From f5c3e029b5626db75f40168f3e4e95b1d7b0ca86 Mon Sep 17 00:00:00 2001
From: Martin Ambrus <martin@martinambrus.com>
Date: Sat, 28 Oct 2017 18:59:16 +0200
Subject: [PATCH] feat: access log config setting and a real get-post-cookie
 logger

This is a very naive and primitive logger of user requests to the game.
To be used on systems where access to webserver's log data is not
available (especially if the webserver doesn't store POST data as well).
---
 .htaccess                        |   5 ++
 a2b.php                          |   3 +
 a2b2.php                         |   3 +
 activate.php                     |   4 ++
 ajax.php                         |  23 +++++++
 allianz.php                      |   4 ++
 anleitung.php                    |   3 +
 anmelden.php                     |   4 ++
 banned.php                       |   5 +-
 berichte.php                     |   4 ++
 build.php                        |   4 ++
 celebration.php                  |   4 ++
 create_account.php               |   2 +
 crop_finder.php                  |   3 +
 dorf1.php                        |   4 ++
 dorf2.php                        |   4 ++
 dorf3.php                        |   4 ++
 impressum.php                    |   3 +
 index.php                        |   9 ++-
 install/data/constant_format.tpl |   4 ++
 karte.php                        |   4 ++
 karte2.php                       |   6 +-
 login.php                        |   5 +-
 logout.php                       |   4 ++
 massmessage.php                  |   6 +-
 nachrichten.php                  |   6 +-
 packages.php                     |   4 ++
 password.php                     |   3 +
 plus.php                         |   4 ++
 plus1.php                        |   4 ++
 rules.php                        |   4 ++
 spieler.php                      |   4 ++
 spielregeln.php                  |   3 +
 src/Database/IDbConnection.php   |   2 +-
 src/Utils/AccessLogger.php       | 112 +++++++++++++++++++++++++++++++
 src/Utils/Math.php               |   2 +-
 statistiken.php                  |   4 ++
 support.php                      |   6 +-
 sysmsg.php                       |   4 ++
 tutorial.php                     |   3 +
 var/log/access.log               |   0
 version.php                      |   4 ++
 warsim.php                       |   4 ++
 winner.php                       |   4 ++
 44 files changed, 291 insertions(+), 10 deletions(-)
 create mode 100644 src/Utils/AccessLogger.php
 create mode 100644 var/log/access.log

diff --git a/.htaccess b/.htaccess
index 69a1060b..558b1059 100644
--- a/.htaccess
+++ b/.htaccess
@@ -8,6 +8,11 @@
     Deny from all
 </Files>
 
+<Files "*.log">
+    Order Allow,Deny
+    Deny from all
+</Files>
+
 <Files "installed">
     Order Allow,Deny
     Deny from all
diff --git a/a2b.php b/a2b.php
index 62e5b0cc..8bcec895 100644
--- a/a2b.php
+++ b/a2b.php
@@ -9,7 +9,10 @@
 ##                                                                             ##
 #################################################################################
 
+use App\Utils\AccessLogger;
+
 include("GameEngine/Village.php");
+AccessLogger::logRequest();
 
 $start = $generator->pageLoadTimeStart();
 if(isset($_GET['newdid'])) {
diff --git a/a2b2.php b/a2b2.php
index af0001ec..caa19e09 100644
--- a/a2b2.php
+++ b/a2b2.php
@@ -10,8 +10,11 @@
 ##                                                                             ##
 #################################################################################
 
+use App\Utils\AccessLogger;
 
 include("GameEngine/Village.php");
+AccessLogger::logRequest();
+
 $amount = $_SESSION['amount'];
 $start = $generator->pageLoadTimeStart();
 if(isset($_GET['newdid'])) {
diff --git a/activate.php b/activate.php
index ffcea1a9..171bcb98 100644
--- a/activate.php
+++ b/activate.php
@@ -10,7 +10,11 @@
 ##                                                                             ##
 #################################################################################
 
+use App\Utils\AccessLogger;
+
 include('GameEngine/Account.php');
+AccessLogger::logRequest();
+
 ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html>
diff --git a/ajax.php b/ajax.php
index e6a38155..d337d54e 100644
--- a/ajax.php
+++ b/ajax.php
@@ -9,6 +9,29 @@
 ##                                                                             ##
 #################################################################################
 
+// even with autoloader created, we can't use it here yet, as it's not been created
+// ... so, let's see where it is and include it
+$autoloader_found = false;
+// go max 5 levels up - we don't have folders that go deeper than that
+for ($i = 0; $i < 5; $i++) {
+    $autoprefix = str_repeat('../', $i);
+    if (file_exists($autoprefix.'autoloader.php')) {
+        $autoloader_found = true;
+        include_once $autoprefix.'autoloader.php';
+        break;
+    }
+}
+
+if (!$autoloader_found) {
+    die('Could not find autoloading class.');
+}
+
+// we need config to determine whether to log access or not
+include_once($autoprefix.'GameEngine/config.php');
+
+use App\Utils\AccessLogger;
+AccessLogger::logRequest();
+
 switch($_GET['f']) {
 	case 'k7':
 	    header('Content-Type: application/json');
diff --git a/allianz.php b/allianz.php
index 3aa6dcb6..6ff74035 100644
--- a/allianz.php
+++ b/allianz.php
@@ -1,8 +1,12 @@
 <?php
 //fix by ronix
+use App\Utils\AccessLogger;
+
 if(isset($_GET['aid']) && !is_numeric($_GET['aid'])) die('Hacking Attemp');
 include ("GameEngine/Village.php");
 include ("GameEngine/Chat.php");
+AccessLogger::logRequest();
+
 $start = $generator->pageLoadTimeStart();
 $alliance->procAlliance($_GET);
 if(isset($_GET['newdid'])) {
diff --git a/anleitung.php b/anleitung.php
index 3fe2ff13..813de02d 100644
--- a/anleitung.php
+++ b/anleitung.php
@@ -9,9 +9,12 @@
 ##                                                                             ##
 #################################################################################
 
+use App\Utils\AccessLogger;
+
 include("GameEngine/config.php");
 include("GameEngine/Database.php");
 include("GameEngine/Lang/".LANG.".php");
+AccessLogger::logRequest();
 ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
diff --git a/anmelden.php b/anmelden.php
index 61408c99..a4257ebc 100644
--- a/anmelden.php
+++ b/anmelden.php
@@ -10,12 +10,16 @@
 ##                                                                             ##
 #################################################################################
 
+use App\Utils\AccessLogger;
+
 if(!file_exists('var/installed') && @opendir('install')) {
     header("Location: install/");
     exit;
 }
 
 include('GameEngine/Account.php');
+AccessLogger::logRequest();
+
 $invited=(isset($_GET['uid'])) ? filter_var($_GET['uid'], FILTER_SANITIZE_NUMBER_INT):$form->getError('invt');
 ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
diff --git a/banned.php b/banned.php
index 17eb3f83..b16af3ba 100644
--- a/banned.php
+++ b/banned.php
@@ -9,9 +9,12 @@
 ##                                                                             ##
 #################################################################################
 
+use App\Utils\AccessLogger;
+
 include("GameEngine/Village.php");
-$start = $generator->pageLoadTimeStart();
+AccessLogger::logRequest();
 
+$start = $generator->pageLoadTimeStart();
 if($session->access == BANNED){
 ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
diff --git a/berichte.php b/berichte.php
index 669d6993..d96ecc8a 100644
--- a/berichte.php
+++ b/berichte.php
@@ -10,7 +10,11 @@
 ##                                                                             ##
 #################################################################################
 
+use App\Utils\AccessLogger;
+
 include("GameEngine/Village.php");
+AccessLogger::logRequest();
+
 $start = $generator->pageLoadTimeStart();
 $message->noticeType($_GET);
 $message->procNotice($_POST);
diff --git a/build.php b/build.php
index 855c6dd2..c1b35be2 100644
--- a/build.php
+++ b/build.php
@@ -10,9 +10,13 @@
 ##                                                                             ##
 #################################################################################
 
+use App\Utils\AccessLogger;
+
 ob_start();
 include_once("GameEngine/Village.php");
 include_once("GameEngine/Units.php");
+AccessLogger::logRequest();
+
 if(isset($_GET['newdid'])) {
 	$_SESSION['wid'] = $_GET['newdid'];
 	header("Location: ".$_SERVER['PHP_SELF'].(isset($_GET['id'])?'?id='.$_GET['id']:(isset($_GET['gid'])?'?gid='.$_GET['gid']:'')));
diff --git a/celebration.php b/celebration.php
index 036a8ef2..5fbc6843 100644
--- a/celebration.php
+++ b/celebration.php
@@ -8,7 +8,11 @@
 ##  Copyright:     TravianX (c) 2010-2011. All rights reserved.                ##
 ##                                                                             ##
 #################################################################################
+use App\Utils\AccessLogger;
+
 include("GameEngine/Village.php");
+AccessLogger::logRequest();
+
 if(isset($_GET['newdid'])){
 	$_SESSION['wid'] = $_GET['newdid'];
 	header("Location: ".$_SERVER['PHP_SELF']);
diff --git a/create_account.php b/create_account.php
index ef60d080..e1f04472 100644
--- a/create_account.php
+++ b/create_account.php
@@ -19,6 +19,7 @@
 
 
 use App\Entity\User;
+use App\Utils\AccessLogger;
 
 global $autoprefix;
 
@@ -34,6 +35,7 @@
 
 include_once ($autoprefix."GameEngine/Session.php");
 include_once ($autoprefix."GameEngine/config.php");
+AccessLogger::logRequest();
 
 
 /**
diff --git a/crop_finder.php b/crop_finder.php
index 8374086d..9852e54c 100644
--- a/crop_finder.php
+++ b/crop_finder.php
@@ -8,7 +8,10 @@
 | Copyright:     TravianX Project All rights reserved     |
 \*-------------------------------------------------------*/
 
+   use App\Utils\AccessLogger;
+
    include ("GameEngine/Village.php");
+   AccessLogger::logRequest();
 
    if($session->goldclub == 0) {
 	   header("Location: plus.php?id=3");
diff --git a/dorf1.php b/dorf1.php
index 06ca73f1..2bc5bbcf 100644
--- a/dorf1.php
+++ b/dorf1.php
@@ -9,7 +9,11 @@
 ##  Copyright:     TravianX (c) 2010-2011. All rights reserved.                ##
 ##                                                                             ##
 #################################################################################
+use App\Utils\AccessLogger;
+
 include("GameEngine/Village.php");
+AccessLogger::logRequest();
+
 $start = $generator->pageLoadTimeStart();
 if(isset($_GET['ok'])){
 	$database->updateUserField($session->uid,'ok','0','1'); $_SESSION['ok'] = '0';
diff --git a/dorf2.php b/dorf2.php
index 4c52c77f..4e1d3425 100644
--- a/dorf2.php
+++ b/dorf2.php
@@ -9,7 +9,11 @@
 ##  Copyright:     TravianX (c) 2010-2011. All rights reserved.                ##
 ##                                                                             ##
 #################################################################################
+use App\Utils\AccessLogger;
+
 include("GameEngine/Village.php");
+AccessLogger::logRequest();
+
 $start = $generator->pageLoadTimeStart();
 if(isset($_GET['newdid'])) {
     $_SESSION['wid'] = $_GET['newdid'];
diff --git a/dorf3.php b/dorf3.php
index 65b9f00a..c37f105b 100644
--- a/dorf3.php
+++ b/dorf3.php
@@ -11,7 +11,11 @@
 #################################################################################
 
 
+use App\Utils\AccessLogger;
+
 include("GameEngine/Village.php");
+AccessLogger::logRequest();
+
 $start = $generator->pageLoadTimeStart();
 if(isset($_GET['newdid'])) {
     $_SESSION['wid'] = $_GET['newdid'];
diff --git a/impressum.php b/impressum.php
index ddd47fbc..6eda0704 100644
--- a/impressum.php
+++ b/impressum.php
@@ -14,9 +14,12 @@
 ##                                                                             ##
 #################################################################################
 
+use App\Utils\AccessLogger;
+
 include("GameEngine/config.php");
 include("GameEngine/Database.php");
 include("GameEngine/Lang/".LANG.".php");
+AccessLogger::logRequest();
 ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
diff --git a/index.php b/index.php
index 5787cc41..bd5c8b99 100644
--- a/index.php
+++ b/index.php
@@ -1,4 +1,6 @@
 <?php
+use App\Utils\AccessLogger;
+
 #################################################################################
 ##                                                                             ##
 ##              -= YOU MUST NOT REMOVE OR CHANGE THIS NOTICE =-                ##
@@ -44,8 +46,11 @@
 {
     die('Security: Please activate security class!');
 }
-include ("GameEngine/Database.php");
-include ("GameEngine/Lang/".LANG.".php");
+
+include_once "GameEngine/Database.php";
+include_once "GameEngine/Lang/".LANG.".php";
+
+AccessLogger::logRequest();
 ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
diff --git a/install/data/constant_format.tpl b/install/data/constant_format.tpl
index 026d87ce..693fe078 100644
--- a/install/data/constant_format.tpl
+++ b/install/data/constant_format.tpl
@@ -305,6 +305,10 @@ define("MULTIHUNTER",8);
 define("ADMIN",9);
 define("COOKIE_EXPIRE", 60*60*24*7); 
 define("COOKIE_PATH", "/"); 
+define("LOG_PAGE_ACCESS", false);
+define("PAGE_ACCESS_LOG_DATE", true);
+define("PAGE_ACCESS_LOG_IP", true);
+define("PAGE_ACCESS_LOG_FILENAME", 'access.log'); // filename ONLY, no path!
 
 
 ////////////////////////////////////////////
diff --git a/karte.php b/karte.php
index fc68fb4a..8c732225 100644
--- a/karte.php
+++ b/karte.php
@@ -10,8 +10,12 @@
 ##                                                                             ##
 #################################################################################
 
+use App\Utils\AccessLogger;
+
 if(isset($_GET['z']) && !is_numeric($_GET['z'])) die('Hacking Attempt');
 include("GameEngine/Village.php");
+AccessLogger::logRequest();
+
 $start = $generator->pageLoadTimeStart();
 if(isset($_GET['newdid'])) {
 	$_SESSION['wid'] = $_GET['newdid'];
diff --git a/karte2.php b/karte2.php
index ba18f111..f94e7478 100644
--- a/karte2.php
+++ b/karte2.php
@@ -8,8 +8,12 @@
 ##  Copyright:     TravianX (c) 2010-2011. All rights reserved.                ##
 ##                                                                             ##
 #################################################################################
+use App\Utils\AccessLogger;
+
 include("GameEngine/Village.php");
-	$building->procBuild($_GET);
+AccessLogger::logRequest();
+
+$building->procBuild($_GET);
 if($session->plus){
 ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
diff --git a/login.php b/login.php
index 133ec212..f8cd8311 100644
--- a/login.php
+++ b/login.php
@@ -10,13 +10,16 @@
 ##                                                                             ##
 #################################################################################
 
+use App\Utils\AccessLogger;
+
 if(!file_exists('var/installed') && @opendir('install')) {
     header("Location: install/");
     exit;
 }
 
-error_reporting(E_ALL);
 include("GameEngine/Account.php");
+AccessLogger::logRequest();
+
 if(isset($_GET['del_cookie'])) {
 	setcookie("COOKUSR","",time()-3600*24,"/");
 	header("Location: login.php");
diff --git a/logout.php b/logout.php
index 8608e7db..3e8dab5b 100644
--- a/logout.php
+++ b/logout.php
@@ -11,7 +11,11 @@
 #################################################################################
 
 
+use App\Utils\AccessLogger;
+
 include("GameEngine/Account.php");
+AccessLogger::logRequest();
+
 $start = $generator->pageLoadTimeStart();
 ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
diff --git a/massmessage.php b/massmessage.php
index cd98930d..beb65e5e 100644
--- a/massmessage.php
+++ b/massmessage.php
@@ -10,7 +10,11 @@
 ##                                                                             ##
 #################################################################################
 
+use App\Utils\AccessLogger;
+
 include_once("GameEngine/Account.php");
+AccessLogger::logRequest();
+
 $max_per_pass = 1000;
 
 if (mysqli_num_rows(mysqli_query($GLOBALS['link'],"SELECT id FROM ".TB_PREFIX."users WHERE access = 9 AND id = ".(int) $session->uid)) != '1') die("Hacking attemp!");
@@ -189,7 +193,7 @@ function toggleDisplay(e){
 <?php echo MASS_UNITS; ?>
 <a href="javascript:toggleDisplay('message_smilies')"><?php echo MASS_SHOWHIDE; ?></a>
 
-<div id="smilll" id="message_smilies" style="background:none repeat scroll 0 0 #EFEFEF;border:1px solid #71D000;left:20px;margin-top:5px;max-width:660px;padding:5px;position:relative;display: none;">
+<div id="message_smilies" style="background:none repeat scroll 0 0 #EFEFEF;border:1px solid #71D000;left:20px;margin-top:5px;max-width:660px;padding:5px;position:relative;display: none;">
 <?php echo MASS_READ; ?>
 <a href="#" onclick="smilie('*u1*')"><img src="img/x.gif" class="uu1" /></a>
 <a href="#" onclick="smilie('*u2*')"><img src="img/x.gif" class="uu2" /></a>
diff --git a/nachrichten.php b/nachrichten.php
index 9561d9db..a74b9a56 100644
--- a/nachrichten.php
+++ b/nachrichten.php
@@ -11,10 +11,14 @@
 #################################################################################
 
 
+use App\Utils\AccessLogger;
+
 include("GameEngine/Village.php");
+AccessLogger::logRequest();
+
 $start = $generator->pageLoadTimeStart();
 $message->procMessage($_POST);
-if($_GET['t'] == 1){
+if(isset($_GET['t']) && $_GET['t'] == 1){
 	$automation->isWinner();
 }
 if(isset($_GET['newdid'])) {
diff --git a/packages.php b/packages.php
index e25c96df..4f3dd5db 100644
--- a/packages.php
+++ b/packages.php
@@ -9,7 +9,11 @@
 ##                                                                             ##
 #################################################################################
 
+use App\Utils\AccessLogger;
+
 include("GameEngine/Village.php");
+AccessLogger::logRequest();
+
 $start = $generator->pageLoadTimeStart();
 $id = $_GET['id'];
 if($session->access != BANNED){
diff --git a/password.php b/password.php
index b326b749..ee49ed5a 100644
--- a/password.php
+++ b/password.php
@@ -9,6 +9,8 @@
 ##  Copyright:     TravianX (c) 2010-2011. All rights reserved.                ##
 ##                                                                             ##
 #################################################################################
+use App\Utils\AccessLogger;
+
 if(!file_exists('var/installed') && @opendir('install')) {
 	header("Location: install/");
 	exit;
@@ -18,6 +20,7 @@
 include("GameEngine/Database.php");
 include("GameEngine/Mailer.php");
 include("GameEngine/Generator.php");
+AccessLogger::logRequest();
 
 if(!isset($_REQUEST['npw'])){
 	header("Location: login.php");
diff --git a/plus.php b/plus.php
index a90dfdc6..b0fbc6be 100644
--- a/plus.php
+++ b/plus.php
@@ -11,7 +11,11 @@
 #################################################################################
 
 
+use App\Utils\AccessLogger;
+
 include("GameEngine/Village.php");
+AccessLogger::logRequest();
+
 $start = $generator->pageLoadTimeStart();
 if(isset($_GET['newdid'])) {
 	$_SESSION['wid'] = $_GET['newdid'];
diff --git a/plus1.php b/plus1.php
index b244e6d1..291ada13 100644
--- a/plus1.php
+++ b/plus1.php
@@ -1,6 +1,10 @@
 <?php
 
+use App\Utils\AccessLogger;
+
 include("GameEngine/Village.php");
+AccessLogger::logRequest();
+
 $start = $generator->pageLoadTimeStart();
 if(isset($_GET['newdid'])) {
 	$_SESSION['wid'] = $_GET['newdid'];
diff --git a/rules.php b/rules.php
index df3faf5b..dca15735 100644
--- a/rules.php
+++ b/rules.php
@@ -11,7 +11,11 @@
 #################################################################################
 
 
+use App\Utils\AccessLogger;
+
 include("GameEngine/Village.php");
+AccessLogger::logRequest();
+
 $start = $generator->pageLoadTimeStart();
 if(isset($_GET['newdid'])) {
 	$_SESSION['wid'] = $_GET['newdid'];
diff --git a/spieler.php b/spieler.php
index d2a181be..0ce69f1e 100644
--- a/spieler.php
+++ b/spieler.php
@@ -9,8 +9,12 @@
 ##  Copyright:     TravianX (c) 2010-2011. All rights reserved.                ##
 ##                                                                             ##
 #################################################################################
+use App\Utils\AccessLogger;
+
 ob_start();
 include("GameEngine/Village.php");
+AccessLogger::logRequest();
+
 $start = $generator->pageLoadTimeStart();
 $profile->procProfile($_POST);
 $profile->procSpecial($_GET);
diff --git a/spielregeln.php b/spielregeln.php
index 0c020b88..b0d12012 100644
--- a/spielregeln.php
+++ b/spielregeln.php
@@ -9,9 +9,12 @@
 ##                                                                             ##
 #################################################################################
 
+use App\Utils\AccessLogger;
+
 include("GameEngine/config.php");
 include("GameEngine/Database.php");
 include("GameEngine/Lang/".LANG.".php");
+AccessLogger::logRequest();
 ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
diff --git a/src/Database/IDbConnection.php b/src/Database/IDbConnection.php
index 2d4a4062..6a0c4993 100644
--- a/src/Database/IDbConnection.php
+++ b/src/Database/IDbConnection.php
@@ -3,7 +3,7 @@
 ##              -= YOU MAY NOT REMOVE OR CHANGE THIS NOTICE =-                 ##
 ## --------------------------------------------------------------------------- ##
 ##  Project:       TravianZ                                                    ##
-##  Filename       User.php                                                    ##
+##  Filename       IDbConnection.php                                           ##
 ##  Developed by:  martinambrus                                                ##
 ##  License:       TravianZ Project                                            ##
 ##  Copyright:     TravianZ (c) 2010-2017. All rights reserved.                ##
diff --git a/src/Utils/AccessLogger.php b/src/Utils/AccessLogger.php
new file mode 100644
index 00000000..1d95e1e3
--- /dev/null
+++ b/src/Utils/AccessLogger.php
@@ -0,0 +1,112 @@
+<?php
+#################################################################################
+##              -= YOU MAY NOT REMOVE OR CHANGE THIS NOTICE =-                 ##
+## --------------------------------------------------------------------------- ##
+##  Project:       TravianZ                                                    ##
+##  Filename       AccessLogger.php                                            ##
+##  Developed by:  martinambrus                                                ##
+##  License:       TravianZ Project                                            ##
+##  Copyright:     TravianZ (c) 2010-2017. All rights reserved.                ##
+##  URLs:          https://travian.martinambrus.com                		       ##
+##  Source code:   https://github.com/Shadowss/TravianZ		                   ##
+##                                                                             ##
+#################################################################################
+
+namespace App\Utils;
+
+/** 
+ * Logs all user access (URLs, REQUEST data, Cookies...)
+ * into a file. Usually used in hostings that do not provide
+ * web server access logs, let alone ones that include
+ * POST data and Cookies.
+ * 
+ * @author martinambrus
+ */
+class AccessLogger {
+
+    /**
+     * Logs current request into a file defined via config constant.
+     */
+    public static function logRequest() {
+        try {
+            if (defined('LOG_PAGE_ACCESS') && LOG_PAGE_ACCESS) {
+                // go max 5 levels up - we don't have folders that go deeper than that
+                $autoprefix = '';
+                for ($i = 0; $i < 5; $i++) {
+                    $autoprefix = str_repeat('../', $i);
+                    if (file_exists($autoprefix.'autoloader.php')) {
+                        // we have our path, let's leave
+                        break;
+                    }
+                }
+
+                // determine log file name
+                $fname = $autoprefix.'var/log/'.(defined('PAGE_ACCESS_LOG_FILENAME') ? PAGE_ACCESS_LOG_FILENAME : 'access.log');
+
+                // prepare a prefix for the log record
+                $prefix = [];
+
+                // add date
+                if (!defined('PAGE_ACCESS_LOG_DATE') || (defined('PAGE_ACCESS_LOG_DATE') && PAGE_ACCESS_LOG_DATE)) {
+                    $prefix[] = date('j.m.Y H:i:s');
+                }
+
+                // add IP
+                if (!defined('PAGE_ACCESS_LOG_IP') || (defined('PAGE_ACCESS_LOG_IP') && PAGE_ACCESS_LOG_IP)) {
+                    $prefix[] = $_SERVER['REMOTE_ADDR'];
+                }
+
+                // add the actual file name
+                $prefix[] = $_SERVER['PHP_SELF'];
+
+                // make prefix a string
+                $prefix = implode(" ", $prefix);
+
+                // add cookie info
+                if (count($_COOKIE)) {
+                    $out = [];
+                    foreach ($_COOKIE as $key => $value) {
+                        $out[] = $key.'='.$value;
+                    }
+
+                    // write the log line
+                    $cookie = implode("&", $out);
+                } else {
+                    $cookie = '';
+                }
+
+                // add GET info
+                if (count($_GET)) {
+                    $out = [];
+                    foreach ($_GET as $key => $value) {
+                        $out[] = $key.'='.$value;
+                    }
+
+                    $get_info = '?'.implode("&", $out);
+                } else {
+                    $get_info = '';
+                }
+
+                // write the log line
+                file_put_contents($fname, $prefix . $get_info . "\t" . $cookie . "\n", FILE_APPEND);
+
+                // add POST info
+                if (count($_POST)) {
+                    $out = [];
+                    foreach ($_POST as $key => $value) {
+                        $out[] = $key.'='.$value;
+                    }
+
+                    // write the log line
+                    file_put_contents($fname, "[POSTDATA] " . implode("&", $out) . "\n", FILE_APPEND);
+                }
+            }
+
+            return true;
+        } catch (\Exception $e) {
+            // we shouldn't raise exceptions if we can't log for some reason
+            // but we definitelly should return false
+            return false;
+        }
+    }
+}
\ No newline at end of file
diff --git a/src/Utils/Math.php b/src/Utils/Math.php
index 8807b52b..8310fb34 100644
--- a/src/Utils/Math.php
+++ b/src/Utils/Math.php
@@ -3,7 +3,7 @@
 ##              -= YOU MAY NOT REMOVE OR CHANGE THIS NOTICE =-                 ##
 ## --------------------------------------------------------------------------- ##
 ##  Project:       TravianZ                                                    ##
-##  Filename       User.php                                                    ##
+##  Filename       Math.php                                                    ##
 ##  Developed by:  martinambrus                                                ##
 ##  License:       TravianZ Project                                            ##
 ##  Copyright:     TravianZ (c) 2010-2017. All rights reserved.                ##
diff --git a/statistiken.php b/statistiken.php
index 0fdd5b5b..269da1c4 100644
--- a/statistiken.php
+++ b/statistiken.php
@@ -11,7 +11,11 @@
 #################################################################################
 
 
+use App\Utils\AccessLogger;
+
 include("GameEngine/Village.php");
+AccessLogger::logRequest();
+
 $__start = $generator->pageLoadTimeStart();
 if(isset($_GET['rank'])){ $_POST['rank']==$_GET['rank']; }
 $_GET['aid'] = $session->alliance;
diff --git a/support.php b/support.php
index 0a07e109..f9ba4c77 100644
--- a/support.php
+++ b/support.php
@@ -9,7 +9,11 @@
 ##  Copyright:     TravianX (c) 2010-2011. All rights reserved.                ##
 ##                                                                             ##
 #################################################################################
-	include("GameEngine/Village.php");
+use App\Utils\AccessLogger;
+
+include("GameEngine/Village.php");
+AccessLogger::logRequest();
+
 $amount = $_SESSION['amount'];
 $start = $generator->pageLoadTimeStart();
 if(isset($_GET['newdid'])) {
diff --git a/sysmsg.php b/sysmsg.php
index 44fa0eba..606aed38 100644
--- a/sysmsg.php
+++ b/sysmsg.php
@@ -9,7 +9,11 @@
 ##                                                                             ##
 #################################################################################
 
+use App\Utils\AccessLogger;
+
 include_once("GameEngine/Account.php");
+AccessLogger::logRequest();
+
 $max_per_pass = 1000;
 if (mysqli_num_rows(mysqli_query($GLOBALS['link'],"SELECT id FROM ".TB_PREFIX."users WHERE access = 9 AND id = ".$session->uid)) != '1') die("Hacking attempt!");
 
diff --git a/tutorial.php b/tutorial.php
index 23e390bf..5f5be032 100644
--- a/tutorial.php
+++ b/tutorial.php
@@ -10,9 +10,12 @@
 ##                                                                             ##
 #################################################################################
 
+use App\Utils\AccessLogger;
+
 include("GameEngine/config.php");
 include("GameEngine/Database.php");
 include("GameEngine/Lang/".LANG.".php");
+AccessLogger::logRequest();
 ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
diff --git a/var/log/access.log b/var/log/access.log
new file mode 100644
index 00000000..e69de29b
diff --git a/version.php b/version.php
index 02651b02..feaa7f3f 100644
--- a/version.php
+++ b/version.php
@@ -11,7 +11,11 @@
 #################################################################################
 
 
+use App\Utils\AccessLogger;
+
 include("GameEngine/Village.php");
+AccessLogger::logRequest();
+
 $amount = $_SESSION['amount'];
 $start = $generator->pageLoadTimeStart();
 if(isset($_GET['newdid'])) {
diff --git a/warsim.php b/warsim.php
index f8c51166..b9c3c239 100644
--- a/warsim.php
+++ b/warsim.php
@@ -11,7 +11,11 @@
 #################################################################################
 
 
+use App\Utils\AccessLogger;
+
 include("GameEngine/Village.php");
+AccessLogger::logRequest();
+
 $start = $generator->pageLoadTimeStart();
 $battle->procSim($_POST);
 ?>
diff --git a/winner.php b/winner.php
index d935add9..76fda738 100644
--- a/winner.php
+++ b/winner.php
@@ -18,6 +18,8 @@
 ## 										##
 #################################################################################
 
+use App\Utils\AccessLogger;
+
 if (!function_exists('mysqli_result')) {
     function mysqli_result($res, $row, $field=0) {
         $res->data_seek($row);
@@ -27,6 +29,8 @@ function mysqli_result($res, $row, $field=0) {
 }
 
 include("GameEngine/Village.php");
+AccessLogger::logRequest();
+
 $start = $generator->pageLoadTimeStart();
 if(isset($_GET['newdid'])) {
 	$_SESSION['wid'] = $_GET['newdid'];