osCommerce: Mask credit card numbers for old orders

Posted by: rkassissieh
July152007

I recently discovered that osCommerce does not automatically remove credit card information for old orders. Here is a little script that I dropped into admin/orders.php that silently masks credit card numbers for orders older than 14 days. One day, I will learn how to create a legitimate module.

$cc_numbers_query = tep_db_query("select orders_id, cc_number from " . TABLE_ORDERS . " where orders_status=3 AND last_modified < (DATE_ADD(NOW(), INTERVAL -14 DAY))");
while ($cc_num = tep_db_fetch_array($cc_numbers_query)) {
$fullcc = $cc_num['cc_number'];
if ($fullcc && (!strstr($fullcc, 'x'))) { // hasn't previously been processed
$newcc='';
for ($a=0;$a<(strlen($fullcc)-4);$a++) {
$newcc .= 'x';
}
$newcc .= substr($fullcc,-4);
$editcc_query = tep_db_query("update " . TABLE_ORDERS . " set cc_number = '" . $newcc . "' where orders_id = " . $cc_num['orders_id']);
}
}

« Prev item - Next item »
-------------------

Comments

Posted by Jamie on October 22 - 22:28:30

Hi,

What part of the code did you insert this in? What line and what is the code above or the code that was replaced? This is exactly what I have been looking for!

Posted by rkassissieh on October 23 - 04:54:28

I created a new script file admin/expirecc.php and then invoked it from admin/orders.php, so that it would execute whenever the staff check pending orders.

admins/orders.php, line 14: require_once('expirecc.php');

Leave comment




Subscribe comments

Enter email address to subscribe to comment on this item
Click here to manage subscription


buy viagra online
buy levitra