Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Urgent! how to override cc_validation totally


Brian-Bear

Recommended Posts

Hi,

We process offline in the UK we struggle to keep up with new card number sequences, it is no advantage to us. How do I override this totally so basically any number can be entered, my view is its is easier to lift the phone and talk to customers should they get a digit in the card number wrong rather than lose sales. This was brought home with a bump when I tried my new upgraded maestro card in my own store and hey presto it would not accept it.

 

If it has been covered before please post a link as I could not find what I was looking for.

Link to comment
Share on other sites

Hi,

We process offline in the UK we struggle to keep up with new card number sequences, it is no advantage to us. How do I override this totally so basically any number can be entered, my view is its is easier to lift the phone and talk to customers should they get a digit in the card number wrong rather than lose sales. This was brought home with a bump when I tried my new upgraded maestro card in my own store and hey presto it would not accept it.

 

If it has been covered before please post a link as I could not find what I was looking for.

When you say "keep up with new card number sequences", can you expand upon that? If you mean you receive something from card-issuing companies that details what their card number sequences follow, such as "starts with a 4567, followed by 3 3's or 3 4's, and any 8 numbers all lower than 7" or something like this, then you can turn that into a regex formula and pop it right into the cc_validation.php file that processes the card numbers to figure out what kind of card the user is trying to enter... Can you elaborate a little bit?

 

Richard.

Richard Lindsey

Link to comment
Share on other sites

When you say "keep up with new card number sequences", can you expand upon that? If you mean you receive something from card-issuing companies that details what their card number sequences follow, such as "starts with a 4567, followed by 3 3's or 3 4's, and any 8 numbers all lower than 7" or something like this, then you can turn that into a regex formula and pop it right into the cc_validation.php file that processes the card numbers to figure out what kind of card the user is trying to enter... Can you elaborate a little bit?

 

Richard.

 

We get customers ringing in saying the system will not accept the card we then collect billing info and order manually. However other customers do not ring in an shop elsewhere hence we lose sales. We do not have a list of up to date numbers.

hope this explains

Link to comment
Share on other sites

When you say "keep up with new card number sequences", can you expand upon that? If you mean you receive something from card-issuing companies that details what their card number sequences follow, such as "starts with a 4567, followed by 3 3's or 3 4's, and any 8 numbers all lower than 7" or something like this, then you can turn that into a regex formula and pop it right into the cc_validation.php file that processes the card numbers to figure out what kind of card the user is trying to enter... Can you elaborate a little bit?

 

Richard.

Sorry, I didn't even remember the subject of this thread when I posted that reply :) Card number sequences shouldn't be updating so often that you're struggling to keep up with them... However, if you wanted to bypass it altogether, you could just comment out the portion of the code that uses that class... This is going to be in the actual payment module file, for example, in includes/modules/payment/cc.php, in function pre_confirmation_check, you'll see this:

 

include(DIR_WS_CLASSES . 'cc_validation.php');

  $cc_validation = new cc_validation();
  $result = $cc_validation->validate($HTTP_POST_VARS['cc_number'], $HTTP_POST_VARS['cc_expires_month'], $HTTP_POST_VARS['cc_expires_year']);

  $error = '';
  switch ($result) {
	case -1:
	  $error = sprintf(TEXT_CCVAL_ERROR_UNKNOWN_CARD, substr($cc_validation->cc_number, 0, 4));
	  break;
	case -2:
	case -3:
	case -4:
	  $error = TEXT_CCVAL_ERROR_INVALID_DATE;
	  break;
	case false:
	  $error = TEXT_CCVAL_ERROR_INVALID_NUMBER;
	  break;
  }

  if ( ($result == false) || ($result < 1) ) {
	$payment_error_return = 'payment_error=' . $this->code . '&error=' . urlencode($error) . '&cc_owner=' . urlencode($HTTP_POST_VARS['cc_owner']) . '&cc_expires_month=' . $HTTP_POST_VARS['cc_expires_month'] . '&cc_expires_year=' . $HTTP_POST_VARS['cc_expires_year'];

	tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, $payment_error_return, 'SSL', true, false));
  }

  $this->cc_card_type = $cc_validation->cc_type;

Which can be commented out, and the line right below it:

 

$this->cc_card_number = $cc_validation->cc_number;

Can be changed to this:

 

$this->cc_card_number = $HTTP_POST_VARS['cc_number'];

Richard.

Richard Lindsey

Link to comment
Share on other sites

We get customers ringing in saying the system will not accept the card we then collect billing info and order manually. However other customers do not ring in an shop elsewhere hence we lose sales. We do not have a list of up to date numbers.

hope this explains

When this happens, is it happening for 1 type of card consistently? Like your Maestro card? If so, maybe you can contact their company to make sure you've got the right sequences in your cc_validation file... However, I just looked up a wiki page for credit card numbers, and it listed some of the top cards out there, and their sequences... Try adding this entry into your cc_validation.php file and see if it'll recognize your upgraded card, and maybe check it against some of the other cards people have called to say didn't work...

 

if (ereg('^4[0-9]{12}([0-9]{3})?$', $this->cc_number)) {
	$this->cc_type = 'Visa';
  } elseif (ereg('^5[1-5][0-9]{14}$', $this->cc_number)) {
	$this->cc_type = 'Master Card';
  } elseif (ereg('^3[47][0-9]{13}$', $this->cc_number)) {
	$this->cc_type = 'American Express';
  } elseif (ereg('^3(0[0-5]|[68][0-9])[0-9]{11}$', $this->cc_number)) {
	$this->cc_type = 'Diners Club';
  } elseif (ereg('^6011[0-9]{12}$', $this->cc_number)) {
	$this->cc_type = 'Discover';
  } elseif (ereg('^(3[0-9]{4}|2131|1800)[0-9]{11}$', $this->cc_number)) {
	$this->cc_type = 'JCB';
  } elseif (ereg('^5610[0-9]{12}$', $this->cc_number)) { 
	$this->cc_type = 'Australian BankCard';
  } elseif (ereg('^(5020|5038|6759)[0-9]{12}', $this->cc_number)) { // New section for Maestro cards
	$this->cc_type = 'Maestro';
  } else {
	return -1;
  }

Richard.

Richard Lindsey

Link to comment
Share on other sites

  • 2 weeks later...
I would still like to fully overide CC validation, any more ideas?

The instructions in this thread should have been enough to do that, even if the new regexes didn't work, commenting out the lines that deal with cc_validation should have overridden it... What's happening now?

 

Richard.

Richard Lindsey

Link to comment
Share on other sites

  • 2 weeks later...

If you re-read through this post as was already suggested, you will see that the answer has already been posted in my 2nd post in this thread... It tells you, within cc.php, exactly what function to look in, exactly what to comment out, and exactly what to change...

 

Richard.

Richard Lindsey

Link to comment
Share on other sites

If you re-read through this post as was already suggested, you will see that the answer has already been posted in my 2nd post in this thread... It tells you, within cc.php, exactly what function to look in, exactly what to comment out, and exactly what to change...

 

Richard.

 

Sorry should have stated what you said does not work for the above code

Link to comment
Share on other sites

Sorry should have stated what you said does not work for the above code

What doesn't work with it? Is it throwing an error of some kind, or just not behaving as expected?

 

Richard.

Richard Lindsey

Link to comment
Share on other sites

What doesn't work with it? Is it throwing an error of some kind, or just not behaving as expected?

 

Richard.

 

The code will process legitmate cards ok but if you throw a real odd ball number at it it will give you the first 4 digits are not a recognised card

Link to comment
Share on other sites

The default osc code will not handle all cc numbers. There are specifications if you search the web that cover cc numbers for various countries. You need to find those combinations and implement them as a regular search into your cc_validation.php (That is if you want to do some validation otherwise if you want to skip you return 0 from the validate member function).

 

	function validate($number, $expiry_m, $expiry_y, $cvv='') {
  return 0;

Link to comment
Share on other sites

here is my cc validation code, it has a contribution added, can you please tell me what needs changed in this code to over ride the cred card numbers

 

<?php
/*
 $Id: cc_validation.php,v 1.3 2003/02/12 20:43:41 hpdl Exp $

 osCommerce, Open Source E-Commerce Solutions
 [url="http://www.oscommerce.com"]http://www.oscommerce.com[/url]

 Copyright © 2003 osCommerce

 Released under the GNU General Public License
*/

 class cc_validation {
//**si**
//    var $cc_type, $cc_number, $cc_expiry_month, $cc_expiry_year;
   var $cc_type, $cc_number, $cc_expiry_month, $cc_expiry_year, $cc_start_month, $cc_start_year,
	$cc_cvv, $cc_issue;

//**si** 09-03-03
///    function validate($number, $expiry_m, $expiry_y, $start_m='', $start_y='') {
   function validate($number, $expiry_m, $expiry_y, $start_m='', $start_y='',$cc_cvv='', $cc_issue='') {
//**si** end
     $this->cc_number = ereg_replace('[^0-9]', '', $number);

//**si**
//      $NumberLeft4 = substr($this->cc_number, 0, 4);
     $NumberLeft6 = substr($this->cc_number, 0, 6);

     if ( ((($NumberLeft6 >= 413733) && ($NumberLeft6 <= 413737))
             || (($NumberLeft6 >= 446200) && ($NumberLeft6 <= 446299))
             || (($NumberLeft6 >= 453978) && ($NumberLeft6 <= 453979))
             ||  ($NumberLeft6 == 454313)
             || (($NumberLeft6 >= 454432) && ($NumberLeft6 <= 454435))
             ||  ($NumberLeft6 == 454742)
             || (($NumberLeft6 >= 456725) && ($NumberLeft6 <= 456745))
             || (($NumberLeft6 >= 465830) && ($NumberLeft6 <= 465879))
             || (($NumberLeft6 >= 465901) && ($NumberLeft6 <= 465950))
             || (($NumberLeft6 >= 490960) && ($NumberLeft6 <= 490979))
             || (($NumberLeft6 >= 492181) && ($NumberLeft6 <= 492182))
             ||  ($NumberLeft6 == 498824)
		) && (ereg('[0-9]{16}', $this->cc_number)) ) {
         $this->cc_type = 'Delta';
	  if ( strtolower(MODULE_PAYMENT_CC_ACCEPT_DELTA) != 'true' )   return -5;
	  //--
     } elseif (( ($NumberLeft6 == 450875)
                 || (($NumberLeft6 >= 484406) && ($NumberLeft6 <= 484455))
                 || (($NumberLeft6 >= 491730) && ($NumberLeft6 <= 491759))
                 ||  ($NumberLeft6 == 491880)
			) && (ereg('[0-9]{16}', $this->cc_number)) ) {
         $this->cc_type = "UK Electron";
	  if ( strtolower(MODULE_PAYMENT_CC_ACCEPT_ELECTRON) != 'true' )   return -5;
	  //--
    } elseif ( strtolower(MODULE_PAYMENT_CC_ACCEPT_ORIG_MASTERCARD) != 'true'
              &&($NumberLeft6 >= 510000) && ($NumberLeft6 <= 519999)
                 && (ereg('[0-9]{16}', $this->cc_number)) ) {
         $this->cc_type = "MasterCard";
	  if ( strtolower(MODULE_PAYMENT_CC_ACCEPT_MASTERCARD) != 'true' )   return -5;
	  //--
     } elseif (( (($NumberLeft6 >= 490302) && ($NumberLeft6 <= 490309))
                || (($NumberLeft6 >= 490335) && ($NumberLeft6 <= 490339))
                || (($NumberLeft6 >= 491101) && ($NumberLeft6 <= 491102))
                || (($NumberLeft6 >= 491174) && ($NumberLeft6 <= 491182))
                || (($NumberLeft6 >= 493600) && ($NumberLeft6 <= 493699))
                ||  ($NumberLeft6 == 564182)
                || (($NumberLeft6 >= 633300) && ($NumberLeft6 <= 633349))
                || (($NumberLeft6 >= 675900) && ($NumberLeft6 <= 675999))
               ) && (ereg('[0-9]{16}|[0-9]{18}|[0-9]{19}', $this->cc_number)) ) {
         $this->cc_type = "Switch";
         if ( strtolower(MODULE_PAYMENT_CC_ACCEPT_SWITCH) != 'true' )   return -5;
	  //--
     } elseif (( (($NumberLeft6 >= 633450) && ($NumberLeft6 <= 633499))
           || (($NumberLeft6 >= 676700) && ($NumberLeft6 <= 676799))
            ) && (ereg('[0-9]{16}|[0-9]{18}|[0-9]{19}', $this->cc_number)) ) {
         $this->cc_type = "Solo";
         if ( strtolower(MODULE_PAYMENT_CC_ACCEPT_SOLO) != 'true' )   return -5;
	  //--
     } elseif ( ( strtolower(MODULE_PAYMENT_CC_ACCEPT_ORIG_JCB) != 'true' )
            && ( (($NumberLeft6 >= 352800) && ($NumberLeft6 <= 358999)) )
               && (ereg('[0-9]{16}', $this->cc_number)) ) {
         $this->cc_type = "JCB";
         if ( strtolower(MODULE_PAYMENT_CC_ACCEPT_JCB) != 'true' )   return -5;
	  //--
     } elseif (( (($NumberLeft6 >= 500000) && ($NumberLeft6 <= 500099))
              || (($NumberLeft6 >= 560000) && ($NumberLeft6 <= 589999))
              || (($NumberLeft6 >= 600000) && ($NumberLeft6 <= 699999))
               ) && (ereg('[0-9]{16}', $this->cc_number)) ) {
         $this->cc_type = "Maestro";
         if ( strtolower(MODULE_PAYMENT_CC_ACCEPT_MAESTRO) != 'true' )   return -5;
	  //--
     } elseif ( strtolower(MODULE_PAYMENT_CC_ACCEPT_ORIG_VISA) != 'true'
            && ( (($NumberLeft6 >= 400000) && ($NumberLeft6 <= 499999))
           // ensure we exclude AMT only cards
             && !( (($NumberLeft6 >= 490300) && ($NumberLeft6 <= 490301))
                || (($NumberLeft6 >= 490310) && ($NumberLeft6 <= 490334))
                || (($NumberLeft6 >= 490340) && ($NumberLeft6 <= 490399))
                || (($NumberLeft6 >= 490400) && ($NumberLeft6 <= 490409))
                || ($NumberLeft6 == 490419)
                || ($NumberLeft6 == 490451)
                || ($NumberLeft6 == 490459)
                || ($NumberLeft6 == 490467)
                || (($NumberLeft6 >= 490475) && ($NumberLeft6 <= 490478))
                || (($NumberLeft6 >= 490500) && ($NumberLeft6 <= 490599))
                || (($NumberLeft6 >= 491103) && ($NumberLeft6 <= 491173))
                || (($NumberLeft6 >= 491183) && ($NumberLeft6 <= 491199))
                || (($NumberLeft6 >= 492800) && ($NumberLeft6 <= 492899))
                || (($NumberLeft6 >= 498700) && ($NumberLeft6 <= 498799))
                 )
              ) && (ereg('[0-9]{16}|[0-9]{13}', $this->cc_number)) ) {
         $this->cc_type = 'Visa';
         if ( strtolower(MODULE_PAYMENT_CC_ACCEPT_VISA) != 'true' )   return -5;

//
// back to std system checks
//      if (ereg('^4[0-9]{12}([0-9]{3})?$', $this->cc_number)) {
     } elseif (ereg('^4[0-9]{12}([0-9]{3})?$', $this->cc_number)) {
//**si**end
       $this->cc_type = 'Visa';
       //**si**
	if ( strtolower(MODULE_PAYMENT_CC_ACCEPT_ORIG_VISA) != 'true' )   return -5;
       //**si** end
     } elseif (ereg('^5[1-5][0-9]{14}$', $this->cc_number)) {
       $this->cc_type = 'Master Card';
       //**si**
	if ( strtolower(MODULE_PAYMENT_CC_ACCEPT_ORIG_MASTERCARD) != 'true' )   return -5;
       //**si** end
     } elseif (ereg('^3[47][0-9]{13}$', $this->cc_number)) {
       $this->cc_type = 'American Express';
       //**si**
	if ( strtolower(MODULE_PAYMENT_CC_ACCEPT_ORIG_AMERICANEXPRESS) != 'true' )   return -5;
       //**si** end
     } elseif (ereg('^3(0[0-5]|[68][0-9])[0-9]{11}$', $this->cc_number)) {
       $this->cc_type = 'Diners Club';
       //**si**
	if ( strtolower(MODULE_PAYMENT_CC_ACCEPT_ORIG_DINERSCLUB) != 'true' )   return -5;
       //**si** end
     } elseif (ereg('^6011[0-9]{12}$', $this->cc_number)) {
       $this->cc_type = 'Discover';
       //**si**
	if ( strtolower(MODULE_PAYMENT_CC_ACCEPT_ORIG_DISCOVERNOVUS) != 'true' )   return -5;
       //**si** end
     } elseif (ereg('^(3[0-9]{4}|2131|1800)[0-9]{11}$', $this->cc_number)) {
       $this->cc_type = 'JCB';
       //**si**
	if ( strtolower(MODULE_PAYMENT_CC_ACCEPT_ORIG_JCB) != 'true' )   return -5;
       //**si** end
     } else {
       return -1;
     }

//**si** 09-03-03
if ( USE_CC_ISSUE == 'true' ) { 
   if ( ( strtolower($this->cc_type) == "switch" || strtolower($this->cc_type) == "solo" ) && empty($cc_issue) ) {
           return -11;
           ///$cc_val = ;
       }
}
if ( USE_CC_CVV == 'true' ) {
        if ( empty($cc_cvv) || strlen(strval($cc_cvv)) != 3 ) {
           return -12;
           //$cc_val = ;
        }
}
//**si**end

     if (is_numeric($expiry_m) && ($expiry_m > 0) && ($expiry_m < 13)) {
       $this->cc_expiry_month = $expiry_m;
     } else {
       return -2;
     }

     $current_year = date('Y');
     $expiry_y = substr($current_year, 0, 2) . $expiry_y;
     if (is_numeric($expiry_y) && ($expiry_y >= $current_year) && ($expiry_y <= ($current_year + 10))) {
       $this->cc_expiry_year = $expiry_y;
     } else {
       return -3;
     }

     if ($expiry_y == $current_year) {
       if ($expiry_m < date('n')) {
         return -4;
       }
     }

//**si**
////die('4 "'.is_numeric($start_m).'" $start_m "'.$start_m.'" $start_y "'.$start_y.'"');
     if ( !(is_numeric($start_m) && ($start_m > 0) && ($start_m < 13)) ) {
       return -6;
     }

     $current_year = date('Y');
     if ($start_y > 80) {
       $start_y = '19' . $start_y;
     } else {
       $start_y = '20' . $start_y;
     }

     if ( !is_numeric($start_y) || ($start_y > $current_year)) {
         return -6;
     }
     if ( !($start_y >= ($current_year - 10)) ) {
       return -6;
     }

//**08/03/03
///if ($start_m > date('n') || ( $start_m >= $expire_m && $start_y == $expiry_y) ) {
     if ( ($start_m >= $expiry_m && $start_y == $expiry_y) || ($start_m > date('n') && $start_y == date('Y')))   {
       return -6;
     }

     $this->cc_start_month = $start_m;
     $this->cc_start_year = $start_y;

//**si** end
     return $this->is_valid();
   }

   function is_valid() {

     $cardNumber = strrev($this->cc_number);
     $numSum = 0;

     for ($i=0; $i<strlen($cardNumber); $i++) {
       $currentNum = substr($cardNumber, $i, 1);

// Double every second digit
       if ($i % 2 == 1) {
         $currentNum *= 2;
       }

// Add digits of 2-digit numbers together
       if ($currentNum > 9) {
         $firstNum = $currentNum % 10;
         $secondNum = ($currentNum - $firstNum) / 10;
         $currentNum = $firstNum + $secondNum;
       }

       $numSum += $currentNum;
     }

// If the total has no remainder it's OK
     return ($numSum % 10 == 0);
   }
 }
?>

Link to comment
Share on other sites

just below this line:

 

	function validate($number, $expiry_m, $expiry_y, $start_m='', $start_y='',$cc_cvv='', $cc_issue='') {

 

add

return true;

 

This should return true for every cc.

Link to comment
Share on other sites

Hi Enigma

many thanks that appears to work for any combination of numbers. the only problem now is I get this error on my checkout confirmation page

Warning: str_repeat() [function.str-repeat]: Second argument has to be greater than or equal to 0. in F:\.........\includes\modules\payment\cc.php on line 229

The checkout confirmation still shows ok with the above warning

 

here is the code from cc.php at line 229

'field' => substr($this->cc_card_number, 0, 4) . str_repeat('X', (strlen($this->cc_card_number) - 8)) . substr($this->cc_card_number, -4)),

 

we are getting there slowly but surely any ideas how to get ride of the warning greatly appreciated

Link to comment
Share on other sites

are you entering proper cc numbers? You should not see it if the cc is longer than 8 digits. Unless you've done other customizations with your cc.php module.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...