antadis/bebeboutik
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

start of addition test in fraud module

Browse Source
This commit is contained in:
Marion Muszynski 2017-05-04 11:35:59 +02:00
parent 0e41c41dc8
commit f041619d2a
4 changed files with 58 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
modules/fraud/fraud.php
View File

@ -20,7 +20,7 @@ class Fraud extends Module {
}
public function install() {
if(!(parent::install()
if(!(parent::install()
&& $this->installDB()
&& $this->registerHook('adminOrder')
&& $this->registerHook('backBeforePayment')
@ -59,7 +59,7 @@ class Fraud extends Module {
public function hookbackBeforePayment($params) {
FraudCore::CartFraudConnexion($params['cart']);
}
public function hookAdminOrder($params) {
global $currentIndex;
@ -78,14 +78,14 @@ class Fraud extends Module {
$info = json_decode($reputation['report']);
$data = '<br />
<fieldset style="width: 400px">
<p class="alert" style="width:300px">
<p class="alert" style="width:300px">
<b>'.$this->l('Suspect Order').'</b>
<br />
'.$this->l('Score : ').' <strong style="color:red">'.$reputation['score'].'</strong>
'.$this->l('Score : ').' <strong style="color:red">'.$reputation['score'].'</strong>
</p>
<h4>'.$this->l('Details : ').'</h4>
<p>'.implode('<br />', $info).'</p>';
if ($reputation['pass'] == 0) {
$data .= '<a onclick="if(!confirm(\'Voulez-vous valider la commande ? \')) return false;" href="'.$_SERVER['REQUEST_URI'].'&validFraud=1" class="button">'.$this->l('Valid Order').'</a>';
} else {
@ -97,6 +97,29 @@ class Fraud extends Module {
}
}
/* This method is called after the response returned by paybox */
public function testPaybox($id_order, $ip_country)
{
$order = new Order($id_order);
$authorized = array('ESP','DEU','ITA','NLD','SWE','GBR','PRT','CHE','LUX','POL','AUT','BEL');
if(!in_array($ip_country, $authorized)) {
$total_score = 110;
$fraud_report = array();
$fraud_report[] = 'Pays de paiement hors EU (+110)';
Db::getInstance()->ExecuteS('
INSERT INTO `'._DB_PREFIX_.'order_reputation`
VALUES (
'.(int) $order->id_cart.',
'.(int) $total_score.',
'.((int) $total_score < 100? 1: 0).',
"'.pSQL(json_encode($fraud_report)).'"
)
');
$this->_changeStatutFraud($order->id);
}
}
/* This method is called when a customer use account's paypal on a different address from previously */
public function testPaypalBilling($id_order)
@ -104,7 +127,7 @@ class Fraud extends Module {
$order = new Order($id_order);
$id_billing = Db::getInstance()->getValue('
SELECT `is_billing`
FROM `'._DB_PREFIX_.'paypal_order`
FROM `'._DB_PREFIX_.'paypal_order`
WHERE `id_order` = '.(int) $order->id
);
@ -147,11 +170,11 @@ class Fraud extends Module {
if($params['newOrderState'] == 2) {
$order = new Order($params['order']['id']);
if ( Validate::isLoadedObject($order) ) {
if ($order->module != 'paybox') {
return FALSE;
}
// commande déjà test
$already_test = Db::getInstance()->getValue('
SELECT `id_cart`
@ -180,16 +203,16 @@ class Fraud extends Module {
$i++;
}
}
// paiement ok
// paiement ok
$reputation_change = 0;
if ($i) {
$current_reputation = floor($current_reputation / $i);
}
$final_reputation = max($current_reputation + $reputation_change, 0);
$total_score = max($fraud_score, 0) + $final_reputation;
$cart_info = Db::getInstance()->getRow('
SELECT *
SELECT *
FROM ps_cart_fraud
WHERE id_cart = '. (int)$order->id_cart);

7
modules/paybox/paiement.php
View File

@ -38,9 +38,9 @@ if($save_paybox) {
if ($count_cards) {
$refabonne = $customer->email.((int)$count_cards+1);
}
$pbx_retour = 'm:M;r:R;t:T;a:A;b:B;p:P;c:C;s:S;y:Y;e:E;n:N;j:J;d:D;u:U;k:K';
$pbx_retour = 'm:M;r:R;t:T;a:A;b:B;p:P;c:C;s:S;y:Y;e:E;n:N;j:J;d:D;u:U;i:I;k:K';
} else {
$pbx_retour = 'm:M;r:R;t:T;a:A;b:B;p:P;c:C;s:S;y:Y;e:E;n:N;j:J;d:D;k:K';
$pbx_retour = 'm:M;r:R;t:T;a:A;b:B;p:P;c:C;s:S;y:Y;e:E;n:N;j:J;d:D;i:I;k:K';
}
if (version_compare(_PS_VERSION_, '1.5', '>'))
@ -99,13 +99,14 @@ if( Configuration::get('PBX_DEMO_MODE') == 0 ) {
$authorized_ip = array(
'88.163.22.99',
'90.63.178.63',
'217.64.63.215'
);
if (in_array($_SERVER['REMOTE_ADDR'], $authorized_ip)) {
mail('marion@antadis.com', '[BBB] Envoi paybox', $params);
}
$info_useless = array('Content-type: text/html', 'Cache-Control: no-cache, no-store' , 'Pragma: no-cache');
if( Configuration::get('PBX_DEMO_MODE') == 0 ) {
echo str_replace($info_useless,'', shell_exec('/srv/http/bbb_git/cgi-bin/modulev2.cgi '. $params));
echo str_replace($info_useless,'', shell_exec('/home/www/bb.pp.antadis.net/www/cgi-bin/modulev2.cgi '. $params));
} else {
echo str_replace($info_useless,'', shell_exec('/home/www/bebeboutik.com/cgi/www/modulev2.cgi '. $params));
}

17
modules/paybox/paybox.php
View File

@ -289,6 +289,21 @@ class Paybox extends PaymentModule
return ($this->display(__FILE__, 'hookpayment.tpl'));
}
public function validateOrder($id_cart, $id_order_state, $amount_paid, $payment_method = 'Unknown', $message = null, $transaction = array(), $currency_special = null, $dont_touch_amount = false, $secure_key = false, $values = array())
{
if ($this->active)
{
parent::validateOrder((int)$id_cart, (int)$id_order_state, (float)$amount_paid, $payment_method, $message, $transaction, $currency_special, $dont_touch_amount, $secure_key);
}
if(!empty($values) && isset($values['i'])) {
if (!class_exists('Fraud')) {
include_once _MODULE_DIR_.'fraud/fraud.php';
}
$fraud = new Fraud();
$fraud->testPaybox($this->currentOrder,$values['i']);
}
}
/**
* Save Information de Paiement Paybox (retour de la banque)
@ -299,6 +314,7 @@ class Paybox extends PaymentModule
$authorized_ip = array(
'88.163.22.99',
'90.63.178.63',
'217.64.63.215'
);
if (in_array($_SERVER['REMOTE_ADDR'], $authorized_ip)) {
mail('marion@antadis.com', '[BBB] Reponse paybox - Transaction value', http_build_query($values,'',', ')); // dev
@ -350,6 +366,7 @@ class Paybox extends PaymentModule
$authorized_ip = array(
'88.163.22.99',
'90.63.178.63',
'217.64.63.215'
);
if (in_array($_SERVER['REMOTE_ADDR'], $authorized_ip)) {
mail('marion@antadis.com', '[BBB] Reponse paybox - Transaction value + Save CB', http_build_query($values,'',', ')); // dev

6
modules/paybox/validation.php
View File

@ -38,14 +38,14 @@ if (!empty($error))
die($error);
}
$auth_remote_addr = array('37.187.137.153','90.63.178.63','195.101.99.76','195.101.99.77','195.101.99.72','62.39.109.166','194.50.38.6','80.13.22.107','194.2.122.158','194.2.122.190','194.2.160.66','195.25.7.166','195.25.67.22','194.2.160.64','194.2.160.75','194.2.160.80','194.2.160.82','194.2.160.91','195.25.7.146','195.25.7.157','195.25.7.159','195.25.67.0','195.25.67.2','195.25.67.11');
$auth_remote_addr = array('217.64.63.215', '37.187.137.153','90.63.178.63','195.101.99.76','195.101.99.77','195.101.99.72','62.39.109.166','194.50.38.6','80.13.22.107','194.2.122.158','194.2.122.190','194.2.160.66','195.25.7.166','195.25.67.22','194.2.160.64','194.2.160.75','194.2.160.80','194.2.160.82','194.2.160.91','195.25.7.146','195.25.7.157','195.25.7.159','195.25.67.0','195.25.67.2','195.25.67.11');
if (!in_array($_SERVER['REMOTE_ADDR'], $auth_remote_addr))
{
Logger::addLog('Answer does not come from a secure remote address', 4);
die('Answer does not come from a secure remote addres');
}
if ($_SERVER['REMOTE_ADDR'] != '90.63.178.63' && $_SERVER['REMOTE_ADDR']!='37.187.137.153') {
if ($_SERVER['REMOTE_ADDR'] != '90.63.178.63' && $_SERVER['REMOTE_ADDR']!='37.187.137.153' && $_SERVER['REMOTE_ADDR']!='217.64.63.215') {
$qrystr = $paybox->PbxVerSign($_SERVER['QUERY_STRING'], 'pubkey.pem', true);
if ($qrystr == 1)
$error .= '';
@ -307,7 +307,7 @@ switch ($pbx_error)
}
$error .= 'PayBox version: '.$paybox->version."\n".'<br> POST '.print_r($_POST, true)."\n".'<br>GET '.print_r($_GET, true)."\n";
$paybox->validateOrder((int)$cart->id, $statut, $total_paid, $paybox->displayName, $error, array(), NULL, false, $customer->secure_key);
$paybox->validateOrder((int)$cart->id, $statut, $total_paid, $paybox->displayName, $error, array(), NULL, false, $customer->secure_key, $values);
// save info paiement BDD
$paybox->saveInformationPaiement($values);