Merge pull request #2 from patchstack/fix/drupal-fix-logging

Bugfix: fixes request logging in Drupal middleware -> extension call.

Author: patchstackdave

src/Extensions/Drupal/Extension.php

@@ -17,37 +17,45 @@ class Extension implements ExtensionInterface {
    *
    * @param int $ruleId
    *   The firewall rule ID that matched.
-   * @param string $bodyData
+   * @param string|array $request
    *   The request body data.
    * @param string $blockType
    *   The type of block performed (BLOCK, LOG, or REDIRECT).
    */
-  public function logRequest($ruleId, $bodyData, $blockType): void {
+  public function logRequest($ruleId, $request, $blockType): void {
     try {
-      $request = \Drupal::request();
+      // Transform raw payload.
+      if (is_array($request) && array_key_exists('raw', $request)) {
+        $request['raw'] = isset($request['raw']) && is_array($request['raw']) ? $request['raw'][0] : $request['raw'];
+
+        // Remove raw payload if not present.
+        if ((is_array($request['raw']) && count($request['raw'])) == 0 || empty($request['raw'])) {
+            unset($request['raw']);
+        }
+      }
 
-      // Get POST data.
-      $postData = $request->request->all();
-      if (empty($postData)) {
-        $rawContent = $request->getContent();
-        $postData = !empty($rawContent) ? $rawContent : NULL;
+      // Remove files payload if not present.
+      if (isset($request['files']) && is_array($request['files']) && count($request['files']) == 0) {
+        unset($request['files']);
       }
-      else {
-        $postData = json_encode($postData);
+
+      // Remove post payload if not present.
+      if (isset($request['post']) && is_array($request['post']) && count($request['post']) == 0) {
+        unset($request['post']);
       }
 
       // Insert into the logs table.
       $connection = \Drupal::database();
       $connection->insert('patchstack_logs')
         ->fields([
           'ip' => $this->getIpAddress(),
-          'request_uri' => $request->getRequestUri() ?? '',
-          'user_agent' => $request->headers->get('User-Agent') ?? '',
-          'method' => $request->getMethod() ?? '',
-          'fid' => (int) $ruleId,
-          'post_data' => $postData,
+          'request_uri' => isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : '',
+          'user_agent' => isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '',
+          'method' => isset($_SERVER['REQUEST_METHOD']) ? $_SERVER['REQUEST_METHOD'] : '',
+          'fid' => '55' . $ruleId,
+          'post_data' => json_encode($request),
           'block_type' => $blockType,
-          'log_date' => \Drupal::time()->getRequestTime(),
+          'log_date' => \Drupal::time()->getRequestTime()
         ])
         ->execute();
     }
@@ -105,6 +113,10 @@ public function canBypass($isMuCall): bool {
   public function isBlocked($minutes, $blockTime, $attempts): bool {
     // Currently disabled - return false to not auto-block based on attempts.
     // This can be enabled later with proper configuration.
+    if (TRUE) {
+      return FALSE;
+    }
+
     if (empty($minutes) || empty($blockTime) || empty($attempts)) {
       return FALSE;
     }