Credit Card Last 4 Digits

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
chas688
Forum Newbie
Posts: 15
Joined: Wed Jul 14, 2004 3:25 pm

Credit Card Last 4 Digits

Post by chas688 »

I'm building a site where I will be passing credit card information to a clearing house, but I want to retain the last four digits of the credit card number in the database and associate it with the order.

Does any more experienced in php than myself know of the best way to do this? Should I just use string functions to replace the digits?

Has anyone already created a function to validate the cc number and then replace all the digits except the last four with asterisks?

Thanks. :D
User avatar
Burrito
Spockulator
Posts: 4715
Joined: Wed Feb 04, 2004 8:15 pm
Location: Eden, Utah

Post by Burrito »

use substr() to fetch the last four then put X's in front of them.

ie:

Code: Select all

$lastfour = substr($_POST['ccnum'],-4);
$hiddencc = "xxx...xx$lastfour";
chas688
Forum Newbie
Posts: 15
Joined: Wed Jul 14, 2004 3:25 pm

Thanks!

Post by chas688 »

I would have made it much more complex. Thanks for the guidance.

Chas688
User avatar
Jenk
DevNet Master
Posts: 3587
Joined: Mon Sep 19, 2005 6:24 am
Location: London

Post by Jenk »

Just for fun (I'm bored) you can use the str_pad function, too:

Code: Select all

<?php

$maskedNumber =  str_pad(substr($number, -4), strlen($number), '*', STR_PAD_LEFT);

?>
Post Reply