Merge branch 'feature/igorw/request-class' into develop

* feature/igorw/request-class: (21 commits)
  [feature/request-class] Fix mcp.php mode parameter
  [feature/request-class] Fix remember and session hide on login
  [feature/request-class] Fix missing include in database_update
  [feature/request-class] Make additional request test cases run
  [feature/request-class] Adjust some trailing newlines
  [feature/request-class] Remove tricky $_* is_array from acp_profile
  [feature/request-class] Convert any direct access to $_* to use $request
  [feature/request-class] Add $request to style.php, minor change
  [feature/request-class] Prevent recursive_set_var from applying htmlspecialchars twice
  [feature/request-class] Removal of direct access to some superglobals
  [feature/request-class] Refactor request classes to use autoloading
  [feature/request-class] Automatically normalize multibyte data in request_var
  [feature/request-class] Request class test now uses a type cast helper mock.
  [feature/request-class] Refactored request class and wrapper functions.
  [feature/request-class] Extracted type casting helpers from the request class.
  [feature/request-class] Replace direct use of GET/REQUEST with request_var.
  [feature/request-class] Use the request class in the installer & updater.
  [feature/request-class] request_var should return after setting the request object.
  [feature/request-class] Instantiate a global request class instance.
  [feature/request-class] New request class supports recursive arrays.
  ...

phpBB/adm/index.php

@@ -163,6 +163,7 @@ function adm_page_footer($copyright_html = true)
 {
 	global $db, $config, $template, $user, $auth, $cache;
 	global $starttime, $phpbb_root_path, $phpbb_admin_path, $phpEx;
+	global $request;
 
 	// Output page creation time
 	if (defined('DEBUG'))
@@ -170,7 +171,7 @@ function adm_page_footer($copyright_html = true)
 		$mtime = explode(' ', microtime());
 		$totaltime = $mtime[0] + $mtime[1] - $starttime;
 
-		if (!empty($_REQUEST['explain']) && $auth->acl_get('a_') && defined('DEBUG_EXTRA') && method_exists($db, 'sql_report'))
+		if ($request->variable('explain', false) && $auth->acl_get('a_') && defined('DEBUG_EXTRA') && method_exists($db, 'sql_report'))
 		{
 			$db->sql_report('display');
 		}

phpBB/common.php

@@ -205,16 +205,26 @@ require($phpbb_root_path . 'includes/utf/utf_tools.' . $phpEx);
 // Set PHP error handler to ours
 set_error_handler(defined('PHPBB_MSG_HANDLER') ? PHPBB_MSG_HANDLER : 'msg_handler');
 
+// Cache must be loaded before class loader
+$cache = new cache();
+
+// Setup class loader first
+$class_loader = new phpbb_class_loader($phpbb_root_path, '.' . $phpEx, $cache);
+$class_loader->register();
+
 // Instantiate some basic classes
+$request	= new phpbb_request();
 $user		= new user();
 $auth		= new auth();
 $template	= new template();
-$cache		= new cache();
 $db			= new $sql_db();
 
 $class_loader = new phpbb_class_loader($phpbb_root_path, '.' . $phpEx, $cache);
 $class_loader->register();
 
+// make sure request_var uses this request instance
+request_var('', 0, false, false, $request); // "dependency injection" for a function
+
 // Connect to DB
 $db->sql_connect($dbhost, $dbuser, $dbpasswd, $dbname, $dbport, false, defined('PHPBB_DB_NEW_LINK') ? PHPBB_DB_NEW_LINK : false);
 

phpBB/includes/acp/acp_attachments.php

@@ -1235,6 +1235,7 @@ class acp_attachments
 	function perform_site_list()
 	{
 		global $db, $user;
+		global $request;
 
 		if (isset($_REQUEST['securesubmit']))
 		{
@@ -1243,7 +1244,7 @@ class acp_attachments
 			$ip_list = array_unique(explode("\n", $ips));
 			$ip_list_log = implode(', ', $ip_list);
 
-			$ip_exclude = (!empty($_POST['ipexclude'])) ? 1 : 0;
+			$ip_exclude = (int) $request->variable('ipexclude', false, false, phpbb_request_interface::POST);
 
 			$iplist = array();
 			$hostlist = array();

phpBB/includes/acp/acp_icons.php

@@ -28,6 +28,7 @@ class acp_icons
 	{
 		global $db, $user, $auth, $template, $cache;
 		global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx;
+		global $request;
 
 		$user->add_lang('acp/posting');
 
@@ -338,7 +339,7 @@ class acp_icons
 				$image_display_on_posting = (isset($_POST['display_on_posting'])) ? request_var('display_on_posting', array('' => 0)) : array();
 
 				// Ok, add the relevant bits if we are adding new codes to existing emoticons...
-				if (!empty($_POST['add_additional_code']))
+				if ($request->variable('add_additional_code', false, false, phpbb_request_interface::POST))
 				{
 					$add_image			= request_var('add_image', '');
 					$add_code			= utf8_normalize_nfc(request_var('add_code', '', true));
@@ -354,7 +355,7 @@ class acp_icons
 						$image_width[$add_image] = request_var('add_width', 0);
 						$image_height[$add_image] = request_var('add_height', 0);
 
-						if (!empty($_POST['add_display_on_posting']))
+						if ($request->variable('add_display_on_posting', false, false, phpbb_request_interface::POST))
 						{
 							$image_display_on_posting[$add_image] = 1;
 						}

phpBB/includes/acp/acp_language.php

@@ -34,6 +34,7 @@ class acp_language
 		global $config, $db, $user, $auth, $template, $cache;
 		global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix;
 		global $safe_mode, $file_uploads;
+		global $request;
 
 		include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
 
@@ -58,7 +59,7 @@ class acp_language
 		if (isset($_POST['missing_file']))
 		{
 			$missing_file = request_var('missing_file', array('' => 0));
-			list($_REQUEST['language_file'], ) = array_keys($missing_file);
+			$request->overwrite('language_file', array_shift(array_keys($missing_file)));
 		}
 
 		$selected_lang_file = request_var('language_file', '|common.' . $phpEx);
@@ -68,6 +69,23 @@ class acp_language
 		$this->language_directory = basename($this->language_directory);
 		$this->language_file = basename($this->language_file);
 
+		// detect language file type
+		if ($this->language_directory == 'email')
+		{
+			$language_file_type = 'email';
+			$request_default = '';
+		}
+		else if (strpos($this->language_file, 'help_') === 0)
+		{
+			$language_file_type = 'help';
+			$request_default = array(0 => array(0 => ''));
+		}
+		else
+		{
+			$language_file_type = 'normal';
+			$request_default = array('' => '');
+		}
+
 		$user->add_lang('acp/language');
 		$this->tpl_name = 'acp_language';
 		$this->page_title = 'ACP_LANGUAGE_PACKS';
@@ -119,7 +137,7 @@ class acp_language
 						'DATA'		=> $data,
 						'NAME'		=> $user->lang[strtoupper($method . '_' . $data)],
 						'EXPLAIN'	=> $user->lang[strtoupper($method . '_' . $data) . '_EXPLAIN'],
-						'DEFAULT'	=> (!empty($_REQUEST[$data])) ? request_var($data, '') : $default
+						'DEFAULT'	=> $request->variable($data, (string) $default),
 					));
 				}
 
@@ -130,7 +148,7 @@ class acp_language
 					'method'		=> $method)
 				);
 
-				$hidden_data .= build_hidden_fields(array('entry' => $_POST['entry']), true, STRIP);
+				$hidden_data .= build_hidden_fields(array('entry' => $request->variable('entry', $request_default, true, phpbb_request_interface::POST)));
 
 				$template->assign_vars(array(
 					'S_UPLOAD'	=> true,
@@ -187,12 +205,9 @@ class acp_language
 					trigger_error($user->lang['FORM_INVALID']. adm_back_link($this->u_action), E_USER_WARNING);
 				}
 
-				if (!$lang_id || empty($_POST['entry']))
+				$entry_value = $request->variable('entry', $request_default, true, phpbb_request_interface::POST);
-				{
-					trigger_error($user->lang['NO_LANG_ID'] . adm_back_link($this->u_action), E_USER_WARNING);
-				}
 
-				if ($this->language_directory != 'email' && !is_array($_POST['entry']))
+				if (!$lang_id || !$entry_value)
 				{
 					trigger_error($user->lang['NO_LANG_ID'] . adm_back_link($this->u_action), E_USER_WARNING);
 				}
@@ -291,10 +306,10 @@ class acp_language
 					trigger_error(sprintf($user->lang['UNABLE_TO_WRITE_FILE'], $filename) . adm_back_link($this->u_action . '&id=' . $lang_id . '&action=details&language_file=' . urlencode($selected_lang_file)), E_USER_WARNING);
 				}
 
-				if ($this->language_directory == 'email')
+				if ($language_file_type == 'email')
 				{
 					// Email Template
-					$entry = $this->prepare_lang_entry($_POST['entry'], false);
+					$entry = $this->prepare_lang_entry(htmlspecialchars_decode($entry_value), false);
 					fwrite($fp, $entry);
 				}
 				else
@@ -302,13 +317,13 @@ class acp_language
 					$name = (($this->language_directory) ? $this->language_directory . '_' : '') . $this->language_file;
 					$header = str_replace(array('{FILENAME}', '{LANG_NAME}', '{CHANGED}', '{AUTHOR}'), array($name, $row['lang_english_name'], date('Y-m-d', time()), $row['lang_author']), $this->language_file_header);
 
-					if (strpos($this->language_file, 'help_') === 0)
+					if ($language_file_type == 'help')
 					{
 						// Help File
 						$header .= '$help = array(' . "\n";
 						fwrite($fp, $header);
 
-						foreach ($_POST['entry'] as $key => $value)
+						foreach ($entry_value as $key => $value)
 						{
 							if (!is_array($value))
 							{
@@ -319,7 +334,7 @@ class acp_language
 
 							foreach ($value as $_key => $_value)
 							{
-								$entry .= "\t\t" . (int) $_key . "\t=> '" . $this->prepare_lang_entry($_value) . "',\n";
+								$entry .= "\t\t" . (int) $_key . "\t=> '" . $this->prepare_lang_entry(htmlspecialchars_decode($_value)) . "',\n";
 							}
 
 							$entry .= "\t),\n";
@@ -329,15 +344,15 @@ class acp_language
 						$footer = ");\n\n?>";
 						fwrite($fp, $footer);
 					}
-					else
+					else if ($language_file_type == 'normal')
 					{
 						// Language File
 						$header .= $this->lang_header;
 						fwrite($fp, $header);
 
-						foreach ($_POST['entry'] as $key => $value)
+						foreach ($entry_value as $key => $value)
 						{
-							$entry = $this->format_lang_array($key, $value);
+							$entry = $this->format_lang_array(htmlspecialchars_decode($key), htmlspecialchars_decode($value));
 							fwrite($fp, $entry);
 						}
 

phpBB/includes/acp/acp_logs.php

@@ -27,6 +27,7 @@ class acp_logs
 	{
 		global $db, $user, $auth, $template, $cache;
 		global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx;
+		global $request;
 
 		$user->add_lang('mcp');
 
@@ -35,8 +36,8 @@ class acp_logs
 		$forum_id	= request_var('f', 0);
 		$topic_id	= request_var('t', 0);
 		$start		= request_var('start', 0);
-		$deletemark = (!empty($_POST['delmarked'])) ? true : false;
+		$deletemark = $request->variable('delmarked', false, false, phpbb_request_interface::POST);
-		$deleteall	= (!empty($_POST['delall'])) ? true : false;
+		$deleteall	= $request->variable('delall', false, false, phpbb_request_interface::POST);
 		$marked		= request_var('mark', array(0));
 
 		// Sort keys

phpBB/includes/acp/acp_permissions.php

@@ -658,6 +658,7 @@ class acp_permissions
 	function set_permissions($mode, $permission_type, &$auth_admin, &$user_id, &$group_id)
 	{
 		global $user, $auth;
+		global $request;
 
 		$psubmit = request_var('psubmit', array(0 => array(0 => 0)));
 
@@ -676,18 +677,17 @@ class acp_permissions
 		list($ug_id, ) = each($psubmit);
 		list($forum_id, ) = each($psubmit[$ug_id]);
 
-		if (empty($_POST['setting']) || empty($_POST['setting'][$ug_id]) || empty($_POST['setting'][$ug_id][$forum_id]) || !is_array($_POST['setting'][$ug_id][$forum_id]))
+		$settings = $request->variable('setting', array(0 => array(0 => array('' => 0))), false, phpbb_request_interface::POST);
+		if (empty($settings) || empty($settings[$ug_id]) || empty($settings[$ug_id][$forum_id]))
 		{
 			trigger_error('WRONG_PERMISSION_SETTING_FORMAT', E_USER_WARNING);
 		}
 
-		// We obtain and check $_POST['setting'][$ug_id][$forum_id] directly and not using request_var() because request_var()
+		$auth_settings = $settings[$ug_id][$forum_id];
-		// currently does not support the amount of dimensions required. ;)
-		//		$auth_settings = request_var('setting', array(0 => array(0 => array('' => 0))));
-		$auth_settings = array_map('intval', $_POST['setting'][$ug_id][$forum_id]);
 
 		// Do we have a role we want to set?
-		$assigned_role = (isset($_POST['role'][$ug_id][$forum_id])) ? (int) $_POST['role'][$ug_id][$forum_id] : 0;
+		$roles = $request->variable('role', array(0 => array(0 => 0)), false, phpbb_request_interface::POST);
+		$assigned_role = (isset($roles[$ug_id][$forum_id])) ? (int) $roles[$ug_id][$forum_id] : 0;
 
 		// Do the admin want to set these permissions to other items too?
 		$inherit = request_var('inherit', array(0 => array(0)));
@@ -747,6 +747,7 @@ class acp_permissions
 	function set_all_permissions($mode, $permission_type, &$auth_admin, &$user_id, &$group_id)
 	{
 		global $user, $auth;
+		global $request;
 
 		// User or group to be set?
 		$ug_type = (sizeof($user_id)) ? 'user' : 'group';
@@ -757,8 +758,8 @@ class acp_permissions
 			trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);
 		}
 
-		$auth_settings = (isset($_POST['setting'])) ? $_POST['setting'] : array();
+		$auth_settings = $request->variable('setting', array(0 => array(0 => array('' => 0))), false, phpbb_request_interface::POST);
-		$auth_roles = (isset($_POST['role'])) ? $_POST['role'] : array();
+		$auth_roles = $request->variable('role', array(0 => array(0 => 0)), false, phpbb_request_interface::POST);
 		$ug_ids = $forum_ids = array();
 
 		// We need to go through the auth settings

phpBB/includes/acp/acp_profile.php

@@ -30,6 +30,7 @@ class acp_profile
 	{
 		global $config, $db, $user, $auth, $template, $cache;
 		global $phpbb_root_path, $phpbb_admin_path, $phpEx, $table_prefix;
+		global $request;
 
 		include($phpbb_root_path . 'includes/functions_posting.' . $phpEx);
 		include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
@@ -487,7 +488,8 @@ class acp_profile
 							$cp->vars['field_default_value_day'] = $now['mday'];
 							$cp->vars['field_default_value_month'] = $now['mon'];
 							$cp->vars['field_default_value_year'] = $now['year'];
-							$var = $_POST['field_default_value'] = 'now';
+							$var = 'now';
+							$request->overwrite('field_default_value', $var, phpbb_request_interface::POST);
 						}
 						else
 						{
@@ -496,7 +498,8 @@ class acp_profile
 								$cp->vars['field_default_value_day'] = request_var('field_default_value_day', 0);
 								$cp->vars['field_default_value_month'] = request_var('field_default_value_month', 0);
 								$cp->vars['field_default_value_year'] = request_var('field_default_value_year', 0);
-								$var = $_POST['field_default_value'] = sprintf('%2d-%2d-%4d', $cp->vars['field_default_value_day'], $cp->vars['field_default_value_month'], $cp->vars['field_default_value_year']);
+								$var = sprintf('%2d-%2d-%4d', $cp->vars['field_default_value_day'], $cp->vars['field_default_value_month'], $cp->vars['field_default_value_year']);
+								$request->overwrite('field_default_value', $var, phpbb_request_interface::POST);
 							}
 							else
 							{
@@ -688,7 +691,7 @@ class acp_profile
 							}
 							else
 							{
-								$_new_key_ary[$key] = (is_array($_REQUEST[$key])) ? utf8_normalize_nfc(request_var($key, array(''), true)) : utf8_normalize_nfc(request_var($key, '', true));
+								$_new_key_ary[$key] = ($field_type == FIELD_BOOL && $key == 'lang_options') ? utf8_normalize_nfc(request_var($key, array(''), true)) : utf8_normalize_nfc(request_var($key, '', true));
 							}
 						}
 					}

phpBB/includes/db/dbal.php

@@ -711,8 +711,9 @@ class dbal
 	function sql_report($mode, $query = '')
 	{
 		global $cache, $starttime, $phpbb_root_path, $user;
+		global $request;
 
-		if (empty($_REQUEST['explain']))
+		if (!$request->variable('explain', false))
 		{
 			return false;
 		}

phpBB/includes/functions.php

@@ -18,122 +18,62 @@ if (!defined('IN_PHPBB'))
 
 // Common global functions
 
-/**
-* set_var
-*
-* Set variable, used by {@link request_var the request_var function}
-*
-* @access private
-*/
 function set_var(&$result, $var, $type, $multibyte = false)
 {
-	settype($var, $type);
+	// no need for dependency injection here, if you have the object, call the method yourself!
-	$result = $var;
+	$type_cast_helper = new phpbb_request_type_cast_helper();
-
+	$type_cast_helper->set_var($result, $var, $type, $multibyte);
-	if ($type == 'string')
-	{
-		$result = trim(htmlspecialchars(str_replace(array("\r\n", "\r", "\0"), array("\n", "\n", ''), $result), ENT_COMPAT, 'UTF-8'));
-
-		if (!empty($result))
-		{
-			// Make sure multibyte characters are wellformed
-			if ($multibyte)
-			{
-				if (!preg_match('/^./u', $result))
-				{
-					$result = '';
-				}
-			}
-			else
-			{
-				// no multibyte, allow only ASCII (0-127)
-				$result = preg_replace('/[\x80-\xFF]/', '?', $result);
-			}
-		}
-
-		$result = (STRIP) ? stripslashes($result) : $result;
-	}
 }
 
 /**
-* request_var
+* Wrapper function of phpbb_request::variable which exists for backwards compatability.
+* See {@link phpbb_request_interface::variable phpbb_request_interface::variable} for
+* documentation of this function's use.
 *
-* Used to get passed variable
+* @param	mixed			$var_name	The form variable's name from which data shall be retrieved.
+* 										If the value is an array this may be an array of indizes which will give
+* 										direct access to a value at any depth. E.g. if the value of "var" is array(1 => "a")
+* 										then specifying array("var", 1) as the name will return "a".
+* 										If you pass an instance of {@link phpbb_request_interface phpbb_request_interface}
+* 										as this parameter it will overwrite the current request class instance. If you do
+* 										not do so, it will create its own instance (but leave superglobals enabled).
+* @param	mixed			$default	A default value that is returned if the variable was not set.
+* 										This function will always return a value of the same type as the default.
+* @param	bool			$multibyte	If $default is a string this paramater has to be true if the variable may contain any UTF-8 characters
+*										Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks
+* @param	bool			$cookie		This param is mapped to phpbb_request_interface::COOKIE as the last param for
+* 										phpbb_request_interface::variable for backwards compatability reasons.
+*
+* @return	mixed	The value of $_REQUEST[$var_name] run through {@link set_var set_var} to ensure that the type is the
+* 					the same as that of $default. If the variable is not set $default is returned.
 */
-function request_var($var_name, $default, $multibyte = false, $cookie = false)
+function request_var($var_name, $default, $multibyte = false, $cookie = false, phpbb_request_interface $request = null)
 {
-	if (!$cookie && isset($_COOKIE[$var_name]))
+	// This is all just an ugly hack to add "Dependency Injection" to a function
-	{
+	// the only real code is the function call which maps this function to a method.
-		if (!isset($_GET[$var_name]) && !isset($_POST[$var_name]))
+	static $static_request = null;
-		{
-			return (is_array($default)) ? array() : $default;
-		}
-		$_REQUEST[$var_name] = isset($_POST[$var_name]) ? $_POST[$var_name] : $_GET[$var_name];
-	}
 
-	$super_global = ($cookie) ? '_COOKIE' : '_REQUEST';
+	if ($request instanceof phpbb_request_interface)
-	if (!isset($GLOBALS[$super_global][$var_name]) || is_array($GLOBALS[$super_global][$var_name]) != is_array($default))
 	{
-		return (is_array($default)) ? array() : $default;
+		$static_request = $request;
-	}
 
-	$var = $GLOBALS[$super_global][$var_name];
+		if (empty($var_name))
-	if (!is_array($default))
-	{
-		$type = gettype($default);
-	}
-	else
-	{
-		list($key_type, $type) = each($default);
-		$type = gettype($type);
-		$key_type = gettype($key_type);
-		if ($type == 'array')
 		{
-			reset($default);
+			return;
-			$default = current($default);
-			list($sub_key_type, $sub_type) = each($default);
-			$sub_type = gettype($sub_type);
-			$sub_type = ($sub_type == 'array') ? 'NULL' : $sub_type;
-			$sub_key_type = gettype($sub_key_type);
 		}
 	}
 
-	if (is_array($var))
+	$tmp_request = $static_request;
-	{
-		$_var = $var;
-		$var = array();
 
-		foreach ($_var as $k => $v)
+	// no request class set, create a temporary one ourselves to keep backwards compatability
-		{
+	if ($tmp_request === null)
-			set_var($k, $k, $key_type);
-			if ($type == 'array' && is_array($v))
-			{
-				foreach ($v as $_k => $_v)
-				{
-					if (is_array($_v))
-					{
-						$_v = null;
-					}
-					set_var($_k, $_k, $sub_key_type, $multibyte);
-					set_var($var[$k][$_k], $_v, $sub_type, $multibyte);
-				}
-			}
-			else
-			{
-				if ($type == 'array' || is_array($v))
-				{
-					$v = null;
-				}
-				set_var($var[$k], $v, $type, $multibyte);
-			}
-		}
-	}
-	else
 	{
-		set_var($var, $var, $type, $multibyte);
+		// false param: enable super globals, so the created request class does not
+		// make super globals inaccessible everywhere outside this function.
+		$tmp_request = new phpbb_request(new phpbb_request_type_cast_helper(), false);
 	}
 
-	return $var;
+	return $tmp_request->variable($var_name, $default, $multibyte, ($cookie) ? phpbb_request_interface::COOKIE : phpbb_request_interface::REQUEST);
 }
 
 /**
@@ -2758,22 +2698,14 @@ function check_form_key($form_name, $timespan = false, $return_page = '', $trigg
 function confirm_box($check, $title = '', $hidden = '', $html_body = 'confirm_body.html', $u_action = '')
 {
 	global $user, $template, $db;
-	global $phpEx, $phpbb_root_path;
+	global $phpEx, $phpbb_root_path, $request;
 
 	if (isset($_POST['cancel']))
 	{
 		return false;
 	}
 
-	$confirm = false;
+	$confirm = ($user->lang['YES'] === $request->variable('confirm', '', true, phpbb_request_interface::POST));
-	if (isset($_POST['confirm']))
-	{
-		// language frontier
-		if ($_POST['confirm'] === $user->lang['YES'])
-		{
-			$confirm = true;
-		}
-	}
 
 	if ($check && $confirm)
 	{
@@ -2861,6 +2793,7 @@ function confirm_box($check, $title = '', $hidden = '', $html_body = 'confirm_bo
 function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = false, $s_display = true)
 {
 	global $db, $user, $template, $auth, $phpEx, $phpbb_root_path, $config;
+	global $request;
 
 	if (!class_exists('phpbb_captcha_factory', false))
 	{
@@ -2911,8 +2844,8 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
 		}
 
 		$username	= request_var('username', '', true);
-		$autologin	= (!empty($_POST['autologin'])) ? true : false;
+		$autologin	= $request->is_set_post('autologin');
-		$viewonline = (!empty($_POST['viewonline'])) ? 0 : 1;
+		$viewonline = (int) !$request->is_set_post('viewonline');
 		$admin 		= ($admin) ? 1 : 0;
 		$viewonline = ($admin) ? $user->data['session_viewonline'] : $viewonline;
 
@@ -4517,6 +4450,7 @@ function page_header($page_title = '', $display_online_list = true, $item_id = 0
 function page_footer($run_cron = true)
 {
 	global $db, $config, $template, $user, $auth, $cache, $starttime, $phpbb_root_path, $phpEx;
+	global $request;
 
 	// Output page creation time
 	if (defined('DEBUG'))
@@ -4524,7 +4458,7 @@ function page_footer($run_cron = true)
 		$mtime = explode(' ', microtime());
 		$totaltime = $mtime[0] + $mtime[1] - $starttime;
 
-		if (!empty($_REQUEST['explain']) && $auth->acl_get('a_') && defined('DEBUG_EXTRA') && method_exists($db, 'sql_report'))
+		if ($request->variable('explain', false) && $auth->acl_get('a_') && defined('DEBUG_EXTRA') && method_exists($db, 'sql_report'))
 		{
 			$db->sql_report('display');
 		}

phpBB/includes/functions_display.php

@@ -1062,6 +1062,7 @@ function display_user_activity(&$userdata)
 function watch_topic_forum($mode, &$s_watching, $user_id, $forum_id, $topic_id, $notify_status = 'unset', $start = 0)
 {
 	global $template, $db, $user, $phpEx, $start, $phpbb_root_path;
+	global $request;
 
 	$table_sql = ($mode == 'forum') ? FORUMS_WATCH_TABLE : TOPICS_WATCH_TABLE;
 	$where_sql = ($mode == 'forum') ? 'forum_id' : 'topic_id';
@@ -1098,7 +1099,7 @@ function watch_topic_forum($mode, &$s_watching, $user_id, $forum_id, $topic_id,
 					$message = $user->lang['ERR_UNWATCHING'] . '<br /><br />' . sprintf($user->lang['RETURN_' . strtoupper($mode)], '<a href="' . $redirect_url . '">', '</a>');
 					trigger_error($message);
 				}
-				if ($_GET['unwatch'] == $mode)
+				if ($request->variable('unwatch', '', false, phpbb_request_interface::GET) == $mode)
 				{
 					$is_watching = 0;
 
@@ -1136,7 +1137,7 @@ function watch_topic_forum($mode, &$s_watching, $user_id, $forum_id, $topic_id,
 				$token = request_var('hash', '');
 				$redirect_url = append_sid("{$phpbb_root_path}view$mode.$phpEx", "$u_url=$match_id&amp;start=$start");
 
-				if ($_GET['watch'] == $mode && check_link_hash($token, "{$mode}_$match_id"))
+				if ($request->variable('watch', '', false, phpbb_request_interface::GET) == $mode && check_link_hash($token, "{$mode}_$match_id"))
 				{
 					$is_watching = true;
 
@@ -1162,7 +1163,7 @@ function watch_topic_forum($mode, &$s_watching, $user_id, $forum_id, $topic_id,
 	}
 	else
 	{
-		if (isset($_GET['unwatch']) && $_GET['unwatch'] == $mode)
+		if ($request->variable('unwatch', '', false, phpbb_request_interface::GET) == $mode)
 		{
 			login_box();
 		}

phpBB/includes/functions_module.php

@@ -314,6 +314,7 @@ class p_master
 	function module_auth($module_auth, $forum_id = false)
 	{
 		global $auth, $config;
+		global $request;
 
 		$module_auth = trim($module_auth);
 
@@ -361,7 +362,7 @@ class p_master
 		$forum_id = ($forum_id === false) ? $this->acl_forum_id : $forum_id;
 
 		$is_auth = false;
-		eval('$is_auth = (int) (' . preg_replace(array('#acl_([a-z0-9_]+)(,\$id)?#', '#\$id#', '#aclf_([a-z0-9_]+)#', '#cfg_([a-z0-9_]+)#', '#request_([a-zA-Z0-9_]+)#'), array('(int) $auth->acl_get(\'\\1\'\\2)', '(int) $forum_id', '(int) $auth->acl_getf_global(\'\\1\')', '(int) $config[\'\\1\']', '!empty($_REQUEST[\'\\1\'])'), $module_auth) . ');');
+		eval('$is_auth = (int) (' . preg_replace(array('#acl_([a-z0-9_]+)(,\$id)?#', '#\$id#', '#aclf_([a-z0-9_]+)#', '#cfg_([a-z0-9_]+)#', '#request_([a-zA-Z0-9_]+)#'), array('(int) $auth->acl_get(\'\\1\'\\2)', '(int) $forum_id', '(int) $auth->acl_getf_global(\'\\1\')', '(int) $config[\'\\1\']', '$request->variable(\'\\1\', false)'), $module_auth) . ');');
 
 		return $is_auth;
 	}

phpBB/includes/functions_profile_fields.php

@@ -610,6 +610,7 @@ class custom_profile
 	function get_var($field_validation, &$profile_row, $default_value, $preview)
 	{
 		global $user;
+		global $request;
 
 		$profile_row['field_ident'] = (isset($profile_row['var_name'])) ? $profile_row['var_name'] : 'pf_' . $profile_row['field_ident'];
 		$user_ident = $profile_row['field_ident'];
@@ -622,7 +623,7 @@ class custom_profile
 		{
 			if (isset($_REQUEST[$profile_row['field_ident']]))
 			{
-				$value = ($_REQUEST[$profile_row['field_ident']] === '') ? NULL : request_var($profile_row['field_ident'], $default_value);
+				$value = ($request->variable($profile_row['field_ident'], '') === '') ? NULL : $request->variable($profile_row['field_ident'], $default_value);
 			}
 			else
 			{
@@ -894,6 +895,7 @@ class custom_profile
 	{
 		global $phpbb_root_path, $phpEx;
 		global $config;
+		global $request;
 
 		$var_name = 'pf_' . $profile_row['field_ident'];
 
@@ -938,7 +940,7 @@ class custom_profile
 			break;
 
 			case FIELD_INT:
-				if (isset($_REQUEST[$var_name]) && $_REQUEST[$var_name] === '')
+				if (isset($_REQUEST[$var_name]) && $request->variable($var_name, '') === '')
 				{
 					$var = NULL;
 				}

phpBB/includes/mcp/mcp_forum.php

@@ -23,6 +23,7 @@ function mcp_forum_view($id, $mode, $action, $forum_info)
 {
 	global $template, $db, $user, $auth, $cache, $module;
 	global $phpEx, $phpbb_root_path, $config;
+	global $request;
 
 	$user->add_lang(array('viewtopic', 'viewforum'));
 
@@ -34,7 +35,10 @@ function mcp_forum_view($id, $mode, $action, $forum_info)
 	if ($merge_select)
 	{
 		// Fixes a "bug" that makes forum_view use the same ordering as topic_view
-		unset($_POST['sk'], $_POST['sd'], $_REQUEST['sk'], $_REQUEST['sd']);
+		$request->overwrite('sk', null);
+		$request->overwrite('sd', null);
+		$request->overwrite('sk', null, phpbb_request_interface::POST);
+		$request->overwrite('sd', null, phpbb_request_interface::POST);
 	}
 
 	$forum_id			= $forum_info['forum_id'];

phpBB/includes/mcp/mcp_main.php

@@ -532,6 +532,7 @@ function mcp_move_topic($topic_ids)
 {
 	global $auth, $user, $db, $template;
 	global $phpEx, $phpbb_root_path;
+	global $request;
 
 	// Here we limit the operation to one forum only
 	$forum_id = check_ids($topic_ids, TOPICS_TABLE, 'topic_id', array('m_move'), true);
@@ -585,8 +586,8 @@ function mcp_move_topic($topic_ids)
 
 	if (!$to_forum_id || $additional_msg)
 	{
-		unset($_POST['confirm']);
+		$request->overwrite('confirm', null, phpbb_request_interface::POST);
-		unset($_REQUEST['confirm_key']);
+		$request->overwrite('confirm_key', null);
 	}
 
 	if (confirm_box(true))
@@ -1037,8 +1038,8 @@ function mcp_fork_topic($topic_ids)
 
 	if ($additional_msg)
 	{
-		unset($_POST['confirm']);
+		$request->overwrite('confirm', null, phpbb_request_interface::POST);
-		unset($_REQUEST['confirm_key']);
+		$request->overwrite('confirm_key', null);
 	}
 
 	if (confirm_box(true))

phpBB/includes/mcp/mcp_queue.php

@@ -744,6 +744,7 @@ function disapprove_post($post_id_list, $id, $mode)
 {
 	global $db, $template, $user, $config;
 	global $phpEx, $phpbb_root_path;
+	global $request;
 
 	if (!check_ids($post_id_list, POSTS_TABLE, 'post_id', array('m_approve')))
 	{
@@ -778,7 +779,7 @@ function disapprove_post($post_id_list, $id, $mode)
 		if (!$row || (!$reason && strtolower($row['reason_title']) == 'other'))
 		{
 			$additional_msg = $user->lang['NO_REASON_DISAPPROVAL'];
-			unset($_POST['confirm']);
+			$request->overwrite('confirm', null, phpbb_request_interface::POST);
 		}
 		else
 		{

phpBB/includes/message_parser.php

@@ -1532,9 +1532,10 @@ class parse_message extends bbcode_firstpass
 	function get_submitted_attachment_data($check_user_id = false)
 	{
 		global $user, $db, $phpbb_root_path, $phpEx, $config;
+		global $request;
 
 		$this->filename_data['filecomment'] = utf8_normalize_nfc(request_var('filecomment', '', true));
-		$attachment_data = (isset($_POST['attachment_data'])) ? $_POST['attachment_data'] : array();
+		$attachment_data = $request->variable('attachment_data', array(0 => array('' => '')), true, phpbb_request_interface::POST);
 		$this->attachment_data = array();
 
 		$check_user_id = ($check_user_id === false) ? $user->data['user_id'] : $check_user_id;
@@ -1572,7 +1573,7 @@ class parse_message extends bbcode_firstpass
 			{
 				$pos = $not_orphan[$row['attach_id']];
 				$this->attachment_data[$pos] = $row;
-				set_var($this->attachment_data[$pos]['attach_comment'], $_POST['attachment_data'][$pos]['attach_comment'], 'string', true);
+				$this->attachment_data[$pos]['attach_comment'] = $attachment_data[$pos]['attach_comment'];
 
 				unset($not_orphan[$row['attach_id']]);
 			}
@@ -1598,7 +1599,7 @@ class parse_message extends bbcode_firstpass
 			{
 				$pos = $orphan[$row['attach_id']];
 				$this->attachment_data[$pos] = $row;
-				set_var($this->attachment_data[$pos]['attach_comment'], $_POST['attachment_data'][$pos]['attach_comment'], 'string', true);
+				$this->attachment_data[$pos]['attach_comment'] = $attachment_data[$pos]['attach_comment'];
 
 				unset($orphan[$row['attach_id']]);
 			}

phpBB/includes/request/deactivated_super_global.php

@@ -0,0 +1,121 @@
+<?php
+/**
+*
+* @package phpbb_request
+* @copyright (c) 2010 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
+*
+*/
+
+/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
+/**
+* Replacement for a superglobal (like $_GET or $_POST) which calls
+* trigger_error on all operations but isset, overloads the [] operator with SPL.
+*
+* @package phpbb_request
+*/
+class phpbb_request_deactivated_super_global implements ArrayAccess, Countable, IteratorAggregate
+{
+	/**
+	* @var	string	Holds the name of the superglobal this is replacing.
+	*/
+	private $name;
+
+	/**
+	* @var	phpbb_request_interface::POST|GET|REQUEST|COOKIE	Super global constant.
+	*/
+	private $super_global;
+
+	/**
+	* @var	phpbb_request_interface	The request class instance holding the actual request data.
+	*/
+	private $request;
+
+	/**
+	* Constructor generates an error message fitting the super global to be used within the other functions.
+	*
+	* @param	phpbb_request_interface	$request	A request class instance holding the real super global data.
+	* @param	string					$name		Name of the super global this is a replacement for - e.g. '_GET'.
+	* @param	phpbb_request_interface::POST|GET|REQUEST|COOKIE	$super_global	The variable's super global constant.
+	*/
+	public function __construct(phpbb_request_interface $request, $name, $super_global)
+	{
+		$this->request = $request;
+		$this->name = $name;
+		$this->super_global = $super_global;
+	}
+
+	/**
+	* Calls trigger_error with the file and line number the super global was used in.
+	*/
+	private function error()
+	{
+		$file = '';
+		$line = 0;
+
+		$message = 'Illegal use of $' . $this->name . '. You must use the request class or request_var() to access input data. Found in %s on line %d. This error message was generated';
+
+		$backtrace = debug_backtrace();
+		if (isset($backtrace[1]))
+		{
+			$file = $backtrace[1]['file'];
+			$line = $backtrace[1]['line'];
+		}
+		trigger_error(sprintf($message, $file, $line), E_USER_ERROR);
+	}
+
+	/**
+	* Redirects isset to the correct request class call.
+	*
+	* @param	string	$offset	The key of the super global being accessed.
+	*
+	* @return	bool	Whether the key on the super global exists.
+	*/
+	public function offsetExists($offset)
+	{
+		return $this->request->is_set($offset, $this->super_global);
+	}
+
+	/**#@+
+	* Part of the ArrayAccess implementation, will always result in a FATAL error.
+	*/
+	public function offsetGet($offset)
+	{
+		$this->error();
+	}
+
+	public function offsetSet($offset, $value)
+	{
+		$this->error();
+	}
+
+	public function offsetUnset($offset)
+	{
+		$this->error();
+	}
+	/**#@-*/
+
+	/**
+	* Part of the Countable implementation, will always result in a FATAL error
+	*/
+	public function count()
+	{
+		$this->error();
+	}
+
+	/**
+	* Part of the Traversable/IteratorAggregate implementation, will always result in a FATAL error
+	*/
+	public function getIterator()
+	{
+		$this->error();
+	}
+}
+

phpBB/includes/request/interface.php

@@ -0,0 +1,103 @@
+<?php
+/**
+*
+* @package phpbb_request
+* @copyright (c) 2010 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
+*
+*/
+
+/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
+/**
+* An interface through which all application input can be accessed.
+*
+* @package phpbb_request
+*/
+interface phpbb_request_interface
+{
+	/**#@+
+	* Constant identifying the super global with the same name.
+	*/
+	const POST = 0;
+	const GET = 1;
+	const REQUEST = 2;
+	const COOKIE = 3;
+	/**#@-*/
+
+	/**
+	* This function allows overwriting or setting a value in one of the super global arrays.
+	*
+	* Changes which are performed on the super globals directly will not have any effect on the results of
+	* other methods this class provides. Using this function should be avoided if possible! It will
+	* consume twice the the amount of memory of the value
+	*
+	* @param	string	$var_name	The name of the variable that shall be overwritten
+	* @param	mixed	$value		The value which the variable shall contain.
+	* 								If this is null the variable will be unset.
+	* @param	phpbb_request_interface::POST|GET|REQUEST|COOKIE	$super_global
+	* 								Specifies which super global shall be changed
+	*/
+	public function overwrite($var_name, $value, $super_global = phpbb_request_interface::REQUEST);
+
+	/**
+	* Central type safe input handling function.
+	* All variables in GET or POST requests should be retrieved through this function to maximise security.
+	*
+	* @param	string|array	$var_name	The form variable's name from which data shall be retrieved.
+	* 										If the value is an array this may be an array of indizes which will give
+	* 										direct access to a value at any depth. E.g. if the value of "var" is array(1 => "a")
+	* 										then specifying array("var", 1) as the name will return "a".
+	* @param	mixed			$default	A default value that is returned if the variable was not set.
+	* 										This function will always return a value of the same type as the default.
+	* @param	bool			$multibyte	If $default is a string this paramater has to be true if the variable may contain any UTF-8 characters
+	*										Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks
+	* @param	phpbb_request_interface::POST|GET|REQUEST|COOKIE	$super_global
+	* 										Specifies which super global should be used
+	*
+	* @return	mixed	The value of $_REQUEST[$var_name] run through {@link set_var set_var} to ensure that the type is the
+	*					the same as that of $default. If the variable is not set $default is returned.
+	*/
+	public function variable($var_name, $default, $multibyte = false, $super_global = phpbb_request_interface::REQUEST);
+
+	/**
+	* Checks whether a certain variable was sent via POST.
+	* To make sure that a request was sent using POST you should call this function
+	* on at least one variable.
+	*
+	* @param	string	$name	The name of the form variable which should have a
+	*							_p suffix to indicate the check in the code that creates the form too.
+	*
+	* @return	bool			True if the variable was set in a POST request, false otherwise.
+	*/
+	public function is_set_post($name);
+
+	/**
+	* Checks whether a certain variable is set in one of the super global
+	* arrays.
+	*
+	* @param	string	$var	Name of the variable
+	* @param	phpbb_request_interface::POST|GET|REQUEST|COOKIE	$super_global
+	*							Specifies the super global which shall be checked
+	*
+	* @return	bool			True if the variable was sent as input
+	*/
+	public function is_set($var, $super_global = phpbb_request_interface::REQUEST);
+
+	/**
+	* Returns all variable names for a given super global
+	*
+	* @param	phpbb_request_interface::POST|GET|REQUEST|COOKIE	$super_global
+	*					The super global from which names shall be taken
+	*
+	* @return	array	All variable names that are set for the super global.
+	*					Pay attention when using these, they are unsanitised!
+	*/
+	public function variable_names($super_global = phpbb_request_interface::REQUEST);
+}

phpBB/includes/request/request.php

@@ -0,0 +1,292 @@
+<?php
+/**
+*
+* @package phpbb_request
+* @copyright (c) 2010 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
+*
+*/
+
+/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
+/**
+* All application input is accessed through this class.
+*
+* It provides a method to disable access to input data through super globals.
+* This should force MOD authors to read about data validation.
+*
+* @package phpbb_request
+*/
+class phpbb_request implements phpbb_request_interface
+{
+	/**
+	* @var	array	The names of super global variables that this class should protect if super globals are disabled.
+	*/
+	protected $super_globals = array(
+		phpbb_request_interface::POST => '_POST',
+		phpbb_request_interface::GET => '_GET',
+		phpbb_request_interface::REQUEST => '_REQUEST',
+		phpbb_request_interface::COOKIE => '_COOKIE'
+	);
+
+	/**
+	* @var	array	Stores original contents of $_REQUEST array.
+	*/
+	protected $original_request = null;
+
+	/**
+	* @var
+	*/
+	protected $super_globals_disabled = false;
+
+	/**
+	* @var	array	An associative array that has the value of super global constants as keys and holds their data as values.
+	*/
+	protected $input;
+
+	/**
+	* @var	phpbb_request_type_cast_helper_interface	An instance of a type cast helper providing convenience methods for type conversions.
+	*/
+	protected $type_cast_helper;
+
+	/**
+	* Initialises the request class, that means it stores all input data in {@link $input input}
+	* and then calls {@link phpbb_request_deactivated_super_global phpbb_request_deactivated_super_global}
+	*/
+	public function __construct(phpbb_request_type_cast_helper_interface $type_cast_helper = null, $disable_super_globals = true)
+	{
+		if ($type_cast_helper)
+		{
+			$this->type_cast_helper = $type_cast_helper;
+		}
+		else
+		{
+			$this->type_cast_helper = new phpbb_request_type_cast_helper();
+		}
+
+		foreach ($this->super_globals as $const => $super_global)
+		{
+			$this->input[$const] = isset($GLOBALS[$super_global]) ? $GLOBALS[$super_global] : array();
+		}
+
+		// simulate request_order = GP
+		$this->original_request = $this->input[phpbb_request_interface::REQUEST];
+		$this->input[phpbb_request_interface::REQUEST] = $this->input[phpbb_request_interface::POST] + $this->input[phpbb_request_interface::GET];
+
+		if ($disable_super_globals)
+		{
+			$this->disable_super_globals();
+		}
+	}
+
+	/**
+	* Getter for $super_globals_disabled
+	*
+	* @return	bool	Whether super globals are disabled or not.
+	*/
+	public function super_globals_disabled()
+	{
+		return $this->super_globals_disabled;
+	}
+
+	/**
+	* Disables access of super globals specified in $super_globals.
+	* This is achieved by overwriting the super globals with instances of {@link phpbb_request_deactivated_super_global phpbb_request_deactivated_super_global}
+	*/
+	public function disable_super_globals()
+	{
+		if (!$this->super_globals_disabled)
+		{
+			foreach ($this->super_globals as $const => $super_global)
+			{
+				unset($GLOBALS[$super_global]);
+				$GLOBALS[$super_global] = new phpbb_request_deactivated_super_global($this, $super_global, $const);
+			}
+
+			$this->super_globals_disabled = true;
+		}
+	}
+
+	/**
+	* Enables access of super globals specified in $super_globals if they were disabled by {@link disable_super_globals disable_super_globals}.
+	* This is achieved by making the super globals point to the data stored within this class in {@link $input input}.
+	*/
+	public function enable_super_globals()
+	{
+		if ($this->super_globals_disabled)
+		{
+			foreach ($this->super_globals as $const => $super_global)
+			{
+				$GLOBALS[$super_global] = $this->input[$const];
+			}
+
+			$GLOBALS['_REQUEST'] = $this->original_request;
+
+			$this->super_globals_disabled = false;
+		}
+	}
+
+	/**
+	* This function allows overwriting or setting a value in one of the super global arrays.
+	*
+	* Changes which are performed on the super globals directly will not have any effect on the results of
+	* other methods this class provides. Using this function should be avoided if possible! It will
+	* consume twice the the amount of memory of the value
+	*
+	* @param	string	$var_name	The name of the variable that shall be overwritten
+	* @param	mixed	$value		The value which the variable shall contain.
+	* 								If this is null the variable will be unset.
+	* @param	phpbb_request_interface::POST|GET|REQUEST|COOKIE	$super_global
+	* 								Specifies which super global shall be changed
+	*/
+	public function overwrite($var_name, $value, $super_global = phpbb_request_interface::REQUEST)
+	{
+		if (!isset($this->super_globals[$super_global]))
+		{
+			return;
+		}
+
+		$this->type_cast_helper->add_magic_quotes($value);
+
+		// setting to null means unsetting
+		if ($value === null)
+		{
+			unset($this->input[$super_global][$var_name]);
+			if (!$this->super_globals_disabled())
+			{
+				unset($GLOBALS[$this->super_globals[$super_global]][$var_name]);
+			}
+		}
+		else
+		{
+			$this->input[$super_global][$var_name] = $value;
+			if (!$this->super_globals_disabled())
+			{
+				$GLOBALS[$this->super_globals[$super_global]][$var_name] = $value;
+			}
+		}
+
+		if (!$this->super_globals_disabled())
+		{
+			unset($GLOBALS[$this->super_globals[$super_global]][$var_name]);
+			$GLOBALS[$this->super_globals[$super_global]][$var_name] = $value;
+		}
+	}
+
+	/**
+	* Central type safe input handling function.
+	* All variables in GET or POST requests should be retrieved through this function to maximise security.
+	*
+	* @param	string|array	$var_name	The form variable's name from which data shall be retrieved.
+	* 										If the value is an array this may be an array of indizes which will give
+	* 										direct access to a value at any depth. E.g. if the value of "var" is array(1 => "a")
+	* 										then specifying array("var", 1) as the name will return "a".
+	* @param	mixed			$default	A default value that is returned if the variable was not set.
+	* 										This function will always return a value of the same type as the default.
+	* @param	bool			$multibyte	If $default is a string this paramater has to be true if the variable may contain any UTF-8 characters
+	*										Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks
+	* @param	phpbb_request_interface::POST|GET|REQUEST|COOKIE	$super_global
+	* 										Specifies which super global should be used
+	*
+	* @return	mixed	The value of $_REQUEST[$var_name] run through {@link set_var set_var} to ensure that the type is the
+	*					the same as that of $default. If the variable is not set $default is returned.
+	*/
+	public function variable($var_name, $default, $multibyte = false, $super_global = phpbb_request_interface::REQUEST)
+	{
+		$path = false;
+
+		// deep direct access to multi dimensional arrays
+		if (is_array($var_name))
+		{
+			$path = $var_name;
+			// make sure at least the variable name is specified
+			if (empty($path))
+			{
+				return (is_array($default)) ? array() : $default;
+			}
+			// the variable name is the first element on the path
+			$var_name = array_shift($path);
+		}
+
+		if (!isset($this->input[$super_global][$var_name]))
+		{
+			return (is_array($default)) ? array() : $default;
+		}
+		$var = $this->input[$super_global][$var_name];
+
+		if ($path)
+		{
+			// walk through the array structure and find the element we are looking for
+			foreach ($path as $key)
+			{
+				if (is_array($var) && isset($var[$key]))
+				{
+					$var = $var[$key];
+				}
+				else
+				{
+					return (is_array($default)) ? array() : $default;
+				}
+			}
+		}
+
+		$this->type_cast_helper->recursive_set_var($var, $default, $multibyte);
+
+		return $var;
+	}
+
+	/**
+	* Checks whether a certain variable was sent via POST.
+	* To make sure that a request was sent using POST you should call this function
+	* on at least one variable.
+	*
+	* @param	string	$name	The name of the form variable which should have a
+	*							_p suffix to indicate the check in the code that creates the form too.
+	*
+	* @return	bool			True if the variable was set in a POST request, false otherwise.
+	*/
+	public function is_set_post($name)
+	{
+		return $this->is_set($name, phpbb_request_interface::POST);
+	}
+
+	/**
+	* Checks whether a certain variable is set in one of the super global
+	* arrays.
+	*
+	* @param	string	$var	Name of the variable
+	* @param	phpbb_request_interface::POST|GET|REQUEST|COOKIE	$super_global
+	*							Specifies the super global which shall be checked
+	*
+	* @return	bool			True if the variable was sent as input
+	*/
+	public function is_set($var, $super_global = phpbb_request_interface::REQUEST)
+	{
+		return isset($this->input[$super_global][$var]);
+	}
+
+	/**
+	* Returns all variable names for a given super global
+	*
+	* @param	phpbb_request_interface::POST|GET|REQUEST|COOKIE	$super_global
+	*					The super global from which names shall be taken
+	*
+	* @return	array	All variable names that are set for the super global.
+	*					Pay attention when using these, they are unsanitised!
+	*/
+	public function variable_names($super_global = phpbb_request_interface::REQUEST)
+	{
+		if (!isset($this->input[$super_global]))
+		{
+			return array();
+		}
+
+		return array_keys($this->input[$super_global]);
+	}
+}

phpBB/includes/request/type_cast_helper.php

@@ -0,0 +1,183 @@
+<?php
+/**
+*
+* @package phpbb_request
+* @copyright (c) 2010 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
+*
+*/
+
+/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
+/**
+* A helper class that provides convenience methods for type casting.
+*
+* @package phpbb_request
+*/
+class phpbb_request_type_cast_helper implements phpbb_request_type_cast_helper_interface
+{
+
+	/**
+	* @var	string	Whether slashes need to be stripped from input
+	*/
+	protected $strip;
+
+	/**
+	* Initialises the type cast helper class.
+	* All it does is find out whether magic quotes are turned on.
+	*/
+	public function __construct()
+	{
+		if (version_compare(PHP_VERSION, '6.0.0-dev', '>='))
+		{
+			$this->strip = false;
+		}
+		else
+		{
+			$this->strip = (@get_magic_quotes_gpc()) ? true : false;
+		}
+	}
+
+	/**
+	* Recursively applies addslashes to a variable.
+	*
+	* @param	mixed	&$var	Variable passed by reference to which slashes will be added.
+	*/
+	public function addslashes_recursively(&$var)
+	{
+		if (is_string($var))
+		{
+			$var = addslashes($var);
+		}
+		else if (is_array($var))
+		{
+			$var_copy = $var;
+			$var = array();
+			foreach ($var_copy as $key => $value)
+			{
+				if (is_string($key))
+				{
+					$key = addslashes($key);
+				}
+				$var[$key] = $value;
+
+				$this->addslashes_recursively($var[$key]);
+			}
+		}
+	}
+
+	/**
+	* Recursively applies addslashes to a variable if magic quotes are turned on.
+	*
+	* @param	mixed	&$var	Variable passed by reference to which slashes will be added.
+	*/
+	public function add_magic_quotes(&$var)
+	{
+		if ($this->strip)
+		{
+			$this->addslashes_recursively($var);
+		}
+	}
+
+	/**
+	* Set variable $result to a particular type.
+	*
+	* @param mixed	&$result	The variable to fill
+	* @param mixed	$var		The contents to fill with
+	* @param mixed	$type		The variable type. Will be used with {@link settype()}
+	* @param bool	$multibyte	Indicates whether string values may contain UTF-8 characters.
+	* 							Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks.
+	*/
+	public function set_var(&$result, $var, $type, $multibyte = false)
+	{
+		settype($var, $type);
+		$result = $var;
+
+		if ($type == 'string')
+		{
+			$result = trim(htmlspecialchars(str_replace(array("\r\n", "\r", "\0"), array("\n", "\n", ''), $result), ENT_COMPAT, 'UTF-8'));
+
+			if ($multibyte)
+			{
+				$result = utf8_normalize_nfc($result);
+			}
+
+			if (!empty($result))
+			{
+				// Make sure multibyte characters are wellformed
+				if ($multibyte)
+				{
+					if (!preg_match('/^./u', $result))
+					{
+						$result = '';
+					}
+				}
+				else
+				{
+					// no multibyte, allow only ASCII (0-127)
+					$result = preg_replace('/[\x80-\xFF]/', '?', $result);
+				}
+			}
+
+			$result = ($this->strip) ? stripslashes($result) : $result;
+		}
+	}
+
+	/**
+	* Recursively sets a variable to a given type using {@link set_var set_var}
+	*
+	* @param	string	$var		The value which shall be sanitised (passed by reference).
+	* @param	mixed	$default	Specifies the type $var shall have.
+	* 								If it is an array and $var is not one, then an empty array is returned.
+	* 								Otherwise var is cast to the same type, and if $default is an array all
+	* 								keys and values are cast recursively using this function too.
+	* @param	bool	$multibyte	Indicates whether string keys and values may contain UTF-8 characters.
+	* 								Default is false, causing all bytes outside the ASCII range (0-127) to
+	* 								be replaced with question marks.
+	*/
+	public function recursive_set_var(&$var, $default, $multibyte)
+	{
+		if (is_array($var) !== is_array($default))
+		{
+			$var = (is_array($default)) ? array() : $default;
+			return;
+		}
+
+		if (!is_array($default))
+		{
+			$type = gettype($default);
+			$this->set_var($var, $var, $type, $multibyte);
+		}
+		else
+		{
+			// make sure there is at least one key/value pair to use get the
+			// types from
+			if (empty($default))
+			{
+				$var = array();
+				return;
+			}
+
+			list($default_key, $default_value) = each($default);
+			$value_type = gettype($default_value);
+			$key_type = gettype($default_key);
+
+			$_var = $var;
+			$var = array();
+
+			foreach ($_var as $k => $v)
+			{
+				$this->set_var($k, $k, $key_type, $multibyte, $multibyte);
+
+				$this->recursive_set_var($v, $default_value, $multibyte);
+				$var[$k] = $v;
+			}
+		}
+	}
+}

phpBB/includes/request/type_cast_helper_interface.php

@@ -0,0 +1,63 @@
+<?php
+/**
+*
+* @package phpbb_request
+* @copyright (c) 2010 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
+*
+*/
+
+/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
+/**
+* An interface for type cast operations.
+*
+* @package phpbb_request
+*/
+interface phpbb_request_type_cast_helper_interface
+{
+	/**
+	* Recursively applies addslashes to a variable.
+	*
+	* @param	mixed	&$var	Variable passed by reference to which slashes will be added.
+	*/
+	public function addslashes_recursively(&$var);
+
+	/**
+	* Recursively applies addslashes to a variable if magic quotes are turned on.
+	*
+	* @param	mixed	&$var	Variable passed by reference to which slashes will be added.
+	*/
+	public function add_magic_quotes(&$var);
+
+	/**
+	* Set variable $result to a particular type.
+	*
+	* @param mixed	&$result	The variable to fill
+	* @param mixed	$var		The contents to fill with
+	* @param mixed	$type		The variable type. Will be used with {@link settype()}
+	* @param bool	$multibyte	Indicates whether string values may contain UTF-8 characters.
+	* 							Default is false, causing all bytes outside the ASCII range (0-127) to be replaced with question marks.
+	*/
+	public function set_var(&$result, $var, $type, $multibyte = false);
+
+	/**
+	* Recursively sets a variable to a given type using {@link set_var set_var}.
+	*
+	* @param	string	$var		The value which shall be sanitised (passed by reference).
+	* @param	mixed	$default	Specifies the type $var shall have.
+	* 								If it is an array and $var is not one, then an empty array is returned.
+	* 								Otherwise var is cast to the same type, and if $default is an array all
+	* 								keys and values are cast recursively using this function too.
+	* @param	bool	$multibyte	Indicates whether string keys and values may contain UTF-8 characters.
+	* 								Default is false, causing all bytes outside the ASCII range (0-127) to
+	* 								be replaced with question marks.
+	*/
+	public function recursive_set_var(&$var, $default, $multibyte);
+}

phpBB/includes/session.php

@@ -130,7 +130,7 @@ class session
 			'root_script_path'	=> str_replace(' ', '%20', htmlspecialchars($root_script_path)),
 
 			'page'				=> $page,
-			'forum'				=> (isset($_REQUEST['f']) && $_REQUEST['f'] > 0) ? (int) $_REQUEST['f'] : 0,
+			'forum'				=> request_var('f', 0),
 		);
 
 		return $page_array;
@@ -318,7 +318,7 @@ class session
 		}
 
 		// Is session_id is set or session_id is set and matches the url param if required
-		if (!empty($this->session_id) && (!defined('NEED_SID') || (isset($_GET['sid']) && $this->session_id === $_GET['sid'])))
+		if (!empty($this->session_id) && (!defined('NEED_SID') || (isset($_GET['sid']) && $this->session_id === request_var('sid', ''))))
 		{
 			$sql = 'SELECT u.*, s.*
 				FROM ' . SESSIONS_TABLE . ' s, ' . USERS_TABLE . " u
@@ -1591,11 +1591,12 @@ class user extends session
 		$this->add_lang($lang_set);
 		unset($lang_set);
 
-		if (!empty($_GET['style']) && $auth->acl_get('a_styles') && !defined('ADMIN_START'))
+		$style_request = request_var('style', 0);
+		if ($style_request && $auth->acl_get('a_styles') && !defined('ADMIN_START'))
 		{
 			global $SID, $_EXTRA_URL;
 
-			$style = request_var('style', 0);
+			$style = $style_request;
 			$SID .= '&style=' . $style;
 			$_EXTRA_URL = array('style=' . $style);
 		}

phpBB/includes/ucp/ucp_groups.php

@@ -28,14 +28,15 @@ class ucp_groups
 	{
 		global $config, $phpbb_root_path, $phpEx;
 		global $db, $user, $auth, $cache, $template;
+		global $request;
 
 		$user->add_lang('groups');
 
 		$return_page = '<br /><br />' . sprintf($user->lang['RETURN_PAGE'], '<a href="' . $this->u_action . '">', '</a>');
 
 		$mark_ary	= request_var('mark', array(0));
-		$submit		= (!empty($_POST['submit'])) ? true : false;
+		$submit		= $request->variable('submit', false, false, phpbb_request_interface::POST);
-		$delete		= (!empty($_POST['delete'])) ? true : false;
+		$delete		= $request->variable('delete', false, false, phpbb_request_interface::POST);
 		$error = $data = array();
 
 		switch ($mode)

phpBB/includes/ucp/ucp_main.php

@@ -34,6 +34,7 @@ class ucp_main
 	function main($id, $mode)
 	{
 		global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx;
+		global $request;
 
 		switch ($mode)
 		{
@@ -435,7 +436,7 @@ class ucp_main
 
 				$edit		= (isset($_REQUEST['edit'])) ? true : false;
 				$submit		= (isset($_POST['submit'])) ? true : false;
-				$draft_id	= ($edit) ? intval($_REQUEST['edit']) : 0;
+				$draft_id	= $request->variable('edit', 0);
 				$delete		= (isset($_POST['delete'])) ? true : false;
 
 				$s_hidden_fields = ($edit) ? '<input type="hidden" name="edit" value="' . $draft_id . '" />' : '';

phpBB/includes/ucp/ucp_pm_compose.php

@@ -24,6 +24,7 @@ function compose_pm($id, $mode, $action)
 {
 	global $template, $db, $auth, $user;
 	global $phpbb_root_path, $phpEx, $config;
+	global $request;
 
 	// Damn php and globals - i know, this is horrible
 	// Needed for handle_message_list_actions()
@@ -49,13 +50,7 @@ function compose_pm($id, $mode, $action)
 	// Reply to all triggered (quote/reply)
 	$reply_to_all	= request_var('reply_to_all', 0);
 
-	// Do NOT use request_var or specialchars here
+	$address_list	= $request->variable('address_list', array('' => array(0 => '')));
-	$address_list	= isset($_REQUEST['address_list']) ? $_REQUEST['address_list'] : array();
-
-	if (!is_array($address_list))
-	{
-		$address_list = array();
-	}
 
 	$submit		= (isset($_POST['post'])) ? true : false;
 	$preview	= (isset($_POST['preview'])) ? true : false;
@@ -1029,7 +1024,7 @@ function compose_pm($id, $mode, $action)
 
 	$s_hidden_fields = '<input type="hidden" name="lastclick" value="' . $current_time . '" />';
 	$s_hidden_fields .= (isset($check_value)) ? '<input type="hidden" name="status_switch" value="' . $check_value . '" />' : '';
-	$s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '<input type="hidden" name="draft_loaded" value="' . ((isset($_REQUEST['draft_loaded'])) ? intval($_REQUEST['draft_loaded']) : $draft_id) . '" />' : '';
+	$s_hidden_fields .= ($draft_id || isset($_REQUEST['draft_loaded'])) ? '<input type="hidden" name="draft_loaded" value="' . ((isset($_REQUEST['draft_loaded'])) ? $request->variable('draft_loaded', 0) : $draft_id) . '" />' : '';
 
 	$form_enctype = (@ini_get('file_uploads') == '0' || strtolower(@ini_get('file_uploads')) == 'off' || !$config['allow_pm_attach'] || !$auth->acl_get('u_pm_attach')) ? '' : ' enctype="multipart/form-data"';
 
@@ -1105,11 +1100,12 @@ function compose_pm($id, $mode, $action)
 function handle_message_list_actions(&$address_list, &$error, $remove_u, $remove_g, $add_to, $add_bcc)
 {
 	global $auth, $db, $user;
+	global $request;
 
 	// Delete User [TO/BCC]
-	if ($remove_u && !empty($_REQUEST['remove_u']) && is_array($_REQUEST['remove_u']))
+	if ($remove_u && $request->variable('remove_u', array(0 => '')))
 	{
-		$remove_user_id = array_keys($_REQUEST['remove_u']);
+		$remove_user_id = array_keys($request->variable('remove_u', array(0 => '')));
 
 		if (isset($remove_user_id[0]))
 		{
@@ -1118,9 +1114,9 @@ function handle_message_list_actions(&$address_list, &$error, $remove_u, $remove
 	}
 
 	// Delete Group [TO/BCC]
-	if ($remove_g && !empty($_REQUEST['remove_g']) && is_array($_REQUEST['remove_g']))
+	if ($remove_g && $request->variable('remove_g', array(0 => '')))
 	{
-		$remove_group_id = array_keys($_REQUEST['remove_g']);
+		$remove_group_id = array_keys($request->variable('remove_g', array(0 => '')));
 
 		if (isset($remove_group_id[0]))
 		{
@@ -1188,7 +1184,7 @@ function handle_message_list_actions(&$address_list, &$error, $remove_u, $remove
 		}
 
 		// Add Friends if specified
-		$friend_list = (isset($_REQUEST['add_' . $type]) && is_array($_REQUEST['add_' . $type])) ? array_map('intval', array_keys($_REQUEST['add_' . $type])) : array();
+		$friend_list = array_keys($request->variable('add_' . $type, array(0)));
 		$user_id_ary = array_merge($user_id_ary, $friend_list);
 
 		foreach ($user_id_ary as $user_id)

phpBB/includes/ucp/ucp_pm_viewmessage.php

@@ -245,7 +245,7 @@ function view_message($id, $mode, $folder_id, $msg_id, $folder, $message_row)
 		}
 	}
 
-	if (!isset($_REQUEST['view']) || $_REQUEST['view'] != 'print')
+	if (!isset($_REQUEST['view']) || $request->variable('view', '') != 'print')
 	{
 		// Message History
 		if (message_history($msg_id, $user->data['user_id'], $message_row, $folder))

phpBB/includes/ucp/ucp_profile.php

@@ -30,12 +30,13 @@ class ucp_profile
 	function main($id, $mode)
 	{
 		global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx;
+		global $request;
 
 		$user->add_lang('posting');
 
-		$preview	= (!empty($_POST['preview'])) ? true : false;
+		$preview	= $request->variable('preview', false, false, phpbb_request_interface::POST);
-		$submit		= (!empty($_POST['submit'])) ? true : false;
+		$submit		= $request->variable('submit', false, false, phpbb_request_interface::POST);
-		$delete		= (!empty($_POST['delete'])) ? true : false;
+		$delete		= $request->variable('delete', false, false, phpbb_request_interface::POST);
 		$error = $data = array();
 		$s_hidden_fields = '';
 

phpBB/includes/ucp/ucp_register.php

@@ -28,6 +28,7 @@ class ucp_register
 	function main($id, $mode)
 	{
 		global $config, $db, $user, $auth, $template, $phpbb_root_path, $phpEx;
+		global $request;
 
 		//
 		if ($config['require_activation'] == USER_ACTIVATION_DISABLE)
@@ -37,9 +38,9 @@ class ucp_register
 
 		include($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);
 
-		$coppa			= (isset($_REQUEST['coppa'])) ? ((!empty($_REQUEST['coppa'])) ? 1 : 0) : false;
+		$coppa			= $request->is_set('coppa') ? (int) $request->variable('coppa', false) : false;
-		$agreed			= (!empty($_POST['agreed'])) ? 1 : 0;
+		$agreed			= (int) $request->variable('agreed', false);
-		$submit			= (isset($_POST['submit'])) ? true : false;
+		$submit			= $request->is_set_post('submit');
 		$change_lang	= request_var('change_lang', '');
 		$user_lang		= request_var('lang', $user->lang_name);
 
@@ -63,7 +64,7 @@ class ucp_register
 					$submit = false;
 
 					// Setting back agreed to let the user view the agreement in his/her language
-					$agreed = (empty($_GET['change_lang'])) ? 0 : $agreed;
+					$agreed = ($request->variable('change_lang', false)) ? 0 : $agreed;
 				}
 
 				$user->lang_name = $user_lang = $use_lang;

phpBB/install/database_update.php

@@ -60,6 +60,7 @@ if (!empty($load_extensions) && function_exists('dl'))
 }
 
 // Include files
+require($phpbb_root_path . 'includes/class_loader.' . $phpEx);
 require($phpbb_root_path . 'includes/acm/acm_' . $acm_type . '.' . $phpEx);
 require($phpbb_root_path . 'includes/cache.' . $phpEx);
 require($phpbb_root_path . 'includes/template.' . $phpEx);
@@ -92,10 +93,18 @@ else
 	define('STRIP', (get_magic_quotes_gpc()) ? true : false);
 }
 
-$user = new user();
 $cache = new cache();
+
+$class_loader = new phpbb_class_loader($phpbb_root_path, '.' . $phpEx, $cache);
+$class_loader->register();
+
+$request = new phpbb_request();
+$user = new user();
 $db = new $sql_db();
 
+// make sure request_var uses this request instance
+request_var('', 0, false, false, $request); // "dependency injection" for a function
+
 // Add own hook handler, if present. :o
 if (file_exists($phpbb_root_path . 'includes/hooks/index.' . $phpEx))
 {

phpBB/install/index.php

@@ -172,6 +172,11 @@ require($phpbb_root_path . 'includes/functions_install.' . $phpEx);
 $class_loader = new phpbb_class_loader($phpbb_root_path, '.' . $phpEx);
 $class_loader->register();
 
+$request = new phpbb_request();
+
+// make sure request_var uses this request instance
+request_var('', 0, false, false, $request); // "dependency injection" for a function
+
 // Try and load an appropriate language if required
 $language = basename(request_var('language', ''));
 

phpBB/install/install_convert.php

@@ -586,6 +586,7 @@ class install_convert extends module
 	{
 		global $template, $user, $phpbb_root_path, $phpEx, $db, $lang, $config, $cache;
 		global $convert, $convert_row, $message_parser, $skip_rows, $language;
+		global $request;
 
 		require($phpbb_root_path . 'config.' . $phpEx);
 		require($phpbb_root_path . 'includes/constants.' . $phpEx);
@@ -812,7 +813,7 @@ class install_convert extends module
 
 		if (!$current_table && !$skip_rows)
 		{
-			if (empty($_REQUEST['confirm']))
+			if (!$request->variable('confirm', false))
 			{
 				// If avatars / ranks / smilies folders are specified make sure they are writable
 				$bad_folders = array();
@@ -973,7 +974,7 @@ class install_convert extends module
 				));
 
 				return;
-			} // if (empty($_REQUEST['confirm']))
+			} // if (!$request->variable('confirm', false)))
 
 			$template->assign_block_vars('checks', array(
 				'S_LEGEND'		=> true,

phpBB/install/install_update.php

@@ -73,6 +73,7 @@ class install_update extends module
 	function main($mode, $sub)
 	{
 		global $template, $phpEx, $phpbb_root_path, $user, $db, $config, $cache, $auth, $language;
+		global $request;
 
 		$this->tpl_name = 'install_update';
 		$this->page_title = 'UPDATE_INSTALLATION';
@@ -251,7 +252,7 @@ class install_update extends module
 		$this->include_file('includes/diff/renderer.' . $phpEx);
 
 		// Make sure we stay at the file check if checking the files again
-		if (!empty($_POST['check_again']))
+		if ($request->variable('check_again', false, false, phpbb_request_interface::POST))
 		{
 			$sub = $this->p_master->sub = 'file_check';
 		}
@@ -358,7 +359,7 @@ class install_update extends module
 				$action = request_var('action', '');
 
 				// We are directly within an update. To make sure our update list is correct we check its status.
-				$update_list = (!empty($_POST['check_again'])) ? false : $cache->get('_update_list');
+				$update_list = ($request->variable('check_again', false, false, phpbb_request_interface::POST)) ? false : $cache->get('_update_list');
 				$modified = ($update_list !== false) ? @filemtime($cache->cache_dir . 'data_update_list.' . $phpEx) : 0;
 
 				// Make sure the list is up-to-date
@@ -714,7 +715,7 @@ class install_update extends module
 							{
 								$cache->put('_diff_files', $file_list);
 
-								if (!empty($_REQUEST['download']))
+								if ($request->variable('download', false))
 								{
 									$params[] = 'download=1';
 								}
@@ -829,7 +830,7 @@ class install_update extends module
 				$file_list['status'] = -1;
 				$cache->put('_diff_files', $file_list);
 
-				if (!empty($_REQUEST['download']))
+				if ($request->variable('download', false))
 				{
 					$this->include_file('includes/functions_compress.' . $phpEx);
 
@@ -963,7 +964,7 @@ class install_update extends module
 								'DATA'		=> $data,
 								'NAME'		=> $user->lang[strtoupper($method . '_' . $data)],
 								'EXPLAIN'	=> $user->lang[strtoupper($method . '_' . $data) . '_EXPLAIN'],
-								'DEFAULT'	=> (!empty($_REQUEST[$data])) ? request_var($data, '') : $default
+								'DEFAULT'	=> $request->variable($data, (string) $default),
 							));
 						}
 

phpBB/mcp.php

@@ -31,15 +31,8 @@ $template->assign_var('S_IN_MCP', true);
 // Basic parameter data
 $id = request_var('i', '');
 
-if (isset($_REQUEST['mode']) && is_array($_REQUEST['mode']))
+$mode = request_var('mode', array(''));
-{
+$mode = sizeof($mode) ? array_shift($mode) : request_var('mode', '');
-	$mode = request_var('mode', array(''));
-	list($mode, ) = each($mode);
-}
-else
-{
-	$mode = request_var('mode', '');
-}
 
 // Only Moderators can go beyond this point
 if (!$user->data['is_registered'])
@@ -57,7 +50,7 @@ $action = request_var('action', '');
 $action_ary = request_var('action', array('' => 0));
 
 $forum_action = request_var('forum_action', '');
-if ($forum_action !== '' && !empty($_POST['sort']))
+if ($forum_action !== '' && $request->variable('sort', false, false, phpbb_request_interface::POST))
 {
 	$action = $forum_action;
 }
@@ -174,7 +167,7 @@ if ($quickmod)
 			// Reset start parameter if we jumped from the quickmod dropdown
 			if (request_var('start', 0))
 			{
-				$_REQUEST['start'] = 0;
+				$request->overwrite('start', 0);
 			}
 
 			$module->set_active('logs', 'topic_logs');

phpBB/memberlist.php

@@ -1015,7 +1015,7 @@ switch ($mode)
 		// We validate form and field here, only id/class allowed
 		$form = (!preg_match('/^[a-z0-9_-]+$/i', $form)) ? '' : $form;
 		$field = (!preg_match('/^[a-z0-9_-]+$/i', $field)) ? '' : $field;
-		if (($mode == 'searchuser' || sizeof(array_intersect(array_keys($_GET), $search_params)) > 0) && ($config['load_search'] || $auth->acl_get('a_')))
+		if (($mode == 'searchuser' || sizeof(array_intersect($request->variable_names(phpbb_request_interface::GET), $search_params)) > 0) && ($config['load_search'] || $auth->acl_get('a_')))
 		{
 			$username	= request_var('username', '', true);
 			$email		= strtolower(request_var('email', ''));

phpBB/posting.php

@@ -663,7 +663,7 @@ if ($submit || $preview || $refresh)
 	$message_parser->message		= utf8_normalize_nfc(request_var('message', '', true));
 
 	$post_data['username']			= utf8_normalize_nfc(request_var('username', $post_data['username'], true));
-	$post_data['post_edit_reason']	= (!empty($_POST['edit_reason']) && $mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? utf8_normalize_nfc(request_var('edit_reason', '', true)) : '';
+	$post_data['post_edit_reason']	= ($request->variable('edit_reason', false, false, phpbb_request_interface::POST) && $mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? utf8_normalize_nfc(request_var('edit_reason', '', true)) : '';
 
 	$post_data['orig_topic_type']	= $post_data['topic_type'];
 	$post_data['topic_type']		= request_var('topic_type', (($mode != 'post') ? (int) $post_data['topic_type'] : POST_NORMAL));

phpBB/style.php

@@ -45,6 +45,7 @@ if (!empty($load_extensions) && function_exists('dl'))
 	}
 }
 
+// no $request here because it is not loaded yet
 $id = (isset($_GET['id'])) ? intval($_GET['id']) : 0;
 
 // This is a simple script to grab and output the requested CSS data stored in the DB
@@ -55,15 +56,24 @@ $id = (isset($_GET['id'])) ? intval($_GET['id']) : 0;
 if ($id)
 {
 	// Include files
+	require($phpbb_root_path . 'includes/class_loader.' . $phpEx);
 	require($phpbb_root_path . 'includes/acm/acm_' . $acm_type . '.' . $phpEx);
 	require($phpbb_root_path . 'includes/cache.' . $phpEx);
 	require($phpbb_root_path . 'includes/db/' . $dbms . '.' . $phpEx);
 	require($phpbb_root_path . 'includes/constants.' . $phpEx);
 	require($phpbb_root_path . 'includes/functions.' . $phpEx);
 
-	$db = new $sql_db();
 	$cache = new cache();
 
+	$class_loader = new phpbb_class_loader($phpbb_root_path, '.' . $phpEx, $cache);
+	$class_loader->register();
+
+	$request	= new phpbb_request();
+	$db = new $sql_db();
+
+	// make sure request_var uses this request instance
+	request_var('', 0, false, false, $request); // "dependency injection" for a function
+
 	// Connect to DB
 	if (!@$db->sql_connect($dbhost, $dbuser, $dbpasswd, $dbname, $dbport, false, false))
 	{

phpBB/ucp.php

@@ -82,7 +82,7 @@ switch ($mode)
 	break;
 
 	case 'logout':
-		if ($user->data['user_id'] != ANONYMOUS && isset($_GET['sid']) && !is_array($_GET['sid']) && $_GET['sid'] === $user->session_id)
+		if ($user->data['user_id'] != ANONYMOUS && $request->is_set('sid') && $request->variable('sid', '') === $user->session_id)
 		{
 			$user->session_kill();
 			$user->session_begin();
@@ -141,8 +141,10 @@ switch ($mode)
 		{
 			$set_time = time() - 31536000;
 
-			foreach ($_COOKIE as $cookie_name => $cookie_data)
+			foreach ($request->variable_names(phpbb_request_interface::COOKIE) as $cookie_name)
 			{
+				$cookie_data = $request->variable($cookie_name, '', true, phpbb_request_interface::COOKIE);
+
 				// Only delete board cookies, no other ones...
 				if (strpos($cookie_name, $config['cookie_name'] . '_') !== 0)
 				{

phpBB/viewtopic.php

@@ -1732,15 +1732,15 @@ if ($s_can_vote || $s_quick_reply)
 // We overwrite $_REQUEST['f'] if there is no forum specified
 // to be able to display the correct online list.
 // One downside is that the user currently viewing this topic/post is not taken into account.
-if (empty($_REQUEST['f']))
+if (!request_var('f', 0))
 {
-	$_REQUEST['f'] = $forum_id;
+	$request->overwrite('f', $forum_id);
 }
 
 // We need to do the same with the topic_id. See #53025.
-if (empty($_REQUEST['t']) && !empty($topic_id))
+if (!request_var('t', 0) && !empty($topic_id))
 {
-	$_REQUEST['t'] = $topic_id;
+	$request->overwrite('t', $topic_id);
 }
 
 // Output the page

tests/request/all_tests.php

@@ -15,6 +15,9 @@ if (!defined('PHPUnit_MAIN_METHOD'))
 require_once 'test_framework/framework.php';
 require_once 'PHPUnit/TextUI/TestRunner.php';
 
+require_once 'request/type_cast_helper.php';
+require_once 'request/deactivated_super_global.php';
+require_once 'request/request.php';
 require_once 'request/request_var.php';
 
 class phpbb_request_all_tests
@@ -28,7 +31,10 @@ class phpbb_request_all_tests
 	{
 		$suite = new PHPUnit_Framework_TestSuite('phpBB Request Parameter Handling');
 
-		$suite->addTestSuite('phpbb_request_request_var_test');
+		$suite->addTestSuite('phpbb_type_cast_helper_test');
+		$suite->addTestSuite('phpbb_deactivated_super_global_test');
+		$suite->addTestSuite('phpbb_request_test');
+		$suite->addTestSuite('phpbb_request_var_test');
 
 		return $suite;
 	}

tests/request/deactivated_super_global.php

@@ -0,0 +1,26 @@
+<?php
+/**
+*
+* @package testing
+* @version $Id$
+* @copyright (c) 2009 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
+*
+*/
+
+require_once 'test_framework/framework.php';
+require_once '../phpBB/includes/request/interface.php';
+require_once '../phpBB/includes/request/deactivated_super_global.php';
+
+class phpbb_deactivated_super_global_test extends phpbb_test_case
+{
+	/**
+	* Checks that on write access the correct error is thrown
+	*/
+	public function test_write_triggers_error()
+	{
+		$this->setExpectedTriggerError(E_USER_ERROR);
+		$obj = new phpbb_request_deactivated_super_global($this->getMock('phpbb_request_interface'), 'obj', phpbb_request_interface::POST);
+		$obj->offsetSet(0, 0);
+	}
+}

tests/request/request.php

@@ -0,0 +1,83 @@
+<?php
+/**
+*
+* @package testing
+* @version $Id$
+* @copyright (c) 2009 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
+*
+*/
+
+require_once 'test_framework/framework.php';
+require_once '../phpBB/includes/request/type_cast_helper_interface.php';
+require_once '../phpBB/includes/request/interface.php';
+require_once '../phpBB/includes/request/deactivated_super_global.php';
+require_once '../phpBB/includes/request/request.php';
+
+class phpbb_request_test extends phpbb_test_case
+{
+	private $type_cast_helper;
+	private $request;
+
+	protected function setUp()
+	{
+		// populate super globals
+		$_POST['test'] = 1;
+		$_GET['test'] = 2;
+		$_COOKIE['test'] = 3;
+		$_REQUEST['test'] = 3;
+		$_GET['unset'] = '';
+
+		$this->type_cast_helper = $this->getMock('phpbb_request_type_cast_helper_interface');
+
+		$this->request = new phpbb_request($this->type_cast_helper);
+	}
+
+	public function test_toggle_super_globals()
+	{
+		$this->assertTrue($this->request->super_globals_disabled(), 'Superglobals were not disabled');
+
+		$this->request->enable_super_globals();
+
+		$this->assertFalse($this->request->super_globals_disabled(), 'Superglobals were not enabled');
+
+		$this->assertEquals(1, $_POST['test'], 'Checking $_POST after enable_super_globals');
+		$this->assertEquals(2, $_GET['test'], 'Checking $_GET after enable_super_globals');
+		$this->assertEquals(3, $_COOKIE['test'], 'Checking $_COOKIE after enable_super_globals');
+		$this->assertEquals(3, $_REQUEST['test'], 'Checking $_REQUEST after enable_super_globals');
+
+		$_POST['x'] = 2;
+		$this->assertEquals($_POST, $GLOBALS['_POST'], 'Checking whether $_POST can still be accessed via $GLOBALS[\'_POST\']');
+	}
+
+	/**
+	* Checks that directly accessing $_POST will trigger
+	* an error.
+	*/
+	public function test_disable_post_super_global()
+	{
+		$this->setExpectedTriggerError(E_USER_ERROR);
+		$_POST['test'] = 3;
+	}
+
+	public function test_is_set_post()
+	{
+		$this->assertTrue($this->request->is_set_post('test'));
+		$this->assertFalse($this->request->is_set_post('unset'));
+	}
+
+	public function test_variable_names()
+	{
+		$expected = array('test', 'unset');
+		$result = $this->request->variable_names();
+		$this->assertEquals($expected, $result);
+	}
+
+	/**
+	* Makes sure super globals work properly after these tests
+	*/
+	protected function tearDown()
+	{
+		$this->request->enable_super_globals();
+	}
+}

tests/request/request_class.php

@@ -1,74 +0,0 @@
-<?php
-/**
-*
-* @package testing
-* @version $Id$
-* @copyright (c) 2008 phpBB Group
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License
-*
-*/
-
-define('IN_PHPBB', true);
-
-require_once 'test_framework/framework.php';
-
-require_once '../phpBB/includes/functions.php';
-
-class phpbb_request_request_class_test extends phpbb_test_case
-{
-	protected function setUp()
-	{
-		$_POST['test'] = 1;
-		$_GET['test'] = 2;
-		$_COOKIE['test'] = 3;
-		$_REQUEST['test'] = 3;
-
-		// reread data from super globals
-		request::reset();
-	}
-
-	public function test_toggle_super_globals()
-	{
-		// toggle super globals
-		request::disable_super_globals();
-		request::enable_super_globals();
-
-		$this->assertEquals(1, $_POST['test'], 'Checking $_POST toggling via request::dis/enable_super_globals');
-		$this->assertEquals(2, $_GET['test'], 'Checking $_GET toggling via request::dis/enable_super_globals');
-		$this->assertEquals(3, $_COOKIE['test'], 'Checking $_COOKIE toggling via request::dis/enable_super_globals');
-		$this->assertEquals(3, $_REQUEST['test'], 'Checking $_REQUEST toggling via request::dis/enable_super_globals');
-
-		$_POST['x'] = 2;
-		$this->assertEquals($_POST, $GLOBALS['_POST'], 'Checking whether $_POST can still be accessed via $GLOBALS[\'_POST\']');
-	}
-
-	/**
-	* Checks that directly accessing $_POST will trigger
-	* an error.
-	*/
-	public function test_disable_post_super_global()
-	{
-		request::disable_super_globals();
-
-		$this->setExpectedTriggerError(E_USER_ERROR);
-		$_POST['test'] = 3;
-	}
-
-	public function test_is_set_post()
-	{
-		$_GET['unset'] = '';
-		request::reset();
-
-		$this->assertTrue(request::is_set_post('test'));
-		$this->assertFalse(request::is_set_post('unset'));
-	}
-
-	/**
-	* Makes sure super globals work properly after these tests
-	*/
-	protected function tearDown()
-	{
-		request::enable_super_globals();
-		request::reset();
-	}
-}

tests/request/request_var.php

@@ -8,9 +8,14 @@
 */
 
 require_once 'test_framework/framework.php';
+require_once '../phpBB/includes/request/type_cast_helper_interface.php';
+require_once '../phpBB/includes/request/type_cast_helper.php';
+require_once '../phpBB/includes/request/deactivated_super_global.php';
+require_once '../phpBB/includes/request/interface.php';
+require_once '../phpBB/includes/request/request.php';
 require_once '../phpBB/includes/functions.php';
 
-class phpbb_request_request_var_test extends phpbb_test_case
+class phpbb_request_var_test extends phpbb_test_case
 {
 	/**
 	* @dataProvider request_variables
@@ -76,11 +81,14 @@ class phpbb_request_request_var_test extends phpbb_test_case
 	/**
 	* @dataProvider deep_access
 	* Only possible with 3.1.x (later)
+	*/
 	public function test_deep_multi_dim_array_access($path, $default, $expected)
 	{
 		$this->unset_variables('var');
 
-		$_REQUEST['var'] = array(
+		// cannot set $_REQUEST directly because in phpbb_request implementation
+		// $_REQUEST = $_GET + $_POST
+		$_POST['var'] = array(
 			0 => array(
 				'b' => array(
 					true => array(
@@ -110,7 +118,6 @@ class phpbb_request_request_var_test extends phpbb_test_case
 			array(array('var', 0, 'b', true), array(0 => ''), array(5 => 'c', 6 => 'd')),
 		);
 	}
-*/
 
 	public static function request_variables()
 	{
@@ -212,7 +219,6 @@ class phpbb_request_request_var_test extends phpbb_test_case
 					'abc' => array()
 				)
 			),
-			/* 3-dimensional (not supported atm!
 			array(
 				// input:
 				array(
@@ -257,7 +263,6 @@ class phpbb_request_request_var_test extends phpbb_test_case
 					'ä' => array(4 => array('a' => 2, 'ö' => 3)),
 				)
 			),
-			*/
 		);
 	}
 

tests/request/type_cast_helper.php

@@ -0,0 +1,54 @@
+<?php
+/**
+*
+* @package testing
+* @version $Id$
+* @copyright (c) 2009 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
+*
+*/
+
+require_once 'test_framework/framework.php';
+require_once '../phpBB/includes/utf/utf_tools.php';
+require_once '../phpBB/includes/request/type_cast_helper_interface.php';
+require_once '../phpBB/includes/request/type_cast_helper.php';
+
+class phpbb_type_cast_helper_test extends phpbb_test_case
+{
+	private $type_cast_helper;
+
+	protected function setUp()
+	{
+		$this->type_cast_helper = new phpbb_request_type_cast_helper();
+	}
+
+	public function test_addslashes_recursively()
+	{
+		$data = array('some"string' => array('that"' => 'really"', 'needs"' => '"escaping'));
+		$expected = array('some\\"string' => array('that\\"' => 'really\\"', 'needs\\"' => '\\"escaping'));
+
+		$this->type_cast_helper->addslashes_recursively($data);
+
+		$this->assertEquals($expected, $data);
+	}
+
+	public function test_simple_recursive_set_var()
+	{
+		$data = 'eviL<3';
+		$expected = 'eviL&lt;3';
+
+		$this->type_cast_helper->recursive_set_var($data, '', true);
+
+		$this->assertEquals($expected, $data);
+	}
+
+	public function test_nested_recursive_set_var()
+	{
+		$data = array('eviL<3');
+		$expected = array('eviL&lt;3');
+
+		$this->type_cast_helper->recursive_set_var($data, array(0 => ''), true);
+
+		$this->assertEquals($expected, $data);
+	}
+}