Webform Validation No Credit Card Numbers (https://www.drupal.org/sandbox/jannis/2486167) validates webform submission components to make sure users do not enter credit cards in the wrong components.

This project requires Webform Validation (https://www.drupal.org/project/webform_validation) and (optionally) Clientside Validation (https://www.drupal.org/project/clientside_validation) to validate that number, textfield, and textarea components do not contain a credit card number anywhere in the field.

This is essentially a complicated validation script that checks to make sure users do not accidentally put a credit card number somewhere they should not. This validation is extremely thorough, and finds any possible credit card strings that may be 'buried' in other text or spaces or other workarounds.

The validation will remove all non-number characters and then perform a Luhn check on every 15 and 16 digit sequence in the component.

If any sequence passes a Luhn check -- it is a credit card, and this module will prevent compliance incidents by preventing credit card data from being entered or stored where it should not.

Link to project: https://www.drupal.org/sandbox/jannis/2486167
Git Clone: git clone --branch 7.x-1.x jannis@git.drupal.org:sandbox/jannis/2486167.git webform_validation_no_ccs

Comments

PA robot’s picture

PA robot commented
Status: Needs review » Needs work

There are some errors reported by automated review tools, did you already check them? See http://pareview.sh/pareview/httpgitdrupalorgsandboxjannis2486167git

We are currently quite busy with all the project applications and we prefer projects with a review bonus. Please help reviewing and put yourself on the high priority list, then we will take a look at your project right away :-)

Also, you should get your friends, colleagues or other community members involved to review this application. Let them go through the review checklist and post a comment that sets this issue to "needs work" (they found some problems with the project) or "reviewed & tested by the community" (they found no major flaws).

I'm a robot and this is an automated message from Project Applications Scraper.

ayesh’s picture

ayesh commented

Hi,
Thanks for this!

Please do fix the code style and documentation issues reported by the bot above.

While all credit cards validate with Luhn algo, the reverse isn't true. Luhn algo is used validate many types of data.
Try entering an IMEI number in the fields (in any mobile phone, type *#06# to get the 15 digit Luhn-validating IMEI number).

Credit cards (incl debit, loyalty cards, etc) usually have a prefixed. "4" for visa, for example. I think a more validation would be useful.

I also went through your code and looks ok to me.

Farreres’s picture

Farreres commented

You should rename some functions. Pareview shows two functions missing some prefix.

function check_for_valid_luhn($val) {
function is_valid_luhn($number) {

As your module is named Webform Validation No Credit Card Numbers, a prefix could be wvnccn. Then just renaming the functions as

function wvnccn_check_for_valid_luhn($val) {
function wvnccn_is_valid_luhn($number) {

would make the trick.

perignon’s picture

perignon commented

Or prefix them with an underscore to indicate a private function as well.

kunalkursija’s picture

kunalkursija commented

Hi janis,

Below are the some problems i found with the module.

  • In function webform_validation_no_ccs_webform_validation_validators, Each key/value pair should be seperated by a comma.
  • Doc root of hooks should begin with "Implements" & not "Implementation of"
  • Variables like $sumTable consist of a capital letter T, which is a bad practice.
  • In your JS file, the string "Value must a valid phone number" must end with a full stop.
  • Variables like $sumTable consist of a capital letter T, which is a bad practice.
  • .info File : Its a good practice to add description in your .info file.
  • .info File : Its a good practice to add description in your .info file.
  • Docroots overall doesn't look formatted and less descriptive.
  • Its a good practice to start all your function names with module names.
  • @file is missing.
  • Comments should begin with the Capital letters, & must end with a full stop.
  • It will be better if you write some granular commenting, it will improve the code readability. For Ex : you have $val = preg_replace("/[^0-9]/", "", $val); , But its hard to understand what its for.
  • As an improvement, You could add your JS file inside a js folder in module.
PA robot’s picture

PA robot commented
Status: Needs work » Closed (won't fix)

Closing due to lack of activity. If you are still working on this application, you should fix all known problems and then set the status to "Needs review". (See also the project application workflow).

I'm a robot and this is an automated message from Project Applications Scraper.