A simple code challenge

15 views
Skip to first unread message

Robert Gonzalez

unread,
Sep 2, 2010, 12:55:23 PM9/2/10
to professional-php
Figured I'd start the day off with a small, simple code challenge for our distinguished group of n00bs, professionals and contributors...

INTRODUCTION:
A recent project of mine left me with the need to validate credit card numbers for an application I am developing. Some brief searching led me to the Luhn algorithm, or what is commonly known as the Mod10 algorithm, which ensures that a credit card number is a legit number in terms of values and locations of the numbers within the overall number. The algorithm is straight forward and simple enough to follow:

Take a credit card number and reverse it.
Starting with the second number in the sequence, multiply every other number by 2. In cases where the product of this multiplication is 10 or greater, add the parts of the number together to get a single digit value.
Add all numbers together.
Divide by 10.
If there is a remainder, the number is invalid. If there is no remainder, the number is valid.

EXAMPLE:
Number: 482450247036  (Shortened number that is NOT a real credit card number):

Step 1: 630742054284
Step 2: 6 + 6 + 0 + (1+4) + 4 + 4 + 0 + (1+0) + 4 + 4 + 8 + 8 = 50
Step 3: 50 / 10 = 5R0 ... VALIDATES

THE CHALLENGE:
Write a simple PHP function that takes a numeric string and determines if the number is a valid credit card number according to the Luhn algorithm.

EXTRA CREDIT:
Write a class that takes a string credit card number, normalizes it to only numbers then validates it using the Luhn algorithm. The class should have accessor methods for setting and getting the credit card number, with the getter method taking an optional parameter to return the raw number which, if passed, will return the number as presented, otherwise will return a masked version of the number in which all but the last four numbers are replaced with the character X.

SUBMITTING SOLUTIONS:
When you have a solution to this challenge, please post it to a Paste Bin somewhere and post a link to it. PLEASE DON'T CHEAT AND COPY SOMEBODY ELSE'S SOLUTION. Jack will unleash Cthulu on you, who will eat your soul with some Fava beans and a nice Chianti. I will submit my solution later today or tomorrow. 

CONCLUSION:
This is a pretty simple code challenge. Probably a lot more simple the even the write up I did explaining it. It shouldn't take more than a few minutes to complete it.

Robert Gonzalez

unread,
Sep 2, 2010, 1:51:15 PM9/2/10
to professional-php
Forgot to give you guys test credit card numbers. These come from our processors test number set. I've even made an array out of them for you. ;)

$numbers = array(
// AmEx
'3782 8224 6310 005',
// Visa
'4111 1111 1111 1111', 
// Discover
'6011 1111 1111 1117', 
// MasterCard
'5555-5555-5555-4444', 
// JCB
'3566 1111 1111 1113',
// Laser
'6304 9850 2809 0561 515',
// Maestro (International)
'5033 9619 8909 17',
'5868 2416 0825 5333 38',
//Maestro (UK Domestic)
'6759 4111 0000 0008', //Issue number not required
'6759 5600 4500 5727 054', //One-digit issue number required
'5641 8211 1116 6669', //Two-digit issue number required
//Solo
'6334 5898 9800 0001', //Issue number not required
'6767 8200 9988 0077 06', //One-digit issue number required
'6334 9711 1111 1114', //Two-digit issue number required
//UATP
'1354 1234 5678 911',
);

Jimboidaho

unread,
Sep 2, 2010, 1:57:52 PM9/2/10
to Professional PHP Developers
I am going to cheat. jquery.validate.js has a nice algorithm built
in.

On Sep 2, 11:51 am, Robert Gonzalez

Jack Timmons

unread,
Sep 2, 2010, 2:05:53 PM9/2/10
to professi...@googlegroups.com
On Thu, Sep 2, 2010 at 11:55 AM, Robert Gonzalez
<robert.anth...@gmail.com> wrote:
> SOLUTION. Jack will unleash Cthulu on you, who will eat your soul with some
> Fava beans and a nice Chianti. I will submit my solution later today or
> tomorrow.

He prefers white wine, thank you.

Also, I'd participate, but I'm currently in deep writing a PHP app to
make a IDML file from our specified XML styles.

--
Jack Timmons
@_Codeacula

Robert Gonzalez

unread,
Sep 2, 2010, 2:22:37 PM9/2/10
to professi...@googlegroups.com
My solution, with some inspiration from Jason's ($i & 1) bitwise odd/even checker.


--
This group is managed and maintained by the development staff at 360 PSG. An enterprise application development company utilizing open-source technologies for todays small-to-medium size businesses.

For information or project assistance please visit :
http://www.360psg.com

You received this message because you are subscribed to the Google Groups "Professional PHP Developers" group.
To post to this group, send email to Professi...@googlegroups.com
To unsubscribe from this group, send email to Professional-P...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/Professional-PHP

sc_mach

unread,
Sep 2, 2010, 2:32:35 PM9/2/10
to Professional PHP Developers
Here's mine. I'm not feeling very motivated today (am I ever?) so no
extra credit, just a simple function:

http://pastebin.com/dkBazdXH

On Sep 2, 9:55 am, Robert Gonzalez <robert.anthony.gonza...@gmail.com>
wrote:

sc_mach

unread,
Sep 2, 2010, 2:34:16 PM9/2/10
to Professional PHP Developers
Sweet! Let me know what sites you've worked on, I'm ready to turn JS
off and get me some free stuff :)

Or, are you smarter than that and just going to apply the jquery logic
towards your php code? (god I hope so...)

Jimboidaho

unread,
Sep 2, 2010, 4:11:04 PM9/2/10
to Professional PHP Developers

On Sep 2, 12:34 pm, sc_mach <jason.mem...@gmail.com> wrote:
> Sweet! Let me know what sites you've worked on, I'm ready to turn JS
> off and get me some free stuff :)
Not exactly sure what you mean. I have been using jquery for about
three years now and I like it a lot. What I have been working on is
private sites so I can't really share.
Message has been deleted

sc_mach

unread,
Sep 2, 2010, 4:21:21 PM9/2/10
to Professional PHP Developers
> Not exactly sure what you mean. I have been using jquery for about
> three years now and I like it a lot. What I have been working on is
> private sites so I can't really share.

What I mean is, you are doing validation on the CLIENT SIDE... which
can be bypassed. Easily. Very easily.

Jimboidaho

unread,
Sep 2, 2010, 4:43:52 PM9/2/10
to Professional PHP Developers
The idea of validating a credit card is to be able to quickly tell the
user if the number was not entered correctly. That is all that
validating a cc is going to do whether on the client side or the back
end. Once you get past that point the cc processor ultimately will
validate the card.

Robert Gonzalez

unread,
Sep 2, 2010, 4:48:20 PM9/2/10
to professi...@googlegroups.com
I totally agree with what you're saying here. The only thing is, we are a PHP group and the challenge was a PHP challenge. Hell, any one of us could have gone to PHPClasses.org and downloaded a class that does all this and more if we wanted to. But I asked that anyone that wanted to participate to not cheat. Seems that a viable solution to a PHP coding challenge would involve some PHP. Just a thought.

Not to disparage anything you have said. I'm actually planning on validating and autoselecting card types client side as well. But it still needs to be done server side and, since I am a PHP developer and this is a PHP group, I thought we could all enjoy a little bit of PHP brain exercise for the day.

Jack Timmons

unread,
Sep 2, 2010, 4:52:49 PM9/2/10
to professi...@googlegroups.com
On Thu, Sep 2, 2010 at 3:48 PM, Robert Gonzalez
<robert.anth...@gmail.com> wrote:
> But it still needs to be done server side

I'm going to disagree with you here.

If I give my processor CC and address info, and it says everything is
fine, who am I to argue? Why bother with the resources it takes to
validate the CC info server-side if I'm just going to pass it to
something else that does that for me?

--
Jack Timmons
@_Codeacula

Robert Gonzalez

unread,
Sep 2, 2010, 4:55:08 PM9/2/10
to professi...@googlegroups.com
If it saves me the overhead of making a SOAP/cURL/Other HTTP request, I will, since the validation routine is pretty simple and not passing customer information over another HTTP hop when it doesn't need to go seems like good business practice and good security. Just sayin'.

Besides, this was meant to be fun, not a flame. Holy gripes people, where is your sense of "I can code the hell out of that. And fast too"?

Jack Timmons

unread,
Sep 2, 2010, 4:59:11 PM9/2/10
to professi...@googlegroups.com
On Thu, Sep 2, 2010 at 3:55 PM, Robert Gonzalez
<robert.anth...@gmail.com> wrote:
> If it saves me the overhead of making a SOAP/cURL/Other HTTP request, I
> will, since the validation routine is pretty simple and not passing customer
> information over another HTTP hop when it doesn't need to go seems like good
> business practice and good security. Just sayin'.

Point taken.

> Besides, this was meant to be fun, not a flame. Holy gripes people, where is
> your sense of "I can code the hell out of that. And fast too"?

I was just picking at that point.

It was actually a Devil's Advocate sort of deal. I validate CCs
server-side, too.

But only because it's so freaking easy.

--
Jack Timmons
@_Codeacula

Jimboidaho

unread,
Sep 2, 2010, 10:28:37 PM9/2/10
to Professional PHP Developers
Sorry I rained on your parade. I wrote a function to do this a couple
of years ago in Visual Foxpro but quit using it when I started
validating on the client side. A very good discussion though.



On Sep 2, 2:48 pm, Robert Gonzalez <robert.anthony.gonza...@gmail.com>
wrote:
> I totally agree with what you're saying here. The only thing is, we are a
> PHP group and the challenge was a PHP challenge. Hell, any one of us could
> have gone to PHPClasses.org and downloaded a class that does all this and
> more if we wanted to. But I asked that anyone that wanted to participate to
> not cheat. Seems that a viable solution to a PHP coding challenge would
> involve some PHP. Just a thought.
>
> Not to disparage anything you have said. I'm actually planning on validating
> and autoselecting card types client side as well. But it still needs to be
> done server side and, since I am a PHP developer and this is a PHP group, I
> thought we could all enjoy a little bit of PHP brain exercise for the day.
>

Robert Gonzalez

unread,
Sep 2, 2010, 10:32:36 PM9/2/10
to professi...@googlegroups.com
It's all good. Maybe the next time I can make it more interesting.

Sam Doyle

unread,
Sep 2, 2010, 4:25:25 PM9/2/10
to professi...@googlegroups.com
JavaScript credit card validation? Can't see you winning this contest

______________
Sam Doyle
@sam_doyle

Jimboidaho

unread,
Sep 7, 2010, 9:50:02 AM9/7/10
to Professional PHP Developers
Wasn't trying to win the contest. I believe that initial CC
validation to the user should be immediate but I still rely on the CC
processor to validate the card in the end anyway.

On Sep 2, 2:25 pm, Sam Doyle <sammeh....@gmail.com> wrote:
> JavaScript credit card validation?  Can't see you winning this contest
>
> ______________
> Sam Doyle
> @sam_doyle
>
Reply all
Reply to author
Forward
0 new messages