Deprecate auto sanitize of API parameters & Common::getRequestVar and introduce Request class (#19624)

* Introduce new API property to disable autosanitizing

* Adds new getRequestParam method to replace getRequestVar somewhen

* use new method in some places

* Introduce new request class instead of Common::getRequestParam

* Improve Request class and add tests

* Adds changelog

* clean up api proxy

* code improvements

* Added doc blocks

* filter null byte values

* update tests

* update changelog

5 files changed, 22 insertions, 18 deletions

diff --git a/plugins/CoreAdminHome/Controller.php b/plugins/CoreAdminHome/Controller.php
index 4af369a7ae..cf1ce5fb70 100644
--- a/plugins/CoreAdminHome/Controller.php
+++ b/plugins/CoreAdminHome/Controller.php
@@ -25,6 +25,7 @@ use Piwik\Plugins\CustomVariables\CustomVariables;
 use Piwik\Plugins\LanguagesManager\LanguagesManager;
 use Piwik\Plugins\PrivacyManager\DoNotTrackHeaderChecker;
 use Piwik\Plugins\SitesManager\API as APISitesManager;
+use Piwik\Request;
 use Piwik\Site;
 use Piwik\Translation\Translator;
 use Piwik\Url;
@@ -154,20 +155,21 @@ class Controller extends ControllerAdmin
             $this->checkTokenInUrl();
 
             // Update email settings
-            $mail = array();
-            $mail['transport'] = (Common::getRequestVar('mailUseSmtp') == '1') ? 'smtp' : '';
-            $mail['port'] = Common::getRequestVar('mailPort', '');
-            $mail['host'] = Common::unsanitizeInputValue(Common::getRequestVar('mailHost', ''));
-            $mail['type'] = Common::getRequestVar('mailType', '');
-            $mail['username'] = Common::unsanitizeInputValue(Common::getRequestVar('mailUsername', ''));
-            $mail['password'] = Common::unsanitizeInputValue(Common::getRequestVar('mailPassword', ''));
+            $request = Request::fromRequest();
+            $mail = [];
+            $mail['transport'] = $request->getBoolParameter('mailUseSmtp') ? 'smtp' : '';
+            $mail['port'] = $request->getStringParameter('mailPort', '');
+            $mail['host'] = $request->getStringParameter('mailHost', '');
+            $mail['type'] = $request->getStringParameter('mailType', '');
+            $mail['username'] = $request->getStringParameter('mailUsername', '');
+            $mail['password'] = $request->getStringParameter('mailPassword', '');
 
             if (!array_key_exists('mailPassword', $_POST) && Config::getInstance()->mail['host'] === $mail['host']) {
                 // use old password if it wasn't set in request (and the host wasn't changed)
                 $mail['password'] = Config::getInstance()->mail['password'];
             }
 
-            $mail['encryption'] = Common::getRequestVar('mailEncryption', '');
+            $mail['encryption'] =  $request->getStringParameter('mailEncryption', '');
 
             Config::getInstance()->mail = $mail;
 
diff --git a/plugins/CoreAdminHome/OptOutManager.php b/plugins/CoreAdminHome/OptOutManager.php
index 927e3ad630..90c0b66943 100644
--- a/plugins/CoreAdminHome/OptOutManager.php
+++ b/plugins/CoreAdminHome/OptOutManager.php
@@ -14,6 +14,7 @@ use Piwik\Piwik;
 use Piwik\Plugins\LanguagesManager\API as APILanguagesManager;
 use Piwik\Plugins\LanguagesManager\LanguagesManager;
 use Piwik\Plugins\PrivacyManager\DoNotTrackHeaderChecker;
+use Piwik\Request;
 use Piwik\Tracker\IgnoreCookie;
 use Piwik\Url;
 use Piwik\View;
@@ -609,10 +610,10 @@ JS;
     private function optOutStyling(?string $fontSize = null, ?string $fontColor = null, ?string $fontFamily = null,
                                    ?string $backgroundColor = null, bool $noBody = false): string
     {
-        $cssfontsize = ($fontSize ? : Common::unsanitizeInputValue(Common::getRequestVar('fontSize', false, 'string')));
-        $cssfontcolour = ($fontColor ? : Common::unsanitizeInputValue(Common::getRequestVar('fontColor', false, 'string')));
-        $cssfontfamily = ($fontFamily ? : Common::unsanitizeInputValue(Common::getRequestVar('fontFamily', false, 'string')));
-        $cssbackgroundcolor = ($backgroundColor ? : Common::unsanitizeInputValue(Common::getRequestVar('backgroundColor', false, 'string')));
+        $cssfontsize = ($fontSize ? : Request::fromRequest()->getStringParameter('fontSize', ''));
+        $cssfontcolour = ($fontColor ? : Request::fromRequest()->getStringParameter('fontColor', ''));
+        $cssfontfamily = ($fontFamily ? : Request::fromRequest()->getStringParameter('fontFamily', ''));
+        $cssbackgroundcolor = ($backgroundColor ? : Request::fromRequest()->getStringParameter('backgroundColor', ''));
 
         if (!$noBody) {
             $cssbody = 'body { ';
diff --git a/plugins/CoreUpdater/Controller.php b/plugins/CoreUpdater/Controller.php
index 54ab1e9131..c33e6a674b 100644
--- a/plugins/CoreUpdater/Controller.php
+++ b/plugins/CoreUpdater/Controller.php
@@ -24,6 +24,7 @@ use Piwik\Piwik;
 use Piwik\Plugin\Manager as PluginManager;
 use Piwik\Plugins\CoreVue\CoreVue;
 use Piwik\Plugins\Marketplace\Plugins;
+use Piwik\Request;
 use Piwik\SettingsPiwik;
 use Piwik\SettingsServer;
 use Piwik\Updater as DbUpdater;
@@ -252,7 +253,7 @@ class Controller extends \Piwik\Plugin\Controller
         } else {
             $view = new View('@CoreUpdater/updateSuccess');
         }
-        $messages = safe_unserialize(Common::unsanitizeInputValue(Common::getRequestVar('messages', '', 'string', $_POST)));
+        $messages = safe_unserialize(Request::fromPost()->getStringParameter('messages', ''));
         if (!is_array($messages)) {
             $messages = array();
         }
diff --git a/plugins/Dashboard/Controller.php b/plugins/Dashboard/Controller.php
index 842671343c..eb6a4670a9 100644
--- a/plugins/Dashboard/Controller.php
+++ b/plugins/Dashboard/Controller.php
@@ -128,7 +128,7 @@ class Controller extends \Piwik\Plugin\Controller
     {
         $this->checkTokenInUrl();
 
-        $layout      = Common::unsanitizeInputValue(Common::getRequestVar('layout'));
+        $layout      = \Piwik\Request::fromRequest()->getStringParameter('layout');
         $layout      = strip_tags($layout);
         $idDashboard = Common::getRequestVar('idDashboard', 1, 'int');
         $name        = Common::getRequestVar('name', '', 'string');
@@ -153,7 +153,7 @@ class Controller extends \Piwik\Plugin\Controller
         $this->checkTokenInUrl();
 
         if (Piwik::hasUserSuperUserAccess()) {
-            $layout = Common::unsanitizeInputValue(Common::getRequestVar('layout'));
+            $layout = \Piwik\Request::fromRequest()->getStringParameter('layout');
             $layout = strip_tags($layout);
             $this->getModel()->createOrUpdateDashboard('', '1', $layout);
         }
diff --git a/plugins/Login/Controller.php b/plugins/Login/Controller.php
index 7f0b183902..0c2084a98a 100644
--- a/plugins/Login/Controller.php
+++ b/plugins/Login/Controller.php
@@ -27,6 +27,7 @@ use Piwik\Plugins\PrivacyManager\SystemSettings;
 use Piwik\Plugins\UsersManager\Model as UsersModel;
 use Piwik\Plugins\UsersManager\UsersManager;
 use Piwik\QuickForm2;
+use Piwik\Request;
 use Piwik\Session;
 use Piwik\Session\SessionInitializer;
 use Piwik\Url;
@@ -341,9 +342,8 @@ class Controller extends \Piwik\Plugin\ControllerAdmin
         }
 
         if (empty($urlToRedirect)) {
-            $redirect = Common::unsanitizeInputValue(Common::getRequestVar('form_redirect', false));
-            $redirectParams = UrlHelper::getArrayFromQueryString(UrlHelper::getQueryFromUrl($redirect));
-            $module = Common::getRequestVar('module', '', 'string', $redirectParams);
+            $redirect = Request::fromRequest()->getStringParameter('form_redirect', '');
+            $module = Request::fromQueryString(UrlHelper::getQueryFromUrl($redirect))->getStringParameter('module', '');
             // when module is login, we redirect to home...
             if (!empty($module) && $module !== 'Login' && $module !== Piwik::getLoginPluginName() && $redirect) {
                 $host = Url::getHostFromUrl($redirect);