Deleted POST, GET. REQUEST ...

delete.php

@@ -13,8 +13,9 @@ require PUN_ROOT.'include/common.php';
 if ($pun_user['g_read_board'] == '0')
 	message($lang_common['No view'], false, '403 Forbidden');
 
+$request = $container->get('Request');
 
-$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
+$id = $request->getInt('id', 0);
 if ($id < 1)
 	message($lang_common['Bad request'], false, '404 Not Found');
 
@@ -57,7 +58,7 @@ if (!$is_admmod && $pun_user['g_deledit_interval'] != 0 && (time()-$cur_post['po
 require PUN_ROOT.'lang/'.$pun_user['language'].'/delete.php';
 
 
-if (isset($_POST['delete']))
+if ($request->isPost('delete'))
 {
 	// Make sure they got here from the site
 	confirm_referrer('delete.php');

edit.php

@@ -13,8 +13,9 @@ require PUN_ROOT.'include/poll.php';
 if ($pun_user['g_read_board'] == '0')
 	message($lang_common['No view'], false, '403 Forbidden');
 
+$request = $container->get('Request');
 
-$id = isset($_GET['id']) ? intval($_GET['id']) : 0;
+$id = $request->getInt('id', 0);
 if ($id < 1)
 	message($lang_common['Bad request'], false, '404 Not Found');
 
@@ -63,7 +64,7 @@ require PUN_ROOT.'lang/'.$pun_user['language'].'/post.php';
 $errors = array();
 
 
-if (isset($_POST['form_sent']))
+if ($request->isPost('form_sent'))
 {
 	// Make sure they got here from the site
 	confirm_referrer('edit.php');
@@ -71,7 +72,7 @@ if (isset($_POST['form_sent']))
 	// If it's a topic it must contain a subject
 	if ($can_edit_subject)
 	{
-		$subject = pun_trim($_POST['req_subject']);
+		$subject = trim($request->postStr('req_subject'));
 
 		if ($pun_config['o_censoring'] == '1')
 			$censored_subject = pun_trim(censor_words($subject));
@@ -92,7 +93,7 @@ if (isset($_POST['form_sent']))
 	}
 
 	// Clean up message from POST
-	$message = pun_linebreaks(pun_trim($_POST['req_message']));
+	$message = pun_linebreaks(pun_trim($request->postStr('req_message')));
 
 	// Here we use strlen() not pun_strlen() as we want to limit the post to PUN_MAX_POSTSIZE bytes, not characters
 	if (pun_strlen($message) > PUN_MAX_POSTSIZE)
@@ -121,8 +122,8 @@ if (isset($_POST['form_sent']))
 		}
 	}
 
-	$hide_smilies = isset($_POST['hide_smilies']) ? '1' : '0';
-	$stick_topic = isset($_POST['stick_topic']) ? '1' : '0';
+	$hide_smilies = $request->isPost('hide_smilies') ? '1' : '0';
+	$stick_topic = $request->isPost('stick_topic') ? '1' : '0';
 	if (!$is_admmod)
 		$stick_topic = $cur_post['sticky'];
 
@@ -130,16 +131,16 @@ if (isset($_POST['form_sent']))
 	$message = strip_bad_multibyte_chars($message);
 
 	// Visman
-	$edit_post = isset($_POST['editpost']) ? '1' : '0';
+	$edit_post = $request->isPost('editpost') ? '1' : '0';
 	if ($pun_user['g_id'] != PUN_ADMIN)
 		$edit_post = $cur_post['edit_post'];
 
-	$stick_fp = isset($_POST['stickfp']) ? '1' : '0';
+	$stick_fp = $request->isPost('stickfp') ? '1' : '0';
 	if (!$is_admmod)
 		$stick_fp = $cur_post['stick_fp'];
 
 	// Did everything go according to plan?
-	if (empty($errors) && !isset($_POST['preview']))
+	if (empty($errors) && ! $request->isPost('preview'))
 	{
 		$is_modified = ($subject != $cur_post['subject'] ||
 										$message != $cur_post['message'] ||
@@ -148,7 +149,7 @@ if (isset($_POST['form_sent']))
 										$stick_fp != $cur_post['stick_fp'] ||
 										$stick_topic != $cur_post['sticky']); // MOD warnings - Visman
 
-		$edited_sql = (!isset($_POST['silent']) || !$is_admmod) ? ', edited='.time().', edited_by=\''.$db->escape($pun_user['username']).'\'' : '';
+		$edited_sql = (! $request->isPost('silent') || ! $is_admmod) ? ', edited='.time().', edited_by=\''.$db->escape($pun_user['username']).'\'' : '';
 		$edited_sql.= ', edit_post='.$edit_post; // Visman
 
 		require PUN_ROOT.'include/search_idx.php';
@@ -175,14 +176,14 @@ if (isset($_POST['form_sent']))
 
 		if ($is_admmod)
 		{
-			$warning = pun_linebreaks(pun_trim($_POST['warning']));
+			$warning = pun_linebreaks(pun_trim($request->postStr('warning')));
 			if ($warning != $cur_post['warning'])
 			{
 				$db->query('DELETE FROM '.$db->prefix.'warnings WHERE id='.$id) or error('Unable to remove warning', __FILE__, __LINE__, $db->error());
 				$sql_warm = '';
-				if (strlen($_POST['warning']) > 0 )
+				if (strlen($warning) > 0 )
 				{
-					$db->query('INSERT INTO '.$db->prefix.'warnings (id, poster, poster_id, posted, message) VALUES('.$id.', \''.$db->escape($pun_user['username']).'\', '.$pun_user['id'].', '.time().', \''.$db->escape($_POST['warning']).'\')') or error('Unable to insert warning', __FILE__, __LINE__, $db->error());
+					$db->query('INSERT INTO '.$db->prefix.'warnings (id, poster, poster_id, posted, message) VALUES('.$id.', \''.$db->escape($pun_user['username']).'\', '.$pun_user['id'].', '.time().', \''.$db->escape($warning).'\')') or error('Unable to insert warning', __FILE__, __LINE__, $db->error());
 					$sql_warm = ', warning_flag=1';
 				}
 				$result = $db->query('SELECT COUNT(p.id) FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'warnings AS w ON w.id=p.id WHERE p.poster_id='.$cur_post['poster_id']) or error('Unable to sum for posts', __FILE__, __LINE__, $db->error());
@@ -255,7 +256,7 @@ if (!empty($errors))
 <?php
 
 }
-else if (isset($_POST['preview']))
+else if ($request->isPost('preview'))
 {
 	require_once PUN_ROOT.'include/parser.php';
 	$preview_message = parse_message($message, $hide_smilies);
@@ -293,9 +294,9 @@ else if (isset($_POST['preview']))
 					<input type="hidden" name="csrf_hash" value="<?php echo csrf_hash() ?>" />
 					<div class="infldset txtarea">
 <?php if ($can_edit_subject): ?>						<label class="required"><strong><?php echo $lang_common['Subject'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br />
-						<input class="longinput" type="text" name="req_subject" size="80" maxlength="70" tabindex="<?php echo $cur_index++ ?>" value="<?php echo pun_htmlspecialchars(isset($_POST['req_subject']) ? $_POST['req_subject'] : $cur_post['subject']) ?>" /><br /></label>
+						<input class="longinput" type="text" name="req_subject" size="80" maxlength="70" tabindex="<?php echo $cur_index++ ?>" value="<?php echo pun_htmlspecialchars($request->postStr('req_subject', $cur_post['subject'])) ?>" /><br /></label>
 <?php endif; ?>						<label class="required"><strong><?php echo $lang_common['Message'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br />
-						<textarea name="req_message" rows="20" cols="95" tabindex="<?php echo $cur_index++ ?>"><?php echo pun_htmlspecialchars(isset($_POST['req_message']) ? $message : $cur_post['message']) ?></textarea><br /></label>
+						<textarea name="req_message" rows="20" cols="95" tabindex="<?php echo $cur_index++ ?>"><?php echo pun_htmlspecialchars($request->isPost('req_message') ? $message : $cur_post['message']) ?></textarea><br /></label>
 						<ul class="bblinks">
 							<li><span><a href="help.php#bbcode" onclick="window.open(this.href); return false;"><?php echo $lang_common['BBCode'] ?></a> <?php echo ($pun_config['p_message_bbcode'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></span></li>
 							<li><span><a href="help.php#url" onclick="window.open(this.href); return false;"><?php echo $lang_common['url tag'] ?></a> <?php echo ($pun_config['p_message_bbcode'] == '1' && $pun_user['g_post_links'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></span></li>
@@ -303,7 +304,7 @@ else if (isset($_POST['preview']))
 							<li><span><a href="help.php#smilies" onclick="window.open(this.href); return false;"><?php echo $lang_common['Smilies'] ?></a> <?php echo ($pun_config['o_smilies'] == '1') ? $lang_common['on'] : $lang_common['off']; ?></span></li>
 						</ul>
 <?php if ($is_admmod): ?>						<label><strong><?php echo $lang_common['Moderator'] ?></strong><br />
-						<input class="longinput" type="text" name="warning" size="80" maxlength="5000" tabindex="<?php echo $cur_index++ ?>" value="<?php echo pun_htmlspecialchars(isset($_POST['warning']) ? $_POST['warning'] : $cur_post['warning']) ?>" /><br /></label>
+						<input class="longinput" type="text" name="warning" size="80" maxlength="5000" tabindex="<?php echo $cur_index++ ?>" value="<?php echo pun_htmlspecialchars($request->postStr('warning', $cur_post['warning'])) ?>" /><br /></label>
 <?php elseif ($cur_post['warning'] != ''): ?>
 						<div class="postwarn">
 							<?php echo pun_htmlspecialchars($cur_post['warning'])."\n" ?>
@@ -316,7 +317,7 @@ else if (isset($_POST['preview']))
 $checkboxes = array();
 if ($can_edit_subject && $is_admmod)
 {
-	if (isset($_POST['stick_topic']) || !isset($_POST['form_sent']) && $cur_post['sticky'] == '1')
+	if ($request->isPost('stick_topic') || ! $request->isPost('form_sent') && $cur_post['sticky'] == '1')
 		$checkboxes[] = '<label><input type="checkbox" name="stick_topic" value="1" checked="checked" tabindex="'.($cur_index++).'" />'.$lang_common['Stick topic'].'<br /></label>';
 	else
 		$checkboxes[] = '<label><input type="checkbox" name="stick_topic" value="1" tabindex="'.($cur_index++).'" />'.$lang_common['Stick topic'].'<br /></label>';
@@ -324,7 +325,7 @@ if ($can_edit_subject && $is_admmod)
 
 if ($pun_config['o_smilies'] == '1')
 {
-	if (isset($_POST['hide_smilies']) || !isset($_POST['form_sent']) && $cur_post['hide_smilies'] == '1')
+	if ($request->isPost('hide_smilies') || ! $request->isPost('form_sent') && $cur_post['hide_smilies'] == '1')
 		$checkboxes[] = '<label><input type="checkbox" name="hide_smilies" value="1" checked="checked" tabindex="'.($cur_index++).'" />'.$lang_post['Hide smilies'].'<br /></label>';
 	else
 		$checkboxes[] = '<label><input type="checkbox" name="hide_smilies" value="1" tabindex="'.($cur_index++).'" />'.$lang_post['Hide smilies'].'<br /></label>';
@@ -332,14 +333,14 @@ if ($pun_config['o_smilies'] == '1')
 
 if ($is_admmod)
 {
-	if (isset($_POST['silent']) || !isset($_POST['form_sent']))
+	if ($request->isPost('silent') || ! $request->isPost('form_sent'))
 		$checkboxes[] = '<label><input type="checkbox" name="silent" value="1" tabindex="'.($cur_index++).'" checked="checked" />'.$lang_post['Silent edit'].'<br /></label>';
 	else
 		$checkboxes[] = '<label><input type="checkbox" name="silent" value="1" tabindex="'.($cur_index++).'" />'.$lang_post['Silent edit'].'<br /></label>';
 	// StickFP - Visman
 	if ($can_edit_subject)
 	{
-		if (isset($_POST['stickfp']) || !isset($_POST['form_sent']) && $cur_post['stick_fp'] == '1')
+		if ($request->isPost('stickfp') || ! $request->isPost('form_sent') && $cur_post['stick_fp'] == '1')
 			$checkboxes[] = '<label><input type="checkbox" name="stickfp" value="1" tabindex="'.($cur_index++).'" checked="checked" />'.$lang_post['Stick first post'].'<br /></label>';
 		else
 			$checkboxes[] = '<label><input type="checkbox" name="stickfp" value="1" tabindex="'.($cur_index++).'" />'.$lang_post['Stick first post'].'<br /></label>';
@@ -349,7 +350,7 @@ if ($is_admmod)
 // мод ограничения времени редактирвания - Visman
 if ($pun_user['g_id'] == PUN_ADMIN)
 {
-	if (isset($_POST['editpost']) || !isset($_POST['form_sent']) && $cur_post['edit_post'] == '1')
+	if ($request->isPost('editpost') || ! $request->isPost('form_sent') && $cur_post['edit_post'] == '1')
 		$checkboxes[] = '<label><input type="checkbox" name="editpost" value="1" tabindex="'.($cur_index++).'" checked="checked" />'.$lang_post['EditPost edit'].'<br /></label>';
 	else
 		$checkboxes[] = '<label><input type="checkbox" name="editpost" value="1" tabindex="'.($cur_index++).'" />'.$lang_post['EditPost edit'].'<br /></label>';

extern.php

@@ -74,19 +74,21 @@ if ($pun_user['g_read_board'] == '0')
 	exit($lang_common['No view']);
 }
 
-$action = isset($_GET['action']) ? strtolower($_GET['action']) : 'feed';
+$request = $container->get('Request');
+
+$action = strtolower($request->getStr('action', 'feed'));
 
 // Handle a couple old formats, from FluxBB 1.2
 switch ($action)
 {
 	case 'active':
 		$action = 'feed';
-		$_GET['order'] = 'last_post';
+		$_GET['order'] = 'last_post'; //????
 		break;
 
 	case 'new':
 		$action = 'feed';
-		$_GET['order'] = 'posted';
+		$_GET['order'] = 'posted'; //????
 		break;
 }
 
@@ -280,18 +282,18 @@ if ($action == 'feed')
 	require PUN_ROOT.'include/parser.php';
 
 	// Determine what type of feed to output
-	$type = isset($_GET['type']) ? strtolower($_GET['type']) : 'html';
+	$type = strtolower($request->getStr('type', ''));
 	if (!in_array($type, array('html', 'rss', 'atom', 'xml')))
 		$type = 'html';
 
-	$show = isset($_GET['show']) ? intval($_GET['show']) : 15;
+	$show = $request->getInt('show', 15);
 	if ($show < 1 || $show > 50)
 		$show = 15;
 
 	// Was a topic ID supplied?
-	if (isset($_GET['tid']))
+	if ($request->isGet('tid'))
 	{
-		$tid = intval($_GET['tid']);
+		$tid = $request->getInt('tid', 0);
 
 		// Fetch topic subject
 		$result = $db->query('SELECT t.subject, t.first_post_id FROM '.$db->prefix.'topics AS t LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=t.forum_id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.moved_to IS NULL AND t.id='.$tid) or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
@@ -350,14 +352,16 @@ if ($action == 'feed')
 	}
 	else
 	{
-		$order_posted = isset($_GET['order']) && strtolower($_GET['order']) == 'posted';
+		$order_posted = strtolower($request->getStr('order', '')) === 'posted';
 		$forum_name = '';
 		$forum_sql = '';
 
+
+		$fids = trim($request->getStr('fid'));
 		// Were any forum IDs supplied?
-		if (isset($_GET['fid']) && is_scalar($_GET['fid']) && $_GET['fid'] != '')
+		if (! empty($fids))
 		{
-			$fids = explode(',', pun_trim($_GET['fid']));
+			$fids = explode(',', $fids);
 			$fids = array_map('intval', $fids);
 
 			if (!empty($fids))
@@ -372,10 +376,11 @@ if ($action == 'feed')
 			}
 		}
 
+		$nfids = trim($request->getStr('nfid'));
 		// Any forum IDs to exclude?
-		if (isset($_GET['nfid']) && is_scalar($_GET['nfid']) && $_GET['nfid'] != '')
+		if (! empty($nfids))
 		{
-			$nfids = explode(',', pun_trim($_GET['nfid']));
+			$nfids = explode(',', $nfids);
 			$nfids = array_map('intval', $nfids);
 
 			if (!empty($nfids))
@@ -383,7 +388,7 @@ if ($action == 'feed')
 		}
 
 		// Only attempt to cache if caching is enabled and we have all or a single forum
-		if ($pun_config['o_feed_ttl'] > 0 && ($forum_sql == '' || ($forum_name != '' && !isset($_GET['nfid']))))
+		if ($pun_config['o_feed_ttl'] > 0 && ($forum_sql == '' || ($forum_name != '' && ! $request->isGet('nfid'))))
 			$cache_id = 'feed'.sha1($pun_user['g_id'].'|'.$lang_common['lang_identifier'].'|'.($order_posted ? '1' : '0').($forum_name == '' ? '' : '|'.$fids[0]));
 
 		// Load cached feed

include/functions.php

@@ -1192,12 +1192,9 @@ function confirm_message($error_msg = false)
 
 function confirm_referrer($script, $error_msg = false, $use_ip = true)
 {
-	$hash = '';
+    global $container;
 
-	if (isset($_POST['csrf_hash']))
-		$hash = $_POST['csrf_hash'];
-	else if (isset($_GET['csrf_hash']))
-		$hash = $_GET['csrf_hash'];
+	$hash = $container->get('Request')->requestStr('csrf_hash', '');
 
 	if (empty($hash) || !pun_hash_equals(csrf_hash($script, $use_ip), $hash))
 		confirm_message($error_msg);

login.php

@@ -6,7 +6,7 @@
  * License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher
  */
 
-if (isset($_GET['action']))
+if (isset($_GET['action'])) //????
 	define('PUN_QUIET_VISIT', 1);
 
 define('PUN_ROOT', dirname(__FILE__).'/');
@@ -16,16 +16,18 @@ require PUN_ROOT.'include/common.php';
 // Load the login.php language file
 require PUN_ROOT.'lang/'.$pun_user['language'].'/login.php';
 
-$action = isset($_GET['action']) ? $_GET['action'] : null;
+$request = $container->get('Request');
+
+$action = $request->getStr('action');
 $errors = array();
 
-if (isset($_POST['form_sent']) && $action == 'in')
+if ($request->isPost('form_sent') && $action === 'in')
 {
 	flux_hook('login_before_validation');
 
-	$form_username = pun_trim($_POST['req_username']);
-	$form_password = pun_trim($_POST['req_password']);
-	$save_pass = isset($_POST['save_pass']);
+	$form_username = trim($request->postStr('req_username'));
+	$form_password = trim($request->postStr('req_password'));
+	$save_pass = $request->isPost('save_pass');
 
 	$username_sql = in_array($container->getParameter('DB_TYPE'), ['mysql', 'mysqli', 'mysql_innodb', 'mysqli_innodb']) ? 'username=\''.$db->escape($form_username).'\'' : 'LOWER(username)=LOWER(\''.$db->escape($form_username).'\')';
 
@@ -106,16 +108,16 @@ if (isset($_POST['form_sent']) && $action == 'in')
 		set_tracked_topics(null);
 
 		// Try to determine if the data in redirect_url is valid (if not, we redirect to index.php after login)
-		$redirect_url = validate_redirect($_POST['redirect_url'], 'index.php');
+		$redirect_url = validate_redirect($reqiest->postStr('redirect_url'), 'index.php');
 
 		redirect(pun_htmlspecialchars($redirect_url), $lang_login['Login redirect']);
 	}
 }
 
 
-else if ($action == 'out')
+else if ($action === 'out')
 {
-	if ($pun_user['is_guest'] || !isset($_GET['id']) || $_GET['id'] != $pun_user['id'])
+	if ($pun_user['is_guest'] || ! $request->isGet('id') || $request->getInt('id') !== $pun_user['id'])
 	{
 		header('Location: index.php');
 		exit;
@@ -136,7 +138,7 @@ else if ($action == 'out')
 }
 
 
-else if ($action == 'forget' || $action == 'forget_2')
+else if ($action === 'forget' || $action === 'forget_2')
 {
 	if (!$pun_user['is_guest'])
 	{
@@ -144,14 +146,14 @@ else if ($action == 'forget' || $action == 'forget_2')
 		exit;
 	}
 
-	if (isset($_POST['form_sent']))
+	if ($request->isPost('form_sent'))
 	{
 		flux_hook('forget_password_before_validation');
 
 		require PUN_ROOT.'include/email.php';
 
 		// Validate the email address
-		$email = strtolower(pun_trim($_POST['req_email']));
+		$email = strtolower(trim($request->postStr('req_email')));
 		if (!is_valid_email($email))
 			$errors[] = $lang_common['Invalid email'];
 
@@ -246,7 +248,7 @@ if (!empty($errors))
 					<legend><?php echo $lang_login['Request pass legend'] ?></legend>
 					<div class="infldset">
 						<input type="hidden" name="form_sent" value="1" />
-						<label class="required"><strong><?php echo $lang_common['Email'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><input id="req_email" type="text" name="req_email" value="<?php if (isset($_POST['req_email'])) echo pun_htmlspecialchars($_POST['req_email']); ?>" size="50" maxlength="80" /><br /></label>
+						<label class="required"><strong><?php echo $lang_common['Email'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><input id="req_email" type="text" name="req_email" value="<?php if ($request->isPost('req_email')) echo pun_htmlspecialchars($request->postStr('req_email', '')); ?>" size="50" maxlength="80" /><br /></label>
 						<p><?php echo $lang_login['Request pass info'] ?></p>
 					</div>
 				</fieldset>
@@ -321,11 +323,11 @@ if (!empty($errors))
 					<div class="infldset">
 						<input type="hidden" name="form_sent" value="1" />
 						<input type="hidden" name="redirect_url" value="<?php echo pun_htmlspecialchars($redirect_url) ?>" />
-						<label class="conl required"><strong><?php echo $lang_common['Username'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><input type="text" name="req_username" value="<?php if (isset($_POST['req_username'])) echo pun_htmlspecialchars($_POST['req_username']); ?>" size="25" maxlength="25" tabindex="1" /><br /></label>
+						<label class="conl required"><strong><?php echo $lang_common['Username'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><input type="text" name="req_username" value="<?php if ($request->isPost('req_username')) echo pun_htmlspecialchars($request->postStr('req_username', '')); ?>" size="25" maxlength="25" tabindex="1" /><br /></label>
 						<label class="conl required"><strong><?php echo $lang_common['Password'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><input type="password" name="req_password" size="25" tabindex="2" /><br /></label>
 
 						<div class="rbox clearb">
-							<label><input type="checkbox" name="save_pass" value="1"<?php if (isset($_POST['save_pass'])) echo ' checked="checked"'; ?> tabindex="3" /><?php echo $lang_login['Remember me'] ?><br /></label>
+							<label><input type="checkbox" name="save_pass" value="1"<?php if ($request->isPost('save_pass')) echo ' checked="checked"'; ?> tabindex="3" /><?php echo $lang_login['Remember me'] ?><br /></label>
 						</div>
 
 						<p class="clearb"><?php echo $lang_login['Login info'] ?></p>

misc.php

@@ -6,7 +6,7 @@
  * License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher
  */
 
-if (isset($_GET['action']))
+if (isset($_GET['action'])) //????
 	define('PUN_QUIET_VISIT', 1);
 
 define('PUN_ROOT', dirname(__FILE__).'/');
@@ -16,10 +16,12 @@ require PUN_ROOT.'include/common.php';
 // Load the misc.php language file
 require PUN_ROOT.'lang/'.$pun_user['language'].'/misc.php';
 
-$action = isset($_GET['action']) ? $_GET['action'] : null;
+$request = $container->get('Reuqest');
 
+$action = $request->getStr('action');
 
-if ($action == 'rules')
+
+if ($action === 'rules')
 {
 	if ($pun_config['o_rules'] == '0' || ($pun_user['is_guest'] && $pun_user['g_read_board'] == '0' && $pun_config['o_regs_allow'] == '0'))
 		message($lang_common['Bad request'], false, '404 Not Found');
@@ -46,11 +48,11 @@ if ($action == 'rules')
 }
 
 // START быстрое переключение языка - Visman
-else if ($action == 'lang')
+else if ($action === 'lang')
 {
 	confirm_referrer('misc.php');
 
-	$language = isset($_GET['lang']) ? preg_replace('%[^\w]%', '', pun_trim($_GET['lang'])) : '';
+	$language = preg_replace('%[^\w]%', '', $request->getStr('lang', ''));
 	if (empty($language) || !file_exists(PUN_ROOT.'lang/'.$language.'/common.php'))
 		message($lang_common['Bad request'], false, '404 Not Found');
 
@@ -74,7 +76,7 @@ else if ($action == 'lang')
 }
 // END быстрое переключение языка - Visman
 
-else if ($action == 'markread')
+else if ($action === 'markread')
 {
 	if ($pun_user['is_guest'])
 		message($lang_common['No permission'], false, '403 Forbidden');
@@ -91,14 +93,14 @@ else if ($action == 'markread')
 
 
 // Mark the topics/posts in a forum as read?
-else if ($action == 'markforumread')
+else if ($action === 'markforumread')
 {
 	if ($pun_user['is_guest'])
 		message($lang_common['No permission'], false, '403 Forbidden');
 
 	confirm_referrer('viewforum.php');
 
-	$fid = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
+	$fid = $request->getInt('fid', 0);
 	if ($fid < 1)
 		message($lang_common['Bad request'], false, '404 Not Found');
 
@@ -110,12 +112,12 @@ else if ($action == 'markforumread')
 }
 
 
-else if (isset($_GET['email']))
+else if ($request->isGet('email'))
 {
 	if ($pun_user['is_guest'] || $pun_user['g_send_email'] == '0')
 		message($lang_common['No permission'], false, '403 Forbidden');
 
-	$recipient_id = intval($_GET['email']);
+	$recipient_id = $request->getInt('email', 0);
 	if ($recipient_id < 2)
 		message($lang_common['Bad request'], false, '404 Not Found');
 
@@ -129,13 +131,13 @@ else if (isset($_GET['email']))
 		message($lang_misc['Form email disabled']);
 
 
-	if (isset($_POST['form_sent']))
+	if ($request->isPost('form_sent'))
 	{
 		confirm_referrer('misc.php');
 
 		// Clean up message and subject from POST
-		$subject = pun_trim($_POST['req_subject']);
-		$message = pun_trim($_POST['req_message']);
+		$subject = trim($request->postStr('req_subject'));
+		$message = trim($request->postStr('req_message'));
 
 		if ($subject == '')
 			message($lang_misc['No email subject']);
@@ -169,7 +171,7 @@ else if (isset($_GET['email']))
 		$db->query('UPDATE '.$db->prefix.'users SET last_email_sent='.time().' WHERE id='.$pun_user['id']) or error('Unable to update user', __FILE__, __LINE__, $db->error());
 
 		// Try to determine if the data in redirect_url is valid (if not, we redirect to index.php after the email is sent)
-		$redirect_url = validate_redirect($_POST['redirect_url'], 'index.php');
+		$redirect_url = validate_redirect($request->postStr('redirect_url'), 'index.php');
 
 		redirect(pun_htmlspecialchars($redirect_url), $lang_misc['Email sent redirect']);
 	}
@@ -220,22 +222,22 @@ else if (isset($_GET['email']))
 }
 
 
-else if (isset($_GET['report']))
+else if ($request->isGet('report'))
 {
 	if ($pun_user['is_guest'])
 		message($lang_common['No permission'], false, '403 Forbidden');
 
-	$post_id = intval($_GET['report']);
+	$post_id = $request->getInt('report', 0);
 	if ($post_id < 1)
 		message($lang_common['Bad request'], false, '404 Not Found');
 
-	if (isset($_POST['form_sent']))
+	if ($request->isPost('form_sent'))
 	{
 		// Make sure they got here from the site
 		confirm_referrer('misc.php');
 		
 		// Clean up reason from POST
-		$reason = pun_linebreaks(pun_trim($_POST['req_reason']));
+		$reason = pun_linebreaks(pun_trim($request->postStr('req_reason')));
 		if ($reason == '')
 			message($lang_misc['No reason']);
 		else if (strlen($reason) > 65535) // TEXT field can only hold 65535 bytes
@@ -346,15 +348,15 @@ else if (isset($_GET['report']))
 }
 
 
-else if ($action == 'subscribe')
+else if ($action === 'subscribe')
 {
 	if ($pun_user['is_guest'])
 		message($lang_common['No permission'], false, '403 Forbidden');
 
 	confirm_referrer('misc.php');
 
-	$topic_id = isset($_GET['tid']) ? intval($_GET['tid']) : 0;
-	$forum_id = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
+	$topic_id = $request->getInt('tid', 0);
+	$forum_id = $request->getInt('fid', 0);
 	if ($topic_id < 1 && $forum_id < 1)
 		message($lang_common['Bad request'], false, '404 Not Found');
 
@@ -398,15 +400,15 @@ else if ($action == 'subscribe')
 }
 
 
-else if ($action == 'unsubscribe')
+else if ($action === 'unsubscribe')
 {
 	if ($pun_user['is_guest'])
 		message($lang_common['No permission'], false, '403 Forbidden');
 
 	confirm_referrer('misc.php');
 
-	$topic_id = isset($_GET['tid']) ? intval($_GET['tid']) : 0;
-	$forum_id = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
+	$topic_id = $request->getInt('tid', 0);
+	$forum_id = $request->getInt('fid', 0);
 	if ($topic_id < 1 && $forum_id < 1)
 		message($lang_common['Bad request'], false, '404 Not Found');
 

pjq.php

@@ -18,12 +18,15 @@ if ($pun_user['g_read_board'] == '0')
 if ($pun_user['is_guest'])
 	exit($lang_common['No permission']);
 
-$action = isset($_POST['action']) ? $_POST['action'] : '';
-$id = isset($_POST['id']) ? intval($_POST['id']) : 0;
+$request = $container->get('Request');
+
+$action = $request->postStr('action');
+$id = $request->postInt('id', 0);
 if ($id < 1)
 	exit($lang_common['Bad request']);
 
-if ($action == "quote")
+
+if ($action === "quote")
 {
 	// Fetch some info about the post, the topic and the forum
 	$result = $db->query('SELECT p.message FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND p.id='.$id) or exit('Unable to fetch post info '.$db->error());
@@ -35,12 +38,11 @@ if ($action == "quote")
 	if ($pun_config['o_censoring'] == '1')
 		$cur_post['message'] = censor_words($cur_post['message']);
 
-?>
-<quote_post><?php echo $cur_post['message'] ?></quote_post>
-<?php
-
+	echo '<quote_post>' . $cur_post['message'] . '</quote_post>';
 }
-else if ($action == "pmquote")
+
+
+else if ($action === "pmquote")
 {
 	if ($pun_config['o_pms_enabled'] != '1' || $pun_user['g_pm'] == 0 || $pun_user['messages_enable'] == 0)
 		exit($lang_common['No permission']);
@@ -55,11 +57,10 @@ else if ($action == "pmquote")
 	if ($pun_config['o_censoring'] == '1')
 		$cur_post['message'] = censor_words($cur_post['message']);
 
-?>
-<quote_post><?php echo $cur_post['message'] ?></quote_post>
-<?php
-
+	echo '<quote_post>' . $cur_post['message'] . '</quote_post>';
 }
+
+
 else
 	exit($lang_common['Bad request']);