From d5ecb09137db77a22c5c8e8921ce68d5f1ea64e3 Mon Sep 17 00:00:00 2001
From: Remco <Remcojandijkstra@ziggo.nl>
Date: Mon, 19 Jan 2026 22:21:47 +0100
Subject: [PATCH] =?UTF-8?q?=F0=9F=86=99=20More=20fixes=20=F0=9F=86=99?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../Middleware/RealClientIpMiddleware.php     |  4 +-
 .../Http/Middleware/VPNCheckerMiddleware.php  | 43 ++++++++++++-------
 2 files changed, 31 insertions(+), 16 deletions(-)

diff --git a/Updated_Cms/app/Http/Middleware/RealClientIpMiddleware.php b/Updated_Cms/app/Http/Middleware/RealClientIpMiddleware.php
index 24c2f6bca3..66e014508b 100644
--- a/Updated_Cms/app/Http/Middleware/RealClientIpMiddleware.php
+++ b/Updated_Cms/app/Http/Middleware/RealClientIpMiddleware.php
@@ -42,6 +42,8 @@ class RealClientIpMiddleware
             }
         }
 
-        return $next($request);
+        $response = $next($request);
+        assert($response instanceof \Symfony\Component\HttpFoundation\Response);
+        return $response;
     }
 }
diff --git a/Updated_Cms/app/Http/Middleware/VPNCheckerMiddleware.php b/Updated_Cms/app/Http/Middleware/VPNCheckerMiddleware.php
index c29bf357fb..00a24aab00 100644
--- a/Updated_Cms/app/Http/Middleware/VPNCheckerMiddleware.php
+++ b/Updated_Cms/app/Http/Middleware/VPNCheckerMiddleware.php
@@ -15,17 +15,23 @@ class VPNCheckerMiddleware
     {
         // Skip check if vpn checker is disabled
         if (setting('vpn_block_enabled') === '0' || setting('ipdata_api_key') === 'ADD-API-KEY-HERE') {
-            return $next($request);
+            $response = $next($request);
+            assert($response instanceof Response);
+            return $response;
         }
 
         // Skip check if the rank is allowed to bypass the checker
         if (hasPermission('bypass_vpn')) {
-            return $next($request);
+            $response = $next($request);
+            assert($response instanceof Response);
+            return $response;
         }
 
         // Skip check if the IP is in the whitelist table
         if (WebsiteIpWhitelist::where('ip_address', $request->ip())->exists()) {
-            return $next($request);
+            $response = $next($request);
+            assert($response instanceof Response);
+            return $response;
         }
 
         // Restrict user if IP is blacklisted
@@ -38,18 +44,21 @@ class VPNCheckerMiddleware
         // Instantiate the necessary things to look up the visitor IP
         $ipService = new IpLookupService(setting('ipdata_api_key'));
         $userIp = $request->ip();
+        if (! is_string($userIp) || $userIp === '') {
+            $response = $next($request);
+            assert($response instanceof Response);
+            return $response;
+        }
         $apiResponse = $ipService->ipLookup($userIp);
 
         $asn = '';
-        if (is_array($apiResponse)) {
-            $asnSection = $apiResponse['asn'] ?? null;
-            if (is_array($asnSection)) {
-                $asnValue = $asnSection['asn'] ?? null;
-                if (is_string($asnValue)) {
-                    $asn = $asnValue;
-                } elseif (is_int($asnValue)) {
-                    $asn = (string) $asnValue;
-                }
+        $asnSection = $apiResponse['asn'] ?? null;
+        if (is_array($asnSection)) {
+            $asnValue = $asnSection['asn'] ?? null;
+            if (is_string($asnValue)) {
+                $asn = $asnValue;
+            } elseif (is_int($asnValue)) {
+                $asn = (string) $asnValue;
             }
         }
         $asnWhitelisted = WebsiteIpWhitelist::where('asn', $asn)
@@ -57,7 +66,9 @@ class VPNCheckerMiddleware
             ->exists();
 
         if ($asnWhitelisted) {
-            return $next($request);
+            $response = $next($request);
+            assert($response instanceof Response);
+            return $response;
         }
 
         // Fetch all blacklisted ASNs
@@ -72,7 +83,7 @@ class VPNCheckerMiddleware
             ]);
         }
 
-        if (is_array($apiResponse) && isset($apiResponse['threat']) && is_array($apiResponse['threat'])) {
+        if (isset($apiResponse['threat']) && is_array($apiResponse['threat'])) {
             $filteredThreats = array_diff_key(
                 $apiResponse['threat'],
                 array_flip(['blocklists', 'is_icloud_relay', 'is_datacenter', 'is_tor', 'is_proxy'])
@@ -90,6 +101,8 @@ class VPNCheckerMiddleware
             }
         }
 
-        return $next($request);
+        $response = $next($request);
+        assert($response instanceof Response);
+        return $response;
     }
 }