $values;

It works for all tokens with array values (%get, %post, %session - my case too -, ...) : for example %session[registration][nid], %session[registration][class], %session[registration][date] will return values.

Awaiting your feedback

quicksketch’s picture

Unfortunately I don't know how to build a patch.

There is a handbook page at http://drupal.org/patch/create that might help move this request forward.

rschwab’s picture

Status: Active » Needs work
1.63 KB

Many thanks to pef for starting this off. I've adapted #4 slightly and posted a patch. It definitely needs work before its production ready though, for example object support. However, its already doing the job for replacing form values in $_POST.

westie’s picture

#6 Works nicely for me on d6, thank you rschwab. Was there any code that is d7 specific I might have missed?

Would be nice to have this included in webform as supporting %session but not arrays seems kinda strange considering most things stored in session are put into arrays for great organisation etc.

SNaKeMe’s picture

#6 Works nicely for me on d7, thank you rschwab.

anou’s picture

#6 patch works like a charm, at least on %post token. Didn't test other cases. Thanks to rschwab.

EDIT: I'm using webform 7.x-3.18

nplowman’s picture

#6 patch works for me if the value is initialized. I was running into a problem though if an array key was not set. For example, if I set the default value as %session[foo][value], but value had not yet been set it would print "[value]" into the field rather leave it empty. Probably a quick fix if someone has the know-how.

sammys’s picture

EDIT: Deleted.

Deciphered’s picture

I've updated the patch to improve the coding standard, but nothing other than that as it works as needed for my usecase.

As an aside, the patch also applies and works on the 6.x-3.x branch.

Deciphered’s picture

Damn, missed one.

sammys’s picture

I still believe this patch needs some work because while it works correctly for the initial submission it doesn't work correctly when the form is updated by an admin.

The use case I used was quite simple. First name and last name text fields along with a secure hidden field with the default value set to %post[submitted][first_name] %post[submitted][last_name].

Initial submission works perfectly and the value bubbles through to a configured email correctly. Unfortunately, editing the form submission and submitting it again does not change the full name field.

I think this bug will need to be ironed out before this patch can be considered for commit.

DanChadwick’s picture

Issue summary: View changes
Status: Needs work » Closed (won't fix)

At this point, 7.x-3.x is receiving critical bug fixes only. Please update to 7.x-4.x.

rschwab’s picture

Just as an FYI this is now supported in 7.x-4.x. See #1840738: %profile[key] token does not work