[feature/system-cron] use phpbb_request instead of plain superglobals

PHPBB3-9596
2025-06-05 14:04:57 +02:00 · 2010-10-29 13:29:00 +02:00 · 2010-10-29 13:29:00 +02:00 · e48b850ab5
commit e48b850ab5
parent 5a95340ee8
3 changed files with 12 additions and 15 deletions
--- a/phpBB/cron.php
+++ b/phpBB/cron.php
@ -89,7 +89,7 @@ if ($cron_lock->lock())
 		{
 			if ($task->is_parametrized())
 			{
-				$task->parse_parameters($_GET);
+				$task->parse_parameters($request);
 			}
 			if ($task->is_ready())
 			{
--- a/phpBB/includes/cron/task/core/prune_forum.php
+++ b/phpBB/includes/cron/task/core/prune_forum.php
@ -103,20 +103,19 @@ class phpbb_cron_task_core_prune_forum extends phpbb_cron_task_base implements p
 	}

 	/**
-	* Parses parameters found in $params, which is an array.
+	* Parses parameters found in $request, which is an instance of
+	* phpbb_request_interface.
 	*
-	* $params may contain user input and is not trusted.
-	*
-	* $params is expected to have a key f whose value is id of the forum to be pruned.
+	* It is expected to have a key f whose value is id of the forum to be pruned.
 	*/
-	public function parse_parameters($params)
+	public function parse_parameters(phpbb_request_interface $request)
 	{
 		global $db;

 		$this->forum_data = null;
-		if (isset($params['f']))
+		if ($request->is_set('f'))
 		{
-			$forum_id = (int) $params['f'];
+			$forum_id = $request->variable('f', 0);

 			$sql = 'SELECT forum_id, prune_next, enable_prune, prune_days, prune_viewed, forum_flags, prune_freq
 				FROM ' . FORUMS_TABLE . "
--- a/phpBB/includes/cron/task/parametrized.php
+++ b/phpBB/includes/cron/task/parametrized.php
@ -37,13 +37,11 @@ interface phpbb_cron_task_parametrized extends phpbb_cron_task
 	public function get_parameters();

 	/**
-	* Parses parameters found in $params, which is an array.
+	* Parses parameters found in $request, which is an instance of
+	* phpbb_request_interface.
 	*
-	* $params contains user input and must not be trusted.
-	* In normal operation $params contains the same data that was returned by
-	* get_parameters method. However, a malicious user can supply arbitrary
-	* data in $params.
-	* Cron task must validate all keys and values in $params before using them.
+	* $request contains user input and must not be trusted.
+	* Cron task must validate all data before using it.
 	*/
-	public function parse_parameters($params);
+	public function parse_parameters(phpbb_request_interface $request);
 }