Saturday
31
October
2009

CreditCard validation

And once again I have a new component for your convinience.

Zend_Validate_CreditCard is a component which can validate creditcards. When you are an expert ZF user then you may probably note that there was already a Zend_Validate_Ccnum validator. But it had severe security problems.

Example:
Ccnum validator did not accept several CreditCard numbers even they were correct. On the other side several numbers were accepted even if they were incorrect.

The reason for this problems were that Ccnum validated only if the given number was valid according to Luhn, but not if they are creditcard numbers.

Now when you need to validate creditcards let’s take a deeper look into this validator and what it can archive.

First let’s define which credit card institute you want to accept:

$valid = new Zend_Validate_CreditCard(Zend_Validate_CreditCard::VISA);

Giving no institute will accept all available institutes, and giving an array will accept everyone of the given institutes.

$valid = new Zend_Validate_CreditCard(
    array(
        Zend_Validate_CreditCard::VISA,
        Zend_Validate_CreditCard::AMERICAN_EXPRESS
    )
);

When you now have to validate a creditcard number the following checks will be made:

* First the length of the number will be checked… every institute uses different lengths for it’s numbers
* Then the prefix will be checked… every institute uses a worldwide unique prefix for it’s cards
* Then the number itself will be validated by calculating a checksum

This way you can easily be sure that you get only creditcards from those institutes you accept.

Looks quite good until now but still there are some things which can obvisiously not be checked by a offline validation. For example is there no way to validate if a creditcard has been marked as stolen, or if the creditcard is out of lifetime. Of course there is a date on the card itself, but there is no way to validate it offline, except of the date itself which is not really secure, but only a check for dumbs.

Still there are ways to get also these things validated. Almost all creditcard institutes provide online services which will do the above mentioned checks. But these services are not free and therefor not be added to this validator. But Zend_Validate_CreditCard can be coupled with external functions. So you could access such an API yourself and couple your method with Zend_Validate_CreditCard.

class MyClass
{
    public function MyCheck($creditcard)
    {
        // Do some online checks with the institutes API
        return true | false;
    }
}
	
$valid = new Zend_Validate_CreditCard(Zend_Validate_CreditCard::VISA);
$valid->setService(array('MyClass', 'MyCheck'));

This way you could also attach your own validation methods. For example when you have a database with known numbers you would not accept, then you could add a method which does this check additionally to the existing validations.

Note that for performance reasons the connected service will only be called when all other offline validations are ok and valid. This prevents the call for numbers which are obisiously broken.

Have fun with this new component and of course with Zend Framework.

Greetings
Thomas Weidner
I18N Team Leader, Zend Framework

Zend Framework Advisory Board Member
Zend Certified Engineer for Zend Framework

Back to top
Friday
30
October
2009

Translation resources

Hy fellows,

even if it’s not official for now I want to point you to a new feature which will be available within the next few weeks.

Zend_Validate offers more than 100 different error messages which can easily be translated. The problem with “easily” is that you need to create the translation source eighter by parsing ZF’s code or by copying them from the documentation.

This is not a real fast way and is not really good for usability.

So I created translation resources for Zend_Validate’s error messages.
For now you can find them within the Incubator. Look into /incubator/resources/translate/en/Zend_Validate.php.

Use the Array Adapter to load them.
You can already find pre-translated messages for english (of course) and german.

As this feature is for now not officially accepted I would ask to wait before adding new translations until it’s available within core. When it’s time I will add you some example code for those not familiar with Zend_Translate.

Have fun with this new feature when you can’t wait :-)

Greetings
Thomas Weidner
I18N Team Leader, Zend Framework

Zend Framework Advisory Board Member
Zend Certified Engineer for Zend Framework

Back to top
Saturday
24
October
2009

Migrating Zend Framework

Hy fellows,

migrating Zend Framework to a newer release can be a immane work when you want to switch several releases at once.

In past you had to search the complete manual for the multiple migration notes. Every component had his own migration note which meant that you had to read through several chapters until you knew what you had to be aware of.

For Zend Framework 1.10 I changed this.
Now there is a single migration chapter within the appendix where you can find all migration notes from all releases and all components at one place.
When you want to migrate from 1.9 to 1.10 then you can now read in a single chapter and have all changes at one place.

Have fun with this improvement.

Greetings
Thomas Weidner
I18N Team Leader, Zend Framework

Zend Framework Advisory Board Member
Zend Certified Engineer for Zend Framework

Back to top