Validating Credit Card Numbers with Zend Framework

Ever wonder how websites can tell you made a mistake entering your credit card number before you even submit it? Like most identification numbers credit cards have checksum digits built into them. Just like barcodes.

If you ever look at a EAN-13 UPC barcode (on all retail products) you will notice there is a digit outside of the regular set on the right. If any digit is out of order or mistyped you can tell that the barcode is wrong based on this checksum. It also allows barcode readers the ability to “guess” what the barcode if part of the barcode got riped or damaged. This is also how PAR files can repair corrupt damaged or even missing files.

Credit cards use a checksum algorithm called the, Luhn Algorithm, invented by Hans Peter Luhn. This simple algorithm can check to see if a credit card number was accidentally mistyped. This is what Zend Framework uses as well.

Validating Credit Card Numbers with Zend Framework

 
Here is a quick validation using Zend Framework:

$validator = new Zend_Validate_Ccnum();
        if ($validator->isValid('8181876154321')) {
            echo 'valid';
        } else {
            // email is invalid; print the reasons
            foreach ($validator->getMessages() as $message) {
                echo "$message\n";
            }
        }

---

---

This entry was posted in Howto, PHP, Programming, Security and tagged Zend Framework. Bookmark the permalink.

6 Responses to Validating Credit Card Numbers with Zend Framework

1. Jade Robbins says:

   November 21, 2008 at 12:39 pm

   ISBN’s use checksums too
2. will says:

   January 5, 2009 at 10:43 am

   the Zend framework (as of 1.7) does not know what cc type you entered.
   Below are the regular expressions that determine the card type. I’m still learning how ZF really comes together, but I know these expressions are tried and true.

   Visa = /^\4[0-9]{12}([0-9]{3})?$/x

   MasterCard = /^\5[0-9]{15}$/x

   Does anyone know of a way to make the ZF work with a payment gateway?
3. Mark Sanborn says:

   January 5, 2009 at 12:19 pm

   The only problem with this is that it doesn’t use the Luhn Algorithm.
4. will says:

   January 5, 2009 at 1:22 pm

   Right…
   The luhn check confirms the card number is valid.
   The regular expressions I provided are simply meant as a method of detecting the card type.

   Never process a card without running the luhn check against it!
5. Mark Sanborn says:

   January 5, 2009 at 4:18 pm

   Ahh, sorry I was thinking you were suggesting the regex as a replacement to the Zend functions. I will look into the Zend framework later tonight tommorow and see if I can get it to tell me what type of card was ran.

   You can usually tell by the first couple of digits on the number sequence.

6. Pingback: How SINs (and Credit Card Numbers) Are Validated :: Dammit Jim!

• Categories

  • FAQs (2)
  • FreeBSD (21)
  • Howto (46)
  • Links (18)
  • Linux (38)
  • Miscellaneous (11)
  • PHP (23)
  • Programming (19)
  • Security (20)
  • SEO (6)
  • Software (15)
  • Uncategorized (12)

• Recent Posts

  • What RSS Feeds Does Mark Sanborn Read?
  • Schedule a Tweet with One Comnand in Linux
  • Two New Projects Launched: NixTutor and Faceoff Podcast
  • Faceoff: Episode 2
  • Faceoff: A New Podcast by Mark Sanborn and Jade Robbins

• Archives

  Select Month September 2009 March 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 December 2007 November 2007 October 2007 September 2007 August 2007 July 2007