/** * @param string $filterListGlobal Run filters listed in a DonationInterface * global variable with name * @return bool */ protected function filter($filterListGlobal) { $functions = $this->gateway_adapter->getGlobal($filterListGlobal); if (!$this->gateway_adapter->getGlobal('EnableFunctionsFilter') || !count($functions)) { return true; } foreach ($functions as $function_name => $risk_score_modifier) { //run the function specified, if it exists. if (method_exists($this->gateway_adapter, $function_name)) { $score = $this->gateway_adapter->{$function_name}(); if (is_null($score)) { $score = 0; //TODO: Is this the correct behavior? } elseif (is_bool($score)) { $score = $score ? 0 : $risk_score_modifier; } elseif (is_numeric($score) && $score <= 100) { $score = $score * $risk_score_modifier / 100; } else { // error_log("Function Filter: $function_name returned $score"); throw new UnexpectedValueException("Filter functions are returning somekinda nonsense."); } $this->cfo->addRiskScore($score, $function_name); } } return TRUE; }
protected function filter() { // pull out the source from the filter object $source = $this->gateway_adapter->getData_Unstaged_Escaped('utm_source'); // a very complex filtering algorithm for sources $srcRules = $this->gateway_adapter->getGlobal('CustomFiltersSrcRules'); foreach ($srcRules as $regex => $risk_score_modifier) { /** * Note that regex pattern does not include delimiters. * These will need to be included in your custom regex patterns. */ if (preg_match("{$regex}", $source)) { $this->cfo->addRiskScore($risk_score_modifier, 'source'); // log it $log_msg = "\"" . addslashes($source) . "\""; $log_msg .= "\t\"" . addslashes($regex) . "\""; $log_msg .= "\t\"" . $this->cfo->getRiskScore() . "\""; $this->log($this->gateway_adapter->getData_Unstaged_Escaped('contribution_tracking_id'), 'Filter: Source', $log_msg); } } return TRUE; }
protected function filter() { // pull out the referrer from the gateway_adapter $referrer = $this->gateway_adapter->getData_Unstaged_Escaped('referrer'); // a very complex filtering algorithm for referrers $refRules = $this->gateway_adapter->getGlobal('CustomFiltersRefRules'); foreach ($refRules as $regex => $risk_score_modifier) { /** * note that the regex pattern does NOT include delimiters. * these will need to be included in your custom regex patterns. */ if (preg_match("{$regex}", $referrer)) { $this->cfo->addRiskScore($risk_score_modifier, 'referrer'); // log it //TODO: This sucks. $log_msg = "\"" . addslashes($referrer) . "\""; $log_msg .= "\t\"" . addslashes($regex) . "\""; $log_msg .= "\t\"" . $this->cfo->getRiskScore() . "\""; $this->log($this->gateway_adapter->getData_Unstaged_Escaped('contribution_tracking_id'), 'Filter: Referrer', $log_msg); } } return TRUE; }
/** * Execute the minFraud filter * * @return bool true */ protected function filter() { // see if we can bypass minfraud if ($this->can_bypass_minfraud()) { return TRUE; } $minfraud_query = $this->build_query($this->gateway_adapter->getData_Unstaged_Escaped()); $this->query_minfraud($minfraud_query); // Write the query/response to the log before we go mad. $this->log_query(); $this->health_check(); try { if (!isset($this->minfraudResponse['riskScore'])) { throw new RuntimeException("No response at all from minfraud."); } $this->cfo->addRiskScore($this->minfraudResponse['riskScore'], 'minfraud_filter'); } catch (Exception $ex) { //log out the whole response to the error log so we can tell what the heck happened... and fail closed. $log_message = 'Minfraud filter came back with some garbage. Assigning all the points.'; $this->fraud_logger->error('"addRiskScore" ' . $log_message); $this->cfo->addRiskScore(100, 'minfraud_filter'); } return TRUE; }
protected function filter() { $user_ip = $this->gateway_adapter->getData_Unstaged_Escaped('user_ip'); //first, handle the whitelist / blacklist before you do anything else. if (DataValidator::ip_is_listed($user_ip, $this->gateway_adapter->getGlobal('IPWhitelist'))) { $this->gateway_adapter->debugarray[] = "IP present in whitelist."; $this->cfo->addRiskScore(0, 'IPWhitelist'); return true; } // TODO: this blacklist business should happen elsewhere, and on every hit. if (DataValidator::ip_is_listed($user_ip, $this->gateway_adapter->getGlobal('IPBlacklist'))) { $this->gateway_adapter->debugarray[] = "IP present in blacklist."; $this->cfo->addRiskScore($this->gateway_adapter->getGlobal('IPVelocityFailScore'), 'IPBlacklist'); return true; } //if the user ip was in neither list, check the velocity. if ($this->connectToMemcache()) { $stored = $this->getMemcachedValue(); if (!$stored) { //we don't have anything in memcache for this dude yet. $this->gateway_adapter->debugarray[] = "Found no memcached data for {$user_ip}"; $this->cfo->addRiskScore(0, 'IPVelocityFilter'); //want to see the explicit zero return true; } else { $count = count($stored); $this->gateway_adapter->debugarray[] = "Found a memcached bit of data for {$user_ip}: " . print_r($stored, true); $this->gateway_logger->info("IPVelocityFilter: {$user_ip} has {$count} hits"); if ($count >= $this->gateway_adapter->getGlobal('IPVelocityThreshhold')) { $this->cfo->addRiskScore($this->gateway_adapter->getGlobal('IPVelocityFailScore'), 'IPVelocityFilter'); //cool off, sucker. Muahahaha. $this->addNowToMemcachedValue($stored, true); } else { $this->cfo->addRiskScore(0, 'IPVelocityFilter'); //want to see the explicit zero here, too. } } } //fail open, in case memcached doesn't work. return true; }