From 242b63317ba63c4eb103fc7d6ff0abc9a792ae4f Mon Sep 17 00:00:00 2001
From: Yasen Pramatarov <yasen@lindeas.com>
Date: Fri, 25 Apr 2025 10:13:12 +0300
Subject: [PATCH] Makes the old code work with the new Log plugin

---
 app/classes/ratelimiter.php            | 3 +++
 app/classes/user.php                   | 1 -
 app/includes/csrf_middleware.php       | 5 ++---
 app/includes/rate_limit_middleware.php | 5 ++---
 app/pages/config.php                   | 1 -
 app/pages/login.php                    | 2 +-
 6 files changed, 8 insertions(+), 9 deletions(-)

diff --git a/app/classes/ratelimiter.php b/app/classes/ratelimiter.php
index 50a03db..7f8f69d 100644
--- a/app/classes/ratelimiter.php
+++ b/app/classes/ratelimiter.php
@@ -28,7 +28,10 @@ class RateLimiter {
         } else {
             $this->db = $database->getConnection();
         }
+        // Initialize logger via Log wrapper
+        require_once __DIR__ . '/log.php';
         $this->log = new Log($database);
+        // Initialize database tables
         $this->createTablesIfNotExist();
     }
 
diff --git a/app/classes/user.php b/app/classes/user.php
index 14b4663..bc03b9d 100644
--- a/app/classes/user.php
+++ b/app/classes/user.php
@@ -44,7 +44,6 @@ class User {
      */
     public function login($username, $password, $twoFactorCode = null) {
         // Get user's IP address
-        require_once __DIR__ . '/../helpers/logs.php';
         $ipAddress = getUserIP();
 
         // Check rate limiting first
diff --git a/app/includes/csrf_middleware.php b/app/includes/csrf_middleware.php
index 5642670..68361c0 100644
--- a/app/includes/csrf_middleware.php
+++ b/app/includes/csrf_middleware.php
@@ -1,10 +1,9 @@
 <?php
 
 require_once __DIR__ . '/../helpers/security.php';
-require_once __DIR__ . '/../helpers/logs.php';
 
 function applyCsrfMiddleware() {
-    global $logObject;
+    global $logObject, $user_IP;
     $security = SecurityHelper::getInstance();
 
     // Skip CSRF check for GET requests
@@ -34,7 +33,7 @@ function applyCsrfMiddleware() {
         $token = $_POST['csrf_token'] ?? $_SERVER['HTTP_X_CSRF_TOKEN'] ?? '';
         if (!$security->verifyCsrfToken($token)) {
             // Log CSRF attempt
-            $ipAddress = getUserIP();
+            $ipAddress = $user_IP;
             $logMessage = sprintf(
                 "CSRF attempt detected - IP: %s, Page: %s, User: %s",
                 $ipAddress,
diff --git a/app/includes/rate_limit_middleware.php b/app/includes/rate_limit_middleware.php
index 32a09c3..838e8a1 100644
--- a/app/includes/rate_limit_middleware.php
+++ b/app/includes/rate_limit_middleware.php
@@ -1,7 +1,6 @@
 <?php
 
 require_once __DIR__ . '/../classes/ratelimiter.php';
-require_once __DIR__ . '/../helpers/logs.php';
 
 /**
  * Rate limit middleware for page requests
@@ -13,10 +12,10 @@ require_once __DIR__ . '/../helpers/logs.php';
  * @return bool True if request is allowed, false if rate limited
  */
 function checkRateLimit($database, $endpoint, $userId = null, $existingRateLimiter = null) {
-    global $app_root;
+    global $app_root, $user_IP;
     $isTest = defined('PHPUNIT_RUNNING');
     $rateLimiter = $existingRateLimiter ?? new RateLimiter($database);
-    $ipAddress = getUserIP();
+    $ipAddress = $user_IP;
 
     // Check if request is allowed
     if (!$rateLimiter->isPageRequestAllowed($ipAddress, $endpoint, $userId)) {
diff --git a/app/pages/config.php b/app/pages/config.php
index 1cf2835..58b0a1c 100644
--- a/app/pages/config.php
+++ b/app/pages/config.php
@@ -14,7 +14,6 @@ require '../app/classes/api_response.php';
 
 // Initialize required objects
 $userObject = new User($dbWeb);
-$logObject = new Log($dbWeb);
 $configObject = new Config();
 
 // For AJAX requests
diff --git a/app/pages/login.php b/app/pages/login.php
index bb1f245..06c4aac 100644
--- a/app/pages/login.php
+++ b/app/pages/login.php
@@ -24,8 +24,8 @@ try {
     // Initialize RateLimiter
     require_once '../app/classes/ratelimiter.php';
     $rateLimiter = new RateLimiter($db);
-
     // Get user IP
+    require_once '../app/helpers/ip_helper.php';
     $user_IP = getUserIP();
 
     $action = $_REQUEST['action'] ?? '';