Email us your tutorial, and drive some traffic to your site with a link or a banner.
Credit Card Validation
"Although online payment options such as PayPal have become extremely
popular in the last couple of years, the majority of online stores still use
some sort of merchant system to accept credit card payments from their web sites.
Before actually encrypting your customer's credit card numbers to a database
or forwarding them to a merchant server, it's a good idea to implement your
own credit card validation routine."
Although online payment options such as PayPal have become extremely popular
in the last couple of years, the majority of online stores still use some sort
of merchant system to accept credit card payments from their web sites. Before
actually encrypting your customer's credit card numbers to a database or forwarding
them to a merchant server, it's a good idea to implement your own credit card
In this article we're going to work through developing a PHP class that stores
the details of a credit card and validates its number using the Mod 10 algorithm.
To implement the class that we will create in this article, you should have
access to an Apache web server running PHP 4.1.0 or later.
Credit card validation
What does we actually mean when we say "validate a credit card number"?
Quite simply it means that we run a credit cards number through a special algorithm
known as the Mod 10 algorithm.
This algorithm processes some simple numerical data validation routines against
the number and the result of this algorithm can be used to determine whether
or not a credit card number is valid. There are several different types of credit
cards that one can use to make a purchase, however they can all be validated
using the Mod 10 algorithm.
As well as passing the Mod 10 algorithm, a credit card number must also pass
several different formatting rules. A list of these rules for each of the six
most popular credit cards is shown below:
-Mastercard: Must have a prefix of 51 to 55, and must be 16 digits in length.
-Visa: Must have a prefix of 4, and must be either 13 or 16 digits in length.
-American Express: Must have a prefix of 34 or 37, and must be 15 digits in
-Diners Club: Must have a prefix of 300 to 305, 36, or 38, and must be 14 digits
-Discover: Must have a prefix of 6011, and must be 16 digits in length.
-JCB: Must have a prefix of 3, 1800, or 2131, and must be either 15 or 16 digits
As mentioned earlier, in this article we will be creating a PHP class that
will hold the details of a credit card number and expose a function indicating
whether or not the number of that credit card is valid (i.e. whether it passed
the Mod 10 algorithm or not). Before we create that class however, let's look
at how the Mod 10 algorithm works.
The Mod 10 algorithm
There are three steps that the Mod 10 algorithm takes to determine whether or
not a credit card number is valid. We will use the valid credit card number
378282246310005 to demonstrate these steps:
The number is reversed and the value of every second digit is doubled, starting
with the digit in second place:
... becomes ...
and the value of every second digit is doubled:
5 0 0 0 1 3 6 4 2 2 8 2 8 7 3
x2 x2 x2 x2 x2 x2 x2
0 0 6 8 4 4 14
The values of the numbers that resulted from multiplying every second digit
by two are added together (i.e. in our example above, multiplying the 7 by two
resulted in 14, which is 1 + 4 = 5). The result of these additions is added
to the value of every digit that was not multiplied (i.e. the first digit, the
third, the fifth, etc):
5 + (0) + 0 + (0) + 1 + (6) + 6 + (8) + 2 + (4) + 8 + (4) + 8 + (1 + 4) + 3
When a modulus operation is applied to the result of step two, the remainder
must equal 0 in order for the number to pass the Mod 10 algorithm. The modulus
operator simply returns the remainder of a division, for example:
10 MOD 5 = 0 (5 goes into 10 two times and has a remainder of 0)
20 MOD 6 = 2 (6 goes into 20 three times and has a remainder of 2)
43 MOD 4 = 3 (4 goes into 43 ten times and has a remainder of 3)
So for our test credit card number 378282246310005, we apply a modulus of 10
to the result from step two, like this:
60 MOD 10 = 0
The modulus operation returns 0, indicating that the credit card number is
Now that we understand the Mod 10 algorithm, it's really quite easy to create
our own version to validate credit card numbers with PHP. Let's create our credit
card class now.
Creating the CCreditCard class
Let's now create a PHP class that we can use to store and validate the details
of a credit card. Our class will be able to hold the cardholders name, the card
type (mastercard, visa, etc), the card number, and the expiry month and date.
Create a new PHP file called class.creditcard.php. As we walk through the following
two pages, copy-paste each piece of code shown to the file and save it.
We start of by defining several card type constants. These values will be used
to represent the type of card that our class will be validating:
And that's all there is to our CCreditCard class! Let's now look at a simple
validation example using HTML forms, PHP, and an instance of our CCreditCard
Using our CCreditCard class
Create a new file called testcc.php and save it in the same directory as the
class.creditcard.php file. Enter the following code into testcc.php:
Validate Credit Card
Run the script in your browser.
In this article we've seen how we can take advantage of PHP's object orientated
nature (most notably classes) to create a credit card storage and validation
class. We went through the components of this class in detail, and we finished
off by creating a test script in which we instantiated our CCreditCard class
and validated a sample card number.
If you're thinking of setting up an eCommerce site which will process/store
visitors credit card details, then you should take the class we've just made
and customize it to suit your needs. You might want to add other functions to
it to compare CCreditCard objects, format the cards details into an XML string,
encrypt the cards details to a database, or even process the payment in real
/This article was provided by ThePHPGuy.com -- home of the never-ending collection
of articles for Apache, PHP and MySQL. Check them out at http://www.thephpguy.com