/**
* Normalize referrer either by passing on the original, or grabbing it in the first place.
*/
protected function setReferrer()
{
if (!$this->isSomething('referrer') && !$this->gateway->isBatchProcessor()) {
// Remove protocol and query strings to avoid tripping modsecurity
// TODO it would be a lot more privacy respecting to omit path too.
$referrer = '';
$parts = parse_url(WmfFramework::getRequestHeader('referer'));
if (isset($parts['host'])) {
$referrer = $parts['host'];
if (isset($parts['path'])) {
$referrer .= $parts['path'];
}
}
$this->setVal('referrer', $referrer);
}
}
/**
* Builds minfraud query from user input
*
* Required:
* - city
* - country
* - i: Client IPA
* - license_key
* - postal
* - region
*
* Optional that we are sending:
* - bin: First 6 digits of the card
* - domain: send the domain of the email address
* - emailMD5: send an MD5 of the email address
* - txnID: The internal transaction id of the contribution.
*
* @param array $data
* @return array containing hash for minfraud query
*/
protected function build_query(array $data)
{
// mapping of data keys -> minfraud array keys
$map = array("city" => "city", "region" => "state", "postal" => "zip", "country" => "country", "domain" => "email", "emailMD5" => "email", "bin" => "card_num", "txnID" => "contribution_tracking_id");
$this->minfraudQuery = array();
// minfraud license key
$this->minfraudQuery["license_key"] = $this->minfraudLicenseKey;
// user's IP address
$this->minfraudQuery["i"] = $this->gateway_adapter->getData_Unstaged_Escaped('user_ip');
// We only have access to these fields when the user's request is still
// present, but not when in batch mode.
if (!$this->gateway_adapter->isBatchProcessor()) {
// user's user agent
$this->minfraudQuery['user_agent'] = WmfFramework::getRequestHeader('user-agent');
// user's language
$this->minfraudQuery['accept_language'] = WmfFramework::getRequestHeader('accept-language');
}
// fetch the array of country codes
$country_codes = CountryCodes::getCountryCodes();
// loop through the map and add pertinent values from $data to the hash
foreach ($map as $key => $value) {
// do some data processing to clean up values for minfraud
switch ($key) {
case "domain":
// get just the domain from the email address
$newdata[$value] = substr(strstr($data[$value], '@'), 1);
break;
case "bin":
// get just the first 6 digits from CC#... if we have one.
$bin = '';
if (isset($data[$value])) {
$bin = substr($data[$value], 0, 6);
}
$newdata[$value] = $bin;
break;
case "country":
$newdata[$value] = $country_codes[$data[$value]];
break;
case "emailMD5":
$newdata[$value] = $this->get_ccfd()->filter_field($key, $data[$value]);
break;
default:
$newdata[$value] = $data[$value];
}
$this->minfraudQuery[$key] = $newdata[$value];
}
return $this->minfraudQuery;
}