Issues with duplicate request parameters and escape brackets

1) If you have a request with "a=1&a=2" as the request parameters, the
contents of $_GET and $_POST will only see a=2

 Section 9.1.1.  of the OAuth spec states "If two or more parameters share
the same name, they are sorted by their value"

-> To fix this, I have introduced the function
OAuthUtil::oauth_parse_string to parse the raw request parameters. This
function ensures that duplicate parameters are not stripped.
   Example usage:  
       Instead of $_POST, you can use
       OAuthUtil::oauth_parse_string(file_get_contents('php://input'));

       Instead of $_GET, you can use
       OAuthUtil::oauth_parse_string($_SERVER["QUERY_STRING"]);


2) With the latest version of OAuth.php, if you have "a[]=1&a[]=2" in the
query string, the function get_signable_parameters() will return "a=1&a=2"
which is incorrect because "[" and "]" should be escaped. 

I have attached a patch to fix these issues.