/**
* @param string $filterListGlobal Run filters listed in a DonationInterface
* global variable with name
* @return bool
*/
protected function filter($filterListGlobal)
{
$functions = $this->gateway_adapter->getGlobal($filterListGlobal);
if (!$this->gateway_adapter->getGlobal('EnableFunctionsFilter') || !count($functions)) {
return true;
}
foreach ($functions as $function_name => $risk_score_modifier) {
//run the function specified, if it exists.
if (method_exists($this->gateway_adapter, $function_name)) {
$score = $this->gateway_adapter->{$function_name}();
if (is_null($score)) {
$score = 0;
//TODO: Is this the correct behavior?
} elseif (is_bool($score)) {
$score = $score ? 0 : $risk_score_modifier;
} elseif (is_numeric($score) && $score <= 100) {
$score = $score * $risk_score_modifier / 100;
} else {
// error_log("Function Filter: $function_name returned $score");
throw new UnexpectedValueException("Filter functions are returning somekinda nonsense.");
}
$this->cfo->addRiskScore($score, $function_name);
}
}
return TRUE;
}
protected function filter()
{
// pull out the source from the filter object
$source = $this->gateway_adapter->getData_Unstaged_Escaped('utm_source');
// a very complex filtering algorithm for sources
$srcRules = $this->gateway_adapter->getGlobal('CustomFiltersSrcRules');
foreach ($srcRules as $regex => $risk_score_modifier) {
/**
* Note that regex pattern does not include delimiters.
* These will need to be included in your custom regex patterns.
*/
if (preg_match("{$regex}", $source)) {
$this->cfo->addRiskScore($risk_score_modifier, 'source');
// log it
$log_msg = "\"" . addslashes($source) . "\"";
$log_msg .= "\t\"" . addslashes($regex) . "\"";
$log_msg .= "\t\"" . $this->cfo->getRiskScore() . "\"";
$this->log($this->gateway_adapter->getData_Unstaged_Escaped('contribution_tracking_id'), 'Filter: Source', $log_msg);
}
}
return TRUE;
}
protected function filter()
{
// pull out the referrer from the gateway_adapter
$referrer = $this->gateway_adapter->getData_Unstaged_Escaped('referrer');
// a very complex filtering algorithm for referrers
$refRules = $this->gateway_adapter->getGlobal('CustomFiltersRefRules');
foreach ($refRules as $regex => $risk_score_modifier) {
/**
* note that the regex pattern does NOT include delimiters.
* these will need to be included in your custom regex patterns.
*/
if (preg_match("{$regex}", $referrer)) {
$this->cfo->addRiskScore($risk_score_modifier, 'referrer');
// log it
//TODO: This sucks.
$log_msg = "\"" . addslashes($referrer) . "\"";
$log_msg .= "\t\"" . addslashes($regex) . "\"";
$log_msg .= "\t\"" . $this->cfo->getRiskScore() . "\"";
$this->log($this->gateway_adapter->getData_Unstaged_Escaped('contribution_tracking_id'), 'Filter: Referrer', $log_msg);
}
}
return TRUE;
}
/**
* Execute the minFraud filter
*
* @return bool true
*/
protected function filter()
{
// see if we can bypass minfraud
if ($this->can_bypass_minfraud()) {
return TRUE;
}
$minfraud_query = $this->build_query($this->gateway_adapter->getData_Unstaged_Escaped());
$this->query_minfraud($minfraud_query);
// Write the query/response to the log before we go mad.
$this->log_query();
$this->health_check();
try {
if (!isset($this->minfraudResponse['riskScore'])) {
throw new RuntimeException("No response at all from minfraud.");
}
$this->cfo->addRiskScore($this->minfraudResponse['riskScore'], 'minfraud_filter');
} catch (Exception $ex) {
//log out the whole response to the error log so we can tell what the heck happened... and fail closed.
$log_message = 'Minfraud filter came back with some garbage. Assigning all the points.';
$this->fraud_logger->error('"addRiskScore" ' . $log_message);
$this->cfo->addRiskScore(100, 'minfraud_filter');
}
return TRUE;
}
protected function filter()
{
$user_ip = $this->gateway_adapter->getData_Unstaged_Escaped('user_ip');
//first, handle the whitelist / blacklist before you do anything else.
if (DataValidator::ip_is_listed($user_ip, $this->gateway_adapter->getGlobal('IPWhitelist'))) {
$this->gateway_adapter->debugarray[] = "IP present in whitelist.";
$this->cfo->addRiskScore(0, 'IPWhitelist');
return true;
}
// TODO: this blacklist business should happen elsewhere, and on every hit.
if (DataValidator::ip_is_listed($user_ip, $this->gateway_adapter->getGlobal('IPBlacklist'))) {
$this->gateway_adapter->debugarray[] = "IP present in blacklist.";
$this->cfo->addRiskScore($this->gateway_adapter->getGlobal('IPVelocityFailScore'), 'IPBlacklist');
return true;
}
//if the user ip was in neither list, check the velocity.
if ($this->connectToMemcache()) {
$stored = $this->getMemcachedValue();
if (!$stored) {
//we don't have anything in memcache for this dude yet.
$this->gateway_adapter->debugarray[] = "Found no memcached data for {$user_ip}";
$this->cfo->addRiskScore(0, 'IPVelocityFilter');
//want to see the explicit zero
return true;
} else {
$count = count($stored);
$this->gateway_adapter->debugarray[] = "Found a memcached bit of data for {$user_ip}: " . print_r($stored, true);
$this->gateway_logger->info("IPVelocityFilter: {$user_ip} has {$count} hits");
if ($count >= $this->gateway_adapter->getGlobal('IPVelocityThreshhold')) {
$this->cfo->addRiskScore($this->gateway_adapter->getGlobal('IPVelocityFailScore'), 'IPVelocityFilter');
//cool off, sucker. Muahahaha.
$this->addNowToMemcachedValue($stored, true);
} else {
$this->cfo->addRiskScore(0, 'IPVelocityFilter');
//want to see the explicit zero here, too.
}
}
}
//fail open, in case memcached doesn't work.
return true;
}
