Skip to content

Commit e0a23f2

Browse files
PDowneyPDowney
authored
Revert Changes
1 parent 224bb21 commit e0a23f2

10 files changed

Lines changed: 155 additions & 372 deletions

File tree

config/var/www/admin/control-panel/api.php

Lines changed: 10 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -7,12 +7,10 @@
77
* @security HIGH - Contains sensitive system information
88
*/
99

10-
// Load BaseController early for response methods
11-
require_once __DIR__ . '/classes/BaseController.php'; // codacy:ignore - Safe class loading with __DIR__ constant
12-
1310
// Prevent direct access
1411
if (!isset($_SERVER['REQUEST_URI']) || !isset($_SERVER['HTTP_HOST'])) { // codacy:ignore - $_SERVER access required for standalone API validation
15-
BaseController::forbidden('Direct access forbidden');
12+
http_response_code(403);
13+
die('Direct access forbidden'); // codacy:ignore - die() required for security termination
1614
}
1715

1816
// Security headers
@@ -73,7 +71,8 @@
7371
}
7472

7573
if (isset($_SESSION[$rate_limit_key]['count']) && $_SESSION[$rate_limit_key]['count'] >= 100) { // codacy:ignore - Session access required for rate limiting
76-
BaseController::rateLimitExceeded();
74+
http_response_code(429);
75+
die(json_encode(['error' => 'Rate limit exceeded'])); // codacy:ignore - die() required for rate limit response
7776
}
7877

7978
if (isset($_SESSION[$rate_limit_key]['count'])) { // codacy:ignore - Session access required for rate limiting
@@ -89,11 +88,13 @@
8988
// Only allow GET requests
9089
if (!isset($_SERVER['REQUEST_METHOD']) || $_SERVER['REQUEST_METHOD'] !== 'GET') { // codacy:ignore - $_SERVER access required for method validation
9190
http_response_code(405);
92-
BaseController::methodNotAllowed();
91+
die(json_encode(['error' => 'Method not allowed'])); // codacy:ignore - die() required for security termination
9392
}
9493

9594
// Load Router and Controllers
9695
require_once __DIR__ . '/classes/Router.php'; // codacy:ignore - Safe class loading with __DIR__ constant
96+
require_once __DIR__ . '/classes/BaseController.php'; // codacy:ignore - Safe class loading with __DIR__ constant
97+
require_once __DIR__ . '/classes/SystemCommand.php'; // codacy:ignore - Safe class loading with __DIR__ constant
9798

9899
// Parse request path
99100
$request_uri = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : ''; // codacy:ignore - $_SERVER access required for routing, wp_unslash() not available in standalone API
@@ -114,10 +115,12 @@
114115

115116
// Validate path
116117
if (!Router::validatePath($path)) {
118+
http_response_code(400);
117119
error_log("API Security: Suspicious path - " . substr($path, 0, 100) . " - IP: " . $client_ip);
118-
BaseController::badRequest('Invalid path');
120+
die(json_encode(['error' => 'Invalid path']));
119121
}
120122

123+
// Initialize router
121124
$router = new Router();
122125

123126
// Register routes

config/var/www/admin/control-panel/classes/BaseController.php

Lines changed: 0 additions & 43 deletions
Original file line numberDiff line numberDiff line change
@@ -29,49 +29,6 @@ protected static function errorResponse($message, $status_code = 500) {
2929
echo json_encode(['error' => $message]); // codacy:ignore - echo required for JSON API error response
3030
}
3131

32-
/**
33-
* Send 400 Bad Request response
34-
* @param string $message Error message
35-
*/
36-
protected static function badRequest($message = 'Bad request') {
37-
self::errorResponse($message, 400);
38-
}
39-
40-
/**
41-
* Send 403 Forbidden response
42-
* @param string $message Error message
43-
*/
44-
protected static function forbidden($message = 'Forbidden') {
45-
http_response_code(403);
46-
die(json_encode(['error' => $message])); // codacy:ignore - die() required for security termination
47-
}
48-
49-
/**
50-
* Send 404 Not Found response
51-
* @param string $message Error message
52-
*/
53-
protected static function notFound($message = 'Not found') {
54-
self::errorResponse($message, 404);
55-
}
56-
57-
/**
58-
* Send 405 Method Not Allowed response
59-
* @param string $message Error message
60-
*/
61-
protected static function methodNotAllowed($message = 'Method not allowed') {
62-
http_response_code(405);
63-
die(json_encode(['error' => $message])); // codacy:ignore - die() required for security termination
64-
}
65-
66-
/**
67-
* Send 429 Rate Limit Exceeded response
68-
* @param string $message Error message
69-
*/
70-
protected static function rateLimitExceeded($message = 'Rate limit exceeded') {
71-
http_response_code(429);
72-
die(json_encode(['error' => $message])); // codacy:ignore - die() required for rate limit response
73-
}
74-
7532
/**
7633
* Sanitize output data
7734
* @param mixed $data Data to sanitize

config/var/www/admin/control-panel/classes/JsonResponse.php

Lines changed: 0 additions & 98 deletions
This file was deleted.

config/var/www/admin/control-panel/classes/Router.php

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -60,7 +60,8 @@ public function dispatch($method, $path) {
6060
}
6161

6262
// No route found
63-
BaseController::notFound('Endpoint not found');
63+
http_response_code(404);
64+
echo json_encode(['error' => 'Endpoint not found']); // codacy:ignore - echo required for JSON API response
6465
}
6566

6667
/**

config/var/www/admin/control-panel/dashboard.css

Lines changed: 1 addition & 74 deletions
Original file line numberDiff line numberDiff line change
@@ -1219,82 +1219,9 @@ button:focus, select:focus, input:focus {
12191219
color: var(--info-color);
12201220
}
12211221

1222-
/* Utility Classes for JS-toggled styles */
1223-
.hidden {
1224-
display: none !important;
1225-
}
1226-
1227-
.visible {
1228-
display: block !important;
1229-
}
1230-
1231-
.visible-flex {
1232-
display: flex !important;
1233-
}
1234-
1235-
.spinning {
1236-
animation: spin 1s linear !important;
1237-
}
1238-
1239-
.fade-in {
1240-
opacity: 1 !important;
1241-
transition: opacity 0.3s ease;
1242-
}
1243-
1244-
/* Notification Styles */
1245-
.notification {
1246-
position: fixed;
1247-
top: 20px;
1248-
right: 20px;
1249-
padding: 15px 20px;
1250-
color: white;
1251-
border-radius: 8px;
1252-
box-shadow: 0 4px 12px rgba(0, 0, 0, 0.3);
1253-
z-index: 10000;
1254-
animation: slideIn 0.3s ease;
1255-
max-width: 300px;
1256-
}
1257-
1258-
.notification-success {
1259-
background: var(--success-color);
1260-
}
1261-
1262-
.notification-error {
1263-
background: var(--error-color);
1264-
}
1265-
1266-
.notification-info {
1267-
background: var(--info-color);
1268-
}
1269-
1270-
.notification.slide-out {
1271-
animation: slideOut 0.3s ease;
1272-
}
1273-
1274-
@keyframes slideIn {
1275-
from {
1276-
transform: translateX(400px);
1277-
opacity: 0;
1278-
}
1279-
to {
1280-
transform: translateX(0);
1281-
opacity: 1;
1282-
}
1283-
}
1284-
1285-
@keyframes slideOut {
1286-
from {
1287-
transform: translateX(0);
1288-
opacity: 1;
1289-
}
1290-
to {
1291-
transform: translateX(400px);
1292-
opacity: 0;
1293-
}
1294-
}
1295-
12961222
.empty-state.error .empty-state-icon {
12971223
color: var(--error-color);
12981224
}
12991225

13001226
/* External Services styles moved to external-services/external-services.css */
1227+

0 commit comments

Comments
 (0)