Page 1 of 1

Can you find CC Details on enteries and block them?

Posted: Fri May 21, 2010 3:12 am
by simonmlewis
We have having issues now whereby people are punching in their credit card details, ie. 5555 4444 5555 4444, asking for refunds on items.

Is there a way on the following page (which we have in place before it goes to a database) to check the contents for a specific style of entries, such as 4 continuous digits, and then asterisk them out?

So for example: "Dear john, please refund me my money straight away to credit card number 4567 8901 2345 6778", for them to see on the following page: "Dear john, please refund me my money straight away to credit card number **** **** **** ****", or "Dear john, please refund me my money straight away to credit card number **** 8901 2345 6778" or something similar?

The people who have done it so far, always do it in the correct format though, with the spacing. So may be a way to pick that out.

Hope someone can help.

Re: Can you find CC Details on enteries and block them?

Posted: Fri May 21, 2010 3:57 am
by requinix
You can use a regular expression to search for 16 digits in a row.

Wouldn't it be easier to put a message on the form saying "Please don't enter personal information such as addresses or credit card numbers on this page"?

Re: Can you find CC Details on enteries and block them?

Posted: Fri May 21, 2010 4:00 am
by simonmlewis
Well yes, we tried that but a lot of youngers use the site, and have access to their parents CCs, and they appear to be a bit dippy!

Trouble is, 6666 6666 5555 5555 is not 16 digits in a row, as there are three spaces.

Or does that still count? What TERM should I look for in a PHP expression search for this type of query?

Re: Can you find CC Details on enteries and block them?

Posted: Fri May 21, 2010 4:13 am
by Benjamin
I wrote a quick and dirty snippet for you in order to get you started.

Code: Select all

<?php
echo '<pre>';
$text = "Please refund my purchase of $1.00 to credit card number 1234 4567 8901 2345, I no longer want this item, because it doesn't work.  Thank you.\n";
echo $text;

/*
 * Removes the first 12 digits of a 16 digit number.
 *
 * Matches:
 *
 * 1234 5678 9012 3456
 * 1234-5678-9012-3456
 * 1234567890123456
 */
$text = stripslashes(preg_replace('#^(.*?)((\d{4}[ -]{0,1})(\d{4}[ -]{0,1})(\d{4}[ -]{0,1})(\d{4}[ -]{0,1}))(.*)$#', '${1}************${6}${7}', preg_quote($text)));

echo "$text\n";
Outputs:

[text]Please refund my purchase of $1.00 to credit card number 1234 4567 8901 2345, I no longer want this item, because it doesn't work. Thank you.
Please refund my purchase of $1.00 to credit card number ************2345, I no longer want this item, because it doesn't work. Thank you.[/text]

Re: Can you find CC Details on enteries and block them?

Posted: Fri May 21, 2010 4:18 am
by simonmlewis
Sorry I might be being a bit dippy here, but that doesn't output that.
It just outputs everything including the numbers.

Re: Can you find CC Details on enteries and block them?

Posted: Fri May 21, 2010 4:20 am
by Benjamin
Click "Expand" to see all the code.

Re: Can you find CC Details on enteries and block them?

Posted: Fri May 21, 2010 4:25 am
by simonmlewis
Oh my apologies. Didn't see that link. A new feature??

Will look at it and let you know how I get on.

Many thanks.

Re: Can you find CC Details on enteries and block them?

Posted: Sat May 22, 2010 3:23 am
by simonmlewis
Using the same style of process, can this be used to filter out certain keywords?

ie. swear words?? If so, how do I do it?