Requests | Blesta

Requests

First Name and Last Name Fields passed to anti fraud module

Timothy Mcdaniel shared this idea 6 years ago
Completed

I was going to ask if it is possible if order_form_controller.php in the blesta order plugin could pass the client's first_name and last_name fields to the anti fraud check to allow any anti fraud module to take advantage of being able to screen the client's first name and last name in addition to what is already passed to it already as I need those fields mostly for my fraudrecord anti fraud module to be in the blesta core files by default to avoid people having to manually replace the core file with one I modified to include those two fields. as fraudrecord requires passing the client's first and last name to their api and I think it would benefit everyone more if it was in the core files by default.

Comments (7)

photo
1

Are there any other fields besides first and last name that would should consider including additionally?

photo
1

not really the ones only needed to pass to FraudRecord are the first and last name, phone number, ip address, email.

photo
1

I ask not for your integration but in general. We don't want to add first and last name, and then someone else comes along and requests something else. If you can't ever foresee any other data points being necessary, that's fine, but while we're in there we might as well make any data that might be needed in the future available.

photo
1

well let me go look at the code again, on the order_form_controller.php to make sure I didn't miss anything.

photo
1

well I see you pretty much have it covered except I would like to add if it is possible to make the anti fraud modules be able to display dialogs for example to do phone/sms verification as well(I tried already and wasn't able to successfully do it.) like for example this: https://www.neutrinoapi.com/api/phone-verify/ I was planning to put it in my implementation as well though cannot prompt for their response to check the security code to see if it matches and is verified through I assume it could be done through a custom order controller php file, it could be easier to make this in the core as well to make it easier for each version to not have to replace everything each time blesta is updated.

photo
1

it could also be helpful to pass people's paypal email in if they have one to check against as well.

photo
1

snippet to show how to fix first & last name in order_form_controller.php

$antifraud = $this->Html->ifSet($order_settings['antifraud']);        try {            $fraud_detect = $this->Antifraud->create($antifraud, [$order_settings]);            $status = $fraud_detect->verify([                'ip' => $_SERVER['REMOTE_ADDR'],				'first_name' => $this->Html->ifSet($client->first_name),				'last_name' => $this->Html->ifSet($client->last_name),                'email' => $this->Html->ifSet($client->email),                'address1' => $this->Html->ifSet($client->address1),                'address2' => $this->Html->ifSet($client->address2),                'city' => $this->Html->ifSet($client->city),                'state' => $this->Html->ifSet($client->state),                'country' => $this->Html->ifSet($client->country),                'zip' => $this->Html->ifSet($client->zip),                'phone' => $this->Contacts->intlNumber(                    $this->Html->ifSet($client->numbers[0]['number']),                    $this->Html->ifSet($client->country)                )            ]);
at line 944-962

photo