Ejegg has uploaded a new change for review.
https://gerrit.wikimedia.org/r/179039
Change subject: Update minfraud API to 1.60
......................................................................
Update minfraud API to 1.60
Tested locally, minfraud response is identical to version 1.54.
Tiny update to wrapper to keep (unused) numservers in sync if we
overrider server list.
TODO: include via Composer
Change-Id: I10fdf9c5775f42533abe5180231fdfbb416b006e
---
M extras/custom_filters/filters/minfraud/ccfd/Changes
M extras/custom_filters/filters/minfraud/ccfd/README.md
M extras/custom_filters/filters/minfraud/ccfd/src/CreditCardFraudDetection.php
M extras/custom_filters/filters/minfraud/ccfd/src/HTTPBase.php
M extras/custom_filters/filters/minfraud/ccfd/src/TelephoneVerification.php
M extras/custom_filters/filters/minfraud/minfraud.body.php
6 files changed, 539 insertions(+), 335 deletions(-)
git pull
ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/DonationInterface
refs/changes/39/179039/1
diff --git a/extras/custom_filters/filters/minfraud/ccfd/Changes
b/extras/custom_filters/filters/minfraud/ccfd/Changes
index e09f6e3..cd8e8f5 100644
--- a/extras/custom_filters/filters/minfraud/ccfd/Changes
+++ b/extras/custom_filters/filters/minfraud/ccfd/Changes
@@ -1,5 +1,16 @@
Revision history for MaxMind CreditCardFraudDetection PHP API
+1.60 Jul 23rd 2014
+
+ - Important: SSL certificates are now verified. If you use SSL and are on
+ a platform where cURL's cainfo is not set by default, you must either
+ set set curl.cainfo in your php.ini file or use the setCurlCaInfo()
+ method on the CreditCardFraudDetection object to set the certificates
+ to be used. (GitHub #11)
+ - Added a useUtf8(bool) method that can be used to enable the conversion
+ of the web service response to UTF-8. (GitHub #12)
+ - Undefined value warning fix. (GitHub #8)
+
1.54 Sept 1st 2013
- Remove custom DNS cache support. ( Boris Zentner )
diff --git a/extras/custom_filters/filters/minfraud/ccfd/README.md
b/extras/custom_filters/filters/minfraud/ccfd/README.md
index a5fee58..207b3b9 100644
--- a/extras/custom_filters/filters/minfraud/ccfd/README.md
+++ b/extras/custom_filters/filters/minfraud/ccfd/README.md
@@ -1,44 +1,41 @@
# Maxmind minFraud PHP API #
-## Installing with Composer ##
-
-### Define Your Dependencies ###
+## Install via Composer ##
We recommend installing this package with [Composer](http://getcomposer.org/).
-To do this, add ```minfraud/http``` to your ```composer.json``` file.
-```json
-{
- "require": {
- "minfraud/http": "~1.54"
- }
-}
+### Download Composer ###
+
+To download Composer, run in the root directory of your project:
+
+```bash
+curl -sS https://getcomposer.org/installer | php
```
-### Install Composer ###
-
-Run in your project root:
-
-```
-curl -s http://getcomposer.org/installer | php
-```
+You should now have the file `composer.phar` in your project directory.
### Install Dependencies ###
Run in your project root:
```
-php composer.phar install
+php composer.phar require minfraud/http:~1.60
```
+
+You should now have the files `composer.json` and `composer.lock` as well as
+the directory `vendor` in your project directory. If you use a version control
+system, `composer.json` should be added to it.
### Require Autoloader ###
-You can autoload all dependencies by adding this to your code:
-```
+After installing the dependencies, you need to require the Composer autoloader
+from your code:
+
+```php
require 'vendor/autoload.php';
```
-## Installing without Composer ##
+## Install without Composer ##
Place the files in the `src` directory in the `include_path` as specified in
your `php.ini` file or place them in the same directory as your PHP scripts.
@@ -74,21 +71,34 @@
$ccfs->query();
$outputs = $ccfs->output();
-print_r($outputs)
+print_r($outputs);
```
+
### $ccfs->isSecure ###
If isSecure is set to 0 then it uses regular HTTP. If isSecure is set to 1
-then it uses Secure HTTPS (requires Curl PHP binding)
+then it uses Secure HTTPS (requires Curl PHP binding).
-### $ccfs->input($hash) ###
+## $ccfs->useUtf8($bool)
-Takes a hash and uses it as input for the server. See
+If set to true, the output values will be converted from ISO 8859-1 to UTF-8.
+Defaults to false.
+
+## $ccfs->setCurlCaInfo($cert)
+
+Sets the path to the SSL certificate to be used by cURL. If this is not set,
+the default certificate is used. If no certificates are available and isSecure
+has not been disabled, the query will fail.
+
+### $ccfs->input($array) ###
+
+Takes an array of key/value pairs to use as input for the server. See
http://dev.maxmind.com/minfraud/ for details on input fields.
### $ccfs->query() ###
- Queries the server with the fields passed to the input method
- and stores the output.
+
+Queries the server with the fields passed to the input method
+and stores the output.
### $ccfs->output();
@@ -97,7 +107,7 @@
## Secure HTTPS ##
-Secure HTTPS is off by default. If you want secure HTTPS then you need to have
+Secure HTTPS is on by default. In order to use it, you need to have
the Curl PHP binding, the curl library and the OpenSSL library.
You can download the curl libary at:
@@ -110,15 +120,8 @@
2. Curl library
3. Curl PHP binding
-Once you have installed these, you can turn on Secure HTTPS by setting:
-
-```php
-$ccfs->isSecure = 1;
-```
-where `$ccfs` is the CreditCardFraudDetection object.
-
===============================
-Copyright (c) 2013, MaxMind, Inc
+Copyright (c) 2014, MaxMind, Inc
All rights reserved. This package is licensed under the LGPL. For details
see the COPYING file.
diff --git
a/extras/custom_filters/filters/minfraud/ccfd/src/CreditCardFraudDetection.php
b/extras/custom_filters/filters/minfraud/ccfd/src/CreditCardFraudDetection.php
index 5b6b5ba..06718c9 100644
---
a/extras/custom_filters/filters/minfraud/ccfd/src/CreditCardFraudDetection.php
+++
b/extras/custom_filters/filters/minfraud/ccfd/src/CreditCardFraudDetection.php
@@ -19,70 +19,115 @@
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
-require_once ("HTTPBase.php");
-class CreditCardFraudDetection extends HTTPBase {
- public $server;
- public $numservers;
- public $API_VERSION;
+require_once 'HTTPBase.php';
+class CreditCardFraudDetection extends HTTPBase
+{
+ /**
+ * Default servers to query.
+ *
+ * @var array
+ */
+ public $server = array(
+ 'minfraud.maxmind.com',
+ 'minfraud-us-east.maxmind.com',
+ 'minfraud-us-west.maxmind.com'
+ );
- function CreditCardFraudDetection() {
- $this->HTTPBase();
- $this->isSecure = 1; // use HTTPS by default
+ /**
+ * The numbers of servers to query.
+ *
+ * @var int
+ */
+ public $numservers = 0;
- //set the allowed_fields hash
- $this->allowed_fields["i"] = 1;
- $this->allowed_fields["domain"] = 1;
- $this->allowed_fields["city"] = 1;
- $this->allowed_fields["region"] = 1;
- $this->allowed_fields["postal"] = 1;
- $this->allowed_fields["country"] = 1;
- $this->allowed_fields["bin"] = 1;
- $this->allowed_fields["binName"] = 1;
- $this->allowed_fields["binPhone"] = 1;
- $this->allowed_fields["custPhone"] = 1;
- $this->allowed_fields["license_key"] = 1;
- $this->allowed_fields["requested_type"] = 1;
- $this->allowed_fields["forwardedIP"] = 1;
- $this->allowed_fields["emailMD5"] = 1;
- $this->allowed_fields["shipAddr"] = 1;
- $this->allowed_fields["shipCity"] = 1;
- $this->allowed_fields["shipRegion"] = 1;
- $this->allowed_fields["shipPostal"] = 1;
- $this->allowed_fields["shipCountry"] = 1;
- $this->allowed_fields["txnID"] = 1;
- $this->allowed_fields["sessionID"] = 1;
- $this->allowed_fields["usernameMD5"] = 1;
- $this->allowed_fields["passwordMD5"] = 1;
- $this->allowed_fields["user_agent"] = 1;
- $this->allowed_fields["accept_language"] = 1;
- $this->allowed_fields["avs_result"] = 1;
- $this->allowed_fields["cvv_result"] = 1;
- $this->allowed_fields["order_amount"] = 1;
- $this->allowed_fields["order_currency"] = 1;
- $this->allowed_fields["shopID"] = 1;
- $this->allowed_fields["txn_type"] = 1;
+ /**
+ * The URL Path to use.
+ *
+ * @var string
+ */
+ public $url = 'app/ccv2r';
- $this->num_allowed_fields = count($this->allowed_fields);
+ /**
+ * Set isSecure to true by default.
+ *
+ * @var bool
+ */
+ public $isSecure = true;
- //set the url of the web service
- $this->url = "app/ccv2r";
- $this->check_field = "countryMatch";
- $this->server = array( "minfraud.maxmind.com",
"minfraud-us-east.maxmind.com", "minfraud-us-west.maxmind.com");
- $this->numservers = count($this->server);
- $this->API_VERSION = 'PHP/1.54';
- }
+ /**
+ * Set the default allowed fields.
+ *
+ * @var array
+ */
+ public $allowed_fields = array(
+ 'i' => true,
+ 'domain' => true,
+ 'city' => true,
+ 'region' => true,
+ 'postal' => true,
+ 'country' => true,
+ 'bin' => true,
+ 'binName' => true,
+ 'binPhone' => true,
+ 'custPhone' => true,
+ 'license_key' => true,
+ 'requested_type' => true,
+ 'forwardedIP' => true,
+ 'emailMD5' => true,
+ 'shipAddr' => true,
+ 'shipCity' => true,
+ 'shipRegion' => true,
+ 'shipPostal' => true,
+ 'shipCountry' => true,
+ 'txnID' => true,
+ 'sessionID' => true,
+ 'usernameMD5' => true,
+ 'passwordMD5' => true,
+ 'user_agent' => true,
+ 'accept_language' => true,
+ 'avs_result' => true,
+ 'cvv_result' => true,
+ 'order_amount' => true,
+ 'order_currency' => true,
+ 'shopID' => true,
+ 'txn_type' => true
+ );
- function filter_field($key, $value) {
- if ($key == 'emailMD5'){
- if (strpos($value, '@') !== false){
- return md5(strtolower($value));
- }
- } else if ($key == 'usernameMD5' || $key == 'passwordMD5') {
- if (strlen($value) != 32) {
- return md5(strtolower($value));
- }
+ /**
+ * Constuctor.
+ */
+ public function __construct()
+ {
+ // Set the number of allowed fields.
+ $this->num_allowed_fields = count($this->allowed_fields);
+
+ // Set the number of servers to query.
+ $this->numservers = count($this->server);
}
- return $value;
- }
+
+ /**
+ * If key matches one of 'emailMD5', 'usernameMD5' or 'passwordMD5',
+ * convert value to lowercase and return the md5.
+ *
+ * If key does not match one of the above, just return the value.
+ *
+ * @see HTTPBase::filter_field()
+ * @param string $key
+ * @param string $value
+ * @return string
+ */
+ public function filter_field($key, $value)
+ {
+ if ($key == 'emailMD5' && false !== strpos($value, '@')) {
+ return md5(strtolower($value));
+ }
+
+ if (($key == 'usernameMD5' || $key == 'passwordMD5')
+ && strlen($value) != 32
+ ) {
+ return md5(strtolower($value));
+ }
+
+ return $value;
+ }
}
-?>
diff --git a/extras/custom_filters/filters/minfraud/ccfd/src/HTTPBase.php
b/extras/custom_filters/filters/minfraud/ccfd/src/HTTPBase.php
index cf24457..4a8f832 100644
--- a/extras/custom_filters/filters/minfraud/ccfd/src/HTTPBase.php
+++ b/extras/custom_filters/filters/minfraud/ccfd/src/HTTPBase.php
@@ -19,241 +19,383 @@
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
-class HTTPBase{
- public $server;
- public $numservers;
- public $url;
- public $queries;
- public $allowed_fields;
- public $num_allowed_fields;
- public $outputstr;
- public $isSecure;
- public $timeout;
- public $debug;
- public $check_field;
- function HTTPBase() {
- $this->isSecure = 0;
- $this->debug = 0;
- $this->timeout = 0;
- // use countryMatch to validate the results. It is avail in all minfraud
answeres
- $this->check_field = "countryMatch";
- }
+abstract class HTTPBase
+{
+ /**
+ * Constant to define the version of this
+ * @var unknown
+ */
+ const API_VERSION = 'PHP/1.60';
- // this function sets the checked field
- function set_check_field($f) {
- $this->check_field = $f;
- }
+ /**
+ * @var string|array
+ */
+ protected $server = '';
- // this function sets the allowed fields
- function set_allowed_fields($i) {
- $this->allowed_fields = $i;
- $this->num_allowed_fields = count($i);
- }
+ /**
+ * @var int
+ */
+ protected $numservers = 0;
- //this function queries the servers
- function query() {
+ /**
+ * @var string
+ */
+ protected $url = '';
- // query every server using its domain name
- for ($i = 0; $i < $this->numservers; $i++ ) {
- $result = $this->querySingleServer($this->server[$i]);
- if ($this->debug == 1) {
- print "server: " . $this->server[$i] . "\nresult: " . $result . "\n";
- }
- if ($result) {
- return $result;
- }
- }
- return 0;
- }
+ /**
+ * @var array
+ */
+ protected $queries = array();
- // this function takes a input hash and stores it in the hash named queries
- function input($vars) {
- $numinputkeys = count($vars); // get the number of keys in the input hash
- $inputkeys = array_keys($vars); // get a array of keys in the input hash
- for ($i = 0; $i < $numinputkeys; $i++) {
- $key = $inputkeys[$i];
- if ($this->allowed_fields[$key] == 1) {
- //if key is a allowed field then store it in
- //the hash named queries
- $this->queries[$key] = urlencode($this->filter_field($key,
$vars[$key]));
- } else {
- print "invalid input $key - perhaps misspelled field?";
- return 0;
- }
- }
- $this->queries["clientAPI"] = $this->API_VERSION;
- }
+ /**
+ * @var array
+ */
+ protected $allowed_fields = array();
- //sub-class should override this if it needs to filter inputs
- function filter_field($key, $value) {
- return $value;
- }
+ /**
+ * @var int
+ */
+ protected $num_allowed_fields;
- //this function returns the output from the server
- function output() {
- return $this->outputstr;
- }
+ /**
+ * @var array
+ */
+ protected $outputstr = array();
- // this function queries a single server
- function querySingleServer($server) {
- // check if we using the Secure HTTPS proctol
- if ($this->isSecure == 1) {
- $scheme = "https://";; // Secure HTTPS proctol
- } else {
- $scheme = "http://";; // Regular HTTP proctol
- }
+ /**
+ * @var bool
+ */
+ protected $isSecure = false;
- // build a query string from the hash called queries
- $numquerieskeys = count($this->queries); // get the number of keys in the
hash called queries
- $querieskeys = array_keys($this->queries); // get a array of keys in the
hash called queries
- if ($this->debug == 1) {
- print "number of query keys " + $numquerieskeys + "\n";
- }
+ /**
+ * @var int
+ */
+ protected $timeout = 0;
- $query_string = "";
+ /**
+ * @var bool
+ */
+ protected $debug = false;
- for ($i = 0; $i < $numquerieskeys; $i++) {
- //for each element in the hash called queries
- //append the key and value of the element to the query string
- $key = $querieskeys[$i];
- $value = $this->queries[$key];
- //encode the key and value before adding it to the string
- //$key = urlencode($key);
- //$value = urlencode($value);
- if ($this->debug == 1) {
- print " query key " . $key . " query value " . $value . "\n";
- }
- $query_string = $query_string . $key . "=" . $value;
- if ($i < $numquerieskeys - 1) {
- $query_string = $query_string . "&";
- }
- }
+ /**
+ * Use countryMatch to validate the results.
+ * It is available in all minfraud answers.
+ *
+ * @var string
+ */
+ protected $check_field = 'countryMatch';
- $content = "";
+ private $curlCaInfo;
+ private $useUtf8;
- //check if the curl module exists
- if (extension_loaded('curl')) {
- //use curl
- if ($this->debug == 1) {
- print "using curl\n";
- }
-
- //open curl
- $ch = curl_init();
-
- $url = $scheme . $server . "/" . $this->url;
-
- //set curl options
- if ($this->debug == 1){
- print "url " . $url . "\n";
- }
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_URL, $url);
- curl_setopt($ch, CURLOPT_TIMEOUT, $this->timeout);
- curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,0);
-
- //this option lets you store the result in a string
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS, $query_string);
-
- //get the content
- $content = curl_exec($ch);
-
- // For some reason curl_errno returns an error even when function works
- // Until we figure this out, will ignore curl errors - (not good i know)
-// $e = curl_errno($ch);//get error or sucess
-
-// if (($e == 1) & ($this->isSecure == 1)) {
- // HTTPS does not work print error message
-// print "error: this version of curl does not support HTTPS try
build curl with SSL or specify \$ccfs->isSecure = 0\n";
-// }
-// if ($e > 0) {
- //we get a error msg print it
-// print "Received error message $e from curl: " . curl_error($ch) .
"\n";
-// return 0;
-// }
- //close curl
- curl_close($ch);
- } else {
- //curl does not exist
- //use the fsockopen function,
- //the fgets function and the fclose function
- if ($this->debug == 1) {
- print "using fsockopen for querySingleServer\n";
- }
-
- $url = $scheme . $server . "/" . $this->url . "?" . $query_string;
- if ($this->debug == 1) {
- print "url " . $url . " " . "\n";
- }
-
- //now check if we are using regular HTTP
- if ($this->isSecure == 0) {
- //we using regular HTTP
-
- //parse the url to get
- //host, path and query
- $url3 = parse_url($url);
- $host = $url3["host"];
- $path = $url3["path"];
- $query = $url3["query"];
-
- //open the connection
- $fp = fsockopen ($host, 80, $errno, $errstr, $this->timeout);
- if ($fp) {
- //send the request
- $post = "POST $path HTTP/1.0\nHost: " . $host . "\nContent-type:
application/x-www-form-urlencoded\nUser-Agent: Mozilla 4.0\nContent-length: " .
strlen($query) . "\nConnection: close\n\n$query";
- fputs ($fp, $post);
- while (!feof($fp)) {
- $buf .= fgets($fp, 128);
- }
- $lines = split("\n", $buf);
- // get the content
- $content = $lines[count($lines)-1];
- //close the connection
- fclose($fp);
- } else {
- return 0;
+ /**
+ * Public getter for class properties.
+ *
+ * @param string $key
+ * @return mixed|NULL Returns the property value,
+ * or null if it doesn't exist.
+ */
+ public function __get($key)
+ {
+ if (property_exists($this, $key)) {
+ return $this->$key;
}
- } else {
- //secure HTTPS requires CURL
- print "error: you need to install curl if you want secure HTTPS or
specify the variable to be $ccfs->isSecure = 0";
- return 0;
- }
+ return null;
}
- if ($this->debug == 1) {
- print "content = " . $content . "\n";
+ /**
+ * Public setter.
+ *
+ * @param string $key
+ * @param mixed $val
+ */
+ public function __set($key, $val)
+ {
+ // Only set properties the exist.
+ if (property_exists($this, $key)) {
+ $this->$key = $val;
+ }
}
- // get the keys and values from
- // the string content and store them
- // the hash named outputstr
- // split content into pairs containing both
- // the key and the value
- $keyvaluepairs = explode(";",$content);
-
- //get the number of key and value pairs
- $numkeyvaluepairs = count($keyvaluepairs);
-
- //for each pair store key and value into the
- //hash named outputstr
- $this->outputstr = array();
- for ($i = 0; $i < $numkeyvaluepairs; $i++) {
- //split the pair into a key and a value
- list($key,$value) = explode("=",$keyvaluepairs[$i]);
- if ($this->debug == 1) {
- print " output " . $key . " = " . $value . "\n";
- }
- //store the key and the value into the
- //hash named outputstr
- $this->outputstr[$key] = $value;
+ /**
+ * Sets the path to the SSL certificate to be used by cURL. If this is
+ * not set, the default certificate is used.
+ *
+ * @param string $cert The path to the certificate to be used by cURL.
+ */
+ public function setCurlCaInfo($cert)
+ {
+ $this->curlCaInfo = $cert;
}
- //one other way to do it
- if (!array_key_exists($this->check_field,$this->outputstr)) {
- return 0;
+
+ /**
+ * If set to true, the outputs from the web service call will be converted
+ * from ISO 8859-1 to UTF-8. Defaults to false.
+ *
+ * @param boolean $useUtf8
+ */
+ public function useUtf8($useUtf8)
+ {
+ $this->useUtf8 = $useUtf8;
}
- return 1;
- }
+
+ /**
+ * Sets the checked field.
+ *
+ * @param string $f
+ */
+ public function set_check_field($f)
+ {
+ $this->check_field = $f;
+ }
+
+ /**
+ * Set the allowed fields.
+ *
+ * @param array $i
+ */
+ public function set_allowed_fields($i)
+ {
+ $this->allowed_fields = $i;
+ $this->num_allowed_fields = count($i);
+ }
+
+ /**
+ * Query each server.
+ *
+ * @return false|string
+ */
+ public function query()
+ {
+ // Query every server using it's domain name.
+ for ($i = 0; $i < $this->numservers; $i++) {
+ $result = $this->querySingleServer($this->server[$i]);
+ if ($this->debug) {
+ echo "server: {$this->server[$i]}\n";
+ echo "result: $result\n";
+ }
+
+ if ($result) {
+ return $result;
+ }
+ }
+ return false;
+ }
+
+ /**
+ * Validates and stores the inputVars in the queries array.
+ *
+ * @param array $vars
+ */
+ public function input($inputVars)
+ {
+ foreach ($inputVars as $key => $val) {
+ if (empty($this->allowed_fields[$key])) {
+ echo "Invalid input $key - perhaps misspelled field?\n";
+ return false;
+ }
+ $this->queries[$key] = urlencode($this->filter_field($key, $val));
+ }
+ $this->queries['clientAPI'] = $this->API_VERSION;
+ }
+
+ /**
+ * Child classes should override this if it needs to filter inputs.
+ *
+ * @param string $key
+ * @param string $value
+ * @return string
+ */
+ public function filter_field($key, $value)
+ {
+ return $value;
+ }
+
+ /**
+ * Return the output from the server.
+ *
+ * @return array
+ */
+ public function output()
+ {
+ return $this->outputstr;
+ }
+
+ /**
+ * Queries a single server. Returns true if the query was successful,
+ * otherwise false.
+ *
+ * @param string $server
+ * @return bool
+ */
+ public function querySingleServer($server)
+ {
+ // Check if we using the Secure HTTPS proctol.
+ $scheme = $this->isSecure ? 'https://' : 'http://';
+
+ // Build a query string from the queries array.
+ $numQueries = count($this->queries);
+ $queryKeys = array_keys($this->queries);
+ if ($this->debug) {
+ echo "Number of query keys {$numQueries}\n";
+ }
+
+ $queryString = '';
+
+ for ($i = 0; $i < $numQueries; $i++) {
+ /**
+ * For each element in the array, append the key
+ * and value of the element to the query string.
+ */
+ $key = $queryKeys[$i];
+ $value = $this->queries[$key];
+
+ if ($this->debug) {
+ echo " query key {$key} query value {$value}\n";
+ }
+
+ $queryString .= $key . '=' . $value;
+ if ($i < $numQueries - 1) {
+ $queryString .= '&';
+ }
+ }
+
+ $url = $scheme . $server . "/" . $this->url;
+ $content = '';
+
+ // Check if the curl module exists.
+ if (extension_loaded('curl')) {
+ // Use curl.
+ if ($this->debug) {
+ echo "Using curl\n";
+ }
+
+ // Open curl.
+ $ch = curl_init();
+
+ // Set curl options
+ if ($this->debug) {
+ echo "url {$url}\n";
+ }
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+ curl_setopt($ch, CURLOPT_URL, $url);
+ curl_setopt($ch, CURLOPT_TIMEOUT, $this->timeout);
+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
+ curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
+
+ if ($this->curlCaInfo) {
+ curl_setopt($ch, CURLOPT_CAINFO, $this->curlCaInfo);
+ }
+
+ // This option lets you store the result in a string.
+ curl_setopt($ch, CURLOPT_POST, 1);
+ curl_setopt($ch, CURLOPT_POSTFIELDS, $queryString);
+
+ // Get the content.
+ $content = curl_exec($ch);
+
+ curl_close($ch);
+ } else {
+ /**
+ * The curl extension is not loaded.
+ * Use the fsockopen, fgets, and fclose functions.
+ */
+ if ($this->debug) {
+ echo "Using fsockopen for querySingleServer\n";
+ }
+
+ $url .= "?{$queryString}";
+ if ($this->debug) {
+ echo "url {$url}\n";
+ }
+
+ // Check if we are using regular HTTP.
+ if ($this->isSecure == 0) {
+ //parse the url to get host, path and query.
+ $url3 = parse_url($url);
+ $host = $url3["host"];
+ $path = $url3["path"];
+ $query = $url3["query"];
+
+ // Open the connection.
+ $fp = fsockopen($host, 80, $errno, $errstr, $this->timeout);
+
+ // There was a problem opening the connection.
+ if (!$fp) {
+ return false;
+ }
+
+ // Send the request.
+ $post = "POST $path HTTP/1.0\n"
+ . "Host: {$host}\n"
+ . "Content-type: application/x-www-form-urlencoded\n"
+ . "User-Agent: Mozilla 4.0\n"
+ . "Content-length: "
+ . strlen($query)
+ . "\nConnection: close\n\n"
+ . $query;
+
+ fputs($fp, $post);
+ $buf = '';
+ while (!feof($fp)) {
+ $buf .= fgets($fp, 128);
+ }
+ $lines = explode("\n", $buf);
+
+ // Get the content.
+ $content = $lines[count($lines) - 1];
+
+ // Close the connection.
+ fclose($fp);
+ } else {
+ // Secure HTTPS requires CURL
+ echo 'Error: you need to install curl if you want secure HTTPS
'
+ . 'or specify the variable to be $ccfs->isSecure = false';
+ return false;
+ }
+ }
+
+ if ($this->debug) {
+ echo "content = {$content}\n";
+ }
+
+ if (empty($content)) {
+ echo "Returned content is empty!\n";
+ return false;
+ }
+
+ if ($this->useUtf8) {
+ $content = utf8_encode($content);
+ }
+
+ /**
+ * Get the keys and values from the string content
+ * and store them in the outputstr array.
+ */
+
+ // Split content into pairs containing both the key and the value.
+ $keyValuePairs = explode(';', $content);
+
+ // Get the number of key and value pairs.
+ $numKeyValuePairs = count($keyValuePairs);
+
+ // For each pair store key and value into the outputstr array.
+ $this->outputstr = array();
+ for ($i = 0; $i < $numKeyValuePairs; $i++) {
+ // Split the pair into a key and a value.
+ list($key, $value) = explode('=', $keyValuePairs[$i]);
+ if ($this->debug) {
+ echo " output {$key} = {$value}\n";
+ }
+
+ $this->outputstr[$key] = $value;
+ }
+
+ // One other way to do it.
+ if (!array_key_exists($this->check_field, $this->outputstr)) {
+ return false;
+ }
+
+ return true;
+ }
}
-?>
diff --git
a/extras/custom_filters/filters/minfraud/ccfd/src/TelephoneVerification.php
b/extras/custom_filters/filters/minfraud/ccfd/src/TelephoneVerification.php
index 5845475..d7c9f69 100644
--- a/extras/custom_filters/filters/minfraud/ccfd/src/TelephoneVerification.php
+++ b/extras/custom_filters/filters/minfraud/ccfd/src/TelephoneVerification.php
@@ -1,26 +1,26 @@
<?php
-require_once ("HTTPBase.php");
-class TelephoneVerification extends HTTPBase {
- public $server;
- public $numservers;
- public $API_VERSION;
- function TelephoneVerification(){
- $this->HTTPBase();
- $this->isSecure = 1; // use HTTPS by default
+require_once 'HTTPBase.php';
- //set the allowed_fields hash
- $this->allowed_fields["l"] = 1;
- $this->allowed_fields["phone"] = 1;
- $this->allowed_fields["verify_code"] = 1;
- $this->num_allowed_fields = count($this->allowed_fields);
+class TelephoneVerification extends HTTPBase
+{
+ public $server;
+ public $numservers;
- //set the url of the web service
- $this->url = "app/telephone_http";
- $this->check_field = "refid";
- $this->server = array("www.maxmind.com", "www2.maxmind.com");
- $this->numservers = count($this->server);
- $this->API_VERSION = 'PHP/1.4';
- $this->timeout = 30;
- }
+ public function __construct()
+ {
+ $this->isSecure = 1; // use HTTPS by default
+
+ //set the allowed_fields hash
+ $this->allowed_fields["l"] = 1;
+ $this->allowed_fields["phone"] = 1;
+ $this->allowed_fields["verify_code"] = 1;
+ $this->num_allowed_fields = count($this->allowed_fields);
+
+ //set the url of the web service
+ $this->url = "app/telephone_http";
+ $this->check_field = "refid";
+ $this->server = array("www.maxmind.com", "www2.maxmind.com");
+ $this->numservers = count($this->server);
+ $this->timeout = 30;
+ }
}
-?>
diff --git a/extras/custom_filters/filters/minfraud/minfraud.body.php
b/extras/custom_filters/filters/minfraud/minfraud.body.php
index 1100bfa..6734dcc 100644
--- a/extras/custom_filters/filters/minfraud/minfraud.body.php
+++ b/extras/custom_filters/filters/minfraud/minfraud.body.php
@@ -288,6 +288,9 @@
// Override the minFraud API servers
if ( !empty( $this->minFraudServers ) && is_array(
$this->minFraudServers ) ) {
$this->ccfd->server = $this->minFraudServers;
+
+ // numservers seems to be unused, but let's
keep it in sync
+ $this->ccfd->numservers = count(
$this->minFraudServers );
}
}
return $this->ccfd;
--
To view, visit https://gerrit.wikimedia.org/r/179039
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I10fdf9c5775f42533abe5180231fdfbb416b006e
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/DonationInterface
Gerrit-Branch: master
Gerrit-Owner: Ejegg <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
