Jump to content
  • Checkout
  • Login
  • Get in touch


The e-commerce.

cc_Validate & UK Debit Cards


Recommended Posts

Hiya -


This seems to be a continual problem with UK debit cards - my cc_validate file will not allow debit cards to be processed, and well frankly I just have no idea how to amend the file to add the debit card bin number ranges in.


The key part of cc_validate.php is currently:


if (ereg('^4[0-9]{12}([0-9]{3})?$', $this->cc_number)) {

$this->cc_type = 'Visa';

} elseif (ereg('^5[1-5][0-9]{14}$', $this->cc_number)) {

$this->cc_type = 'Master Card';

} elseif (ereg('^3(0[0-5]|[68][0-9])[0-9]{11}$', $this->cc_number)) {

$this->cc_type = 'Diners Club';

} elseif (ereg('^6011[0-9]{12}$', $this->cc_number)) {

$this->cc_type = 'Discover';

} elseif (ereg('^(3[0-9]{4}|2131|1800)[0-9]{11}$', $this->cc_number)) {

$this->cc_type = 'JCB';

} else {

return -1;


Does anyone have the relevant range codes for Delta/Electron/Maestro/Switch & Solo?


I have up to date bin ranges for the cards, but as I don't even understand the format of the coding (Barely a basic php newbie!) I just don't know how to start adding them in...


Can anyone help with the code or decipher the above card number format info so I could have a stab at it myself?


Thanks everso...!

Link to comment
Share on other sites

Instead of answering your question, may I say that if you ask your customers to enter their cc or dc info on your website and store the info on your server (database), the banks have very strict rules about this, one of them is regularly carrying out security audits on your site/server and that means £££s. You would also first seek their permission of doing so. Failing that, you will have to use a third party payment service (gateway) to process cc/dc payment, as many of your fellow osc shop owners do.

The fact that the cc_validate.php is included in osc doesnt mean that anyone can use it without breaking the law/regulations (it could be used but at your own risk :) ).

I would not bother to hack the file as for most people, if not all, it could not be used on their site anyway.

This is for your info only. You make your own decision. Or I misunderstood your question?



commercial support - unProtected channel, not to be confused with the forum with same name - open to everyone who need some professional help: either PM/email me, or go to my website (URL can be found in my profile).

over 20 years of computer programming experience.

Link to comment
Share on other sites

Hi Ken -


worry not, we do not store any card details - the cc_validate file is used to validate the details input on our ssl site before being transmitted to our card processor - sort of like a double check - especially as we get chaged for rejected cards.


The problem is the cc_validate is not recognising the right card types before transmitting the details on.


But thanks for the warning - would be good if all sites were squeaky clean!

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...