Since the credit card type selection was removed from our credit card forms (users now just enter in their credit card #s w/o selecting the cc type from a drop-down), the back-end form validation no longer properly verifies credit card numbers.
This is resulting in a very high number of failed transactions due to unsupported credit card types.
Currently, the code in DonationInterface/payflowpro_gateway/payflowprog_gateway.body.php that is deprecated and no longer works is:
<code>
// validate that credit card number entered is correct for the brand
switch( $data['card'] ) { case 'american': // pattern for Amex $pattern = '/^3[47][0-9]{13}$/'; // if the pattern doesn't match if ( !preg_match( $pattern, $data['card_num'] ) ) { $error_result = '1'; $error['card'] = wfMsg( 'payflowpro_gateway-error-msg-amex' ); } break; case 'mastercard': // pattern for Mastercard $pattern = '/^5[1-5][0-9]{14}$/'; // if pattern doesn't match if ( !preg_match( $pattern, $data['card_num'] ) ) { $error_result = '1'; $error['card'] = wfMsg( 'payflowpro_gateway-error-msg-mc' ); } break; case 'visa': // pattern for Visa $pattern = '/^4[0-9]{12}(?:[0-9]{3})?$/'; // if pattern doesn't match if ( !preg_match( $pattern, $data['card_num'] ) ) { $error_result = '1'; $error['card'] = wfMsg( 'payflowpro_gateway-error-msg-visa' ); } break; case 'discover': // pattern for Discover $pattern = '/^6(?:011|5[0-9]{2})[0-9]{12}$/'; // if pattern doesn't match if ( !preg_match( $pattern, $data['card_num'] ) ) { $error_result = '1'; $error['card'] = wfMsg( 'payflowpro_gateway-error-msg-discover' ); } break; } // end switch
</code>
$data['card'] will no longer carry a useful value due to the form changes.
We should probably be detecting the credit card type based on the credit card BIN and determining card-type validity based off the result.
Version: unspecified
Severity: enhancement