I have been trying to add a Javascript Credit Card Validator to an existing form without success. I already have Javascript checking for valid form fields such as password and email address. Will someone help add a good credit card validator script to my code. I found one located here (http://www.crows.co.uk/Javascript/ccform.htm) but I'm having problems integrating it into my existing code.

My sample form for testing purposes:

<html>
<head>
<script language=JavaScript>
function validate(form1) {
// Make sure that the name field and the password field are not blank
if (form1.name.value.length <=0) {
window.alert("Please enter your name");
form1.name.focus();
return false;
}
if (form1.password1.value == "") {
window.alert("You must enter a password");
form1.password1.focus();
return false;
}
// Make sure that the passwords entered are identical
if (form1.password1.value !=form1.password2.value) {
window.alert("Entered passwords did not match");
form1.password1.focus(); // Moves the input focus
form1.password1.select(); // Highlights the input area
return false;
}
// If an email address is required, include the following
// statements to verify the syntax of the email address

emailAddress = form1.email.value;
if (form1.email.value == "") {
window.alert("Please enter your email address.");
form1.email.focus();
return false;
}
// Make sure the email address does not contain any of the following
// invalid characters: space, slash, colon, comma, and semicolon
invalidChars = " /:,;";
for (i=0; i<invalidChars.length; i++) {
badChar = invalidChars.charAt(i);
if (form1.email.value.indexOf(badChar, 0) > -1) {
window.alert("Invalid characters: " + badChar);
return false;
}
}
// Make sure there is an @ symbol in the email address
atPos = form1.email.value.indexOf("@",1);
if (atPos == -1) {
window.alert("There must be one @ symbol in the email address");
return false;
}
// Make sure there is no more than one @ symbol
if (form1.email.value.indexOf("@", atPos+1) != -1) {
window.alert("You have more than one @ symbol in the email address");
return false;
}
// Make sure there is a period after the @ symbol
periodPos = form1.email.value.indexOf(".", atPos);
if (periodPos == -1) {
window.alert("Email address should have a period after the @ symbol");
return false;
}
if (form1.dropmenu.selectedIndex==0) {
window.alert ( "Please select a credit card." );
return false;
}
if (form1.terms.checked==false) {
window.alert("Please check the terms and conditions");
return false;
}

// Submit the form data to the Web server
return true;
}
</script>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css">
<!--
.unnamed1 { font-family: Arial, Helvetica, sans-serif; font-size: 12px; font-weight: bolder}
-->
</style>
</head>

<body bgcolor="#FFFFFF" text="#000000">
<form name="form1" action="http://webmaster.com/cgi-bin/secureorder.cgi" method="POST" onSubmit="return validate(form1)">
<table width="598" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="133" height="28" valign="top" class="unnamed1"> User Name</td>
<td width="465" valign="top">
<input type="text" name="name" size="40">
</td>
</tr>
<tr>
<td height="28" class="unnamed1" valign="top">Password</td>
<td valign="top">
<input type="password" name="password1" size="40">
</td>
</tr>
<tr>
<td height="28" class="unnamed1" valign="top">Confirm Password</td>
<td valign="top">
<input type="password" name="password2" size="40">
</td>
</tr>
<tr>
<td height="16" valign="top" class="unnamed1">Email Address</td>
<td valign="top">
<input type="text" name="email" size="40">
</td>
</tr>
<tr>
<td height="98" colspan="2" valign="top"><br>
<span class="unnamed1">
<input type="checkbox" name="terms" value="Yes">
I have read and accept the terms and conditions.<br>
<br>
<input type="submit" value="Submit">
</span></td>
</tr>
</table>
</form>
<script language="JavaScript">
document.form1.name.focus();
</script>
</body>
</html>

hmm.. why would you want to use javascript for validating credit card numbers? anyone can download your form, remove the javascript validation and enter rubbish for the field and get away with it... i really dont recommend running checks on the client machine... it is always better to verify the data on the server side...

kunal

Originally posted by kunal
hmm.. why would you want to use javascript for validating credit card numbers?
All orders are processed manually and I expect to avoid or reduce fake orders by using a credit card validator.
anyone can download your form, remove the javascript validation and enter rubbish for the field and get away with it.
Umm.. who would want to go through the hassle and why?

I agree with kunal but because you asked:

<html>
<head>
<script language=JavaScript>

function strip(num){ // this function removes spaces and illegal characters
num = "" + num;
if (!num)
return "";
var result = "";
for (i=0; i<num.length; i++){
character = num.charAt(i);
if ("0123456789".indexOf(character) != -1)
result += character;
}
return result;
}



function validate(form1) {

for (var j=0; j<document.frm.type.length; j++){
if (document.frm.type.options[j].selected){
var cmk=document.frm.type.options[j].value;
}


var cno = strip(document.frm.CardNumber.value);
// get the card number and send it to function strip
// to remove any illegal characters

var msg='The credit card number you entered could not be\n '
+ 'validated. Please check the number and try again.'

//-------------- Check Visa -----------------------\\
if(cmk.indexOf('Visa') !=-1){
if (((cno.length == 13) || (cno.length == 16)) && (cno.substring(0,1) == 4)){
return true
}else{
alert(msg);
document.frm.CardNumber.focus();
return false;
}
}


//-------------- Check Mastercard -----------------------\\
if(cmk.indexOf('Mastercard') !=-1){
var firstdig=cno.substring(0,1);
var seconddig=cno.substring(1,2);
if (((cno.length == 16) || (cno.length == 19)) &&
(firstdig == 5) && ((seconddig >= 1) && (seconddig <= 5))){
return true
}else{
alert(msg);
document.frm.CardNumber.focus();
return false;
}
}


//-------------- Check Diners -----------------------\\
if(cmk.indexOf('Diners') !=-1){
firstdig = cno.substring(0,1);
seconddig = cno.substring(1,2);
if (((cno.length == 14) || (cno.length == 17)) &&
(firstdig == 3) && ((seconddig == 0) ||
(seconddig == 6) || (seconddig == 8))){
return true
}else{
alert(msg);
document.frm.CardNumber.focus();
return false;
}
}


//-------------- Check Amex -----------------------\\
if(cmk.indexOf('Amex') !=-1){
firstdig = cno.substring(0,1);
seconddig = cno.substring(1,2);
if (((cno.length == 15) || (cno.length == 18)) &&
(firstdig == 3) && ((seconddig == 4) || (seconddig == 7))){
return true
}else{
alert(msg);
document.frm.CardNumber.focus();
return false;
}
}


//-------------- Check Switch -----------------------\\
if(cmk.indexOf('Switch') !=-1){
firstdigs = cno.substring(0,6);
if(((cno.length == 16) &&
((firstdigs.indexOf('5641') != -1) ||
(firstdigs.indexOf('6331') != -1) ||
(firstdigs.indexOf('675964') != -1) ||
(firstdigs.indexOf('675963') != -1) ||
(firstdigs.indexOf('4905') != -1))) ||
((cno.length == 18) && ((firstdigs.indexOf('67594') != -1) ||
(firstdigs.indexOf('4903') != -1) ||
(firstdigs.indexOf('4911') != -1))) ||
((cno.length == 19) && ((firstdigs.indexOf('6333') != -1) ||
(firstdigs.indexOf('675960') != -1) ||
(firstdigs.indexOf('67595') != -1) ||
(firstdigs.indexOf('67590') != -1) ||
(firstdigs.indexOf('4936') != -1)))){
return true
}else{
alert(msg);
document.frm.CardNumber.focus();
return false;
}
}


//-------------- Check JCB -----------------------\\
if(cmk.indexOf('jcb') !=-1){
first4digs = cno.substring(0,4);
if ((cno.length == 16) &&
((first4digs == "3088") ||
(first4digs == "3096") ||
(first4digs == "3112") ||
(first4digs == "3158") ||
(first4digs == "3337") ||
(first4digs == "3528"))){
return true;
}else{
alert(msg);
document.frm.CardNumber.focus();
return false;
}
}
}





// Make sure that the name field and the password field are not blank
if (form1.name.value.length <=0) {
window.alert("Please enter your name");
form1.name.focus();
return false;
}
if (form1.password1.value == "") {
window.alert("You must enter a password");
form1.password1.focus();
return false;
}
// Make sure that the passwords entered are identical
if (form1.password1.value !=form1.password2.value) {
window.alert("Entered passwords did not match");
form1.password1.focus(); // Moves the input focus
form1.password1.select(); // Highlights the input area
return false;
}
// If an email address is required, include the following
// statements to verify the syntax of the email address

emailAddress = form1.email.value;
if (form1.email.value == "") {
window.alert("Please enter your email address.");
form1.email.focus();
return false;
}
// Make sure the email address does not contain any of the following
// invalid characters: space, slash, colon, comma, and semicolon
invalidChars = " /:,;";
for (i=0; i<invalidChars.length; i++) {
badChar = invalidChars.charAt(i);
if (form1.email.value.indexOf(badChar, 0) > -1) {
window.alert("Invalid characters: " + badChar);
return false;
}
}
// Make sure there is an @ symbol in the email address
atPos = form1.email.value.indexOf("@",1);
if (atPos == -1) {
window.alert("There must be one @ symbol in the email address");
return false;
}
// Make sure there is no more than one @ symbol
if (form1.email.value.indexOf("@", atPos+1) != -1) {
window.alert("You have more than one @ symbol in the email address");
return false;
}
// Make sure there is a period after the @ symbol
periodPos = form1.email.value.indexOf(".", atPos);
if (periodPos == -1) {
window.alert("Email address should have a period after the @ symbol");
return false;
}
if (form1.dropmenu.selectedIndex==0) {
window.alert ( "Please select a credit card." );
return false;
}
if (form1.terms.checked==false) {
window.alert("Please check the terms and conditions");
return false;
}

// Submit the form data to the Web server
return true;
}
</script>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css">
<!--
.unnamed1 { font-family: Arial, Helvetica, sans-serif; font-size: 12px; font-weight: bolder}
-->
</style>
</head>

<body bgcolor="#FFFFFF" text="#000000">
<form name="form1" action="http://webmaster.com/cgi-bin/secureorder.cgi" method="POST" onSubmit="return validate(form1)">
<table width="598" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="133" height="28" valign="top" class="unnamed1"> User Name</td>
<td width="465" valign="top">
<input type="text" name="name" size="40">
</td>
</tr>
<tr>
<td height="28" class="unnamed1" valign="top">Password</td>
<td valign="top">
<input type="password" name="password1" size="40">
</td>
</tr>
<tr>
<td height="28" class="unnamed1" valign="top">Confirm Password</td>
<td valign="top">
<input type="password" name="password2" size="40">
</td>
</tr>
<tr>
<td height="16" valign="top" class="unnamed1">Email Address</td>
<td valign="top">
<input type="text" name="email" size="40">
</td>
</tr>

<tr>
<td height="16" valign="top" class="unnamed1">
<INPUT TYPE=text NAME="Name_on_card" SIZE=15>
<SELECT NAME="type">
<OPTION VALUE="Visa">Visa
<OPTION VALUE="Mastercard">Mastercard
<OPTION VALUE="Diners">Diners
<OPTION VALUE="Amex">Amex
<OPTION VALUE="Switch">Switch
</SELECT>
<INPUT TYPE=text NAME="CardNumber" SIZE=20 >
<INPUT TYPE=text NAME="Expiry_Date" SIZE=10>
</td>
</tr>

<tr>
<td height="98" colspan="2" valign="top"><br>
<span class="unnamed1">
<input type="checkbox" name="terms" value="Yes">
I have read and accept the terms and conditions.<br>
<br>
<input type="submit" value="Submit">
</span></td>
</tr>
</table>
</form>
<script language="JavaScript">
document.form1.name.focus();
</script>
</body>
</html>

Find all frm and replace them by form1 Hope it helps

-Eric.

Eric,

Now the other form fields are not validating.

This should work.

<html>
<head>
<script language=JavaScript>
function strip(num){ // this function removes spaces and illegal characters
num = "" + num;
if (!num)
return "";
var result = "";
for (i=0; i<num.length; i++){
character = num.charAt(i);
if ("0123456789".indexOf(character) != -1)
result += character;
}
return result;
}

// next get the card type
function check(){
for (var j=0; j<document.form1.type.length; j++){
if (document.form1.type.options[j].selected){
var cmk=document.form1.type.options[j].value;
}
}

var cno = strip(document.form1.CardNumber.value);
// get the card number and send it to function strip
// to remove any illegal characters

var msg='The credit card number you entered could not be\n '
+ 'validated. Please check the number and try again.'

//-------------- Check Visa -----------------------\\
if(cmk.indexOf('Visa') !=-1){
if (((cno.length == 13) || (cno.length == 16)) && (cno.substring(0,1) == 4)){
return true
}else{
alert(msg);
document.form1.CardNumber.focus();
return false;
}
}


//-------------- Check Mastercard -----------------------\\
if(cmk.indexOf('Mastercard') !=-1){
var firstdig=cno.substring(0,1);
var seconddig=cno.substring(1,2);
if (((cno.length == 16) || (cno.length == 19)) &&
(firstdig == 5) && ((seconddig >= 1) && (seconddig <= 5))){
return true
}else{
alert(msg);
document.form1.CardNumber.focus();
return false;
}
}


//-------------- Check Diners -----------------------\\
if(cmk.indexOf('Diners') !=-1){
firstdig = cno.substring(0,1);
seconddig = cno.substring(1,2);
if (((cno.length == 14) || (cno.length == 17)) &&
(firstdig == 3) && ((seconddig == 0) ||
(seconddig == 6) || (seconddig == 8))){
return true
}else{
alert(msg);
document.form1.CardNumber.focus();
return false;
}
}


//-------------- Check Amex -----------------------\\
if(cmk.indexOf('Amex') !=-1){
firstdig = cno.substring(0,1);
seconddig = cno.substring(1,2);
if (((cno.length == 15) || (cno.length == 18)) &&
(firstdig == 3) && ((seconddig == 4) || (seconddig == 7))){
return true
}else{
alert(msg);
document.form1.CardNumber.focus();
return false;
}
}


//-------------- Check Switch -----------------------\\
if(cmk.indexOf('Switch') !=-1){
firstdigs = cno.substring(0,6);
if(((cno.length == 16) &&
((firstdigs.indexOf('5641') != -1) ||
(firstdigs.indexOf('6331') != -1) ||
(firstdigs.indexOf('675964') != -1) ||
(firstdigs.indexOf('675963') != -1) ||
(firstdigs.indexOf('4905') != -1))) ||
((cno.length == 18) && ((firstdigs.indexOf('67594') != -1) ||
(firstdigs.indexOf('4903') != -1) ||
(firstdigs.indexOf('4911') != -1))) ||
((cno.length == 19) && ((firstdigs.indexOf('6333') != -1) ||
(firstdigs.indexOf('675960') != -1) ||
(firstdigs.indexOf('67595') != -1) ||
(firstdigs.indexOf('67590') != -1) ||
(firstdigs.indexOf('4936') != -1)))){
return true
}else{
alert(msg);
document.form1.CardNumber.focus();
return false;
}
}


//-------------- Check JCB -----------------------\\
if(cmk.indexOf('jcb') !=-1){
first4digs = cno.substring(0,4);
if ((cno.length == 16) &&
((first4digs == "3088") ||
(first4digs == "3096") ||
(first4digs == "3112") ||
(first4digs == "3158") ||
(first4digs == "3337") ||
(first4digs == "3528"))){
return true;
}else{
alert(msg);
document.form1.CardNumber.focus();
return false;
}
}
}



function validate(form1) {

// Make sure that the name field and the password field are not blank
if (form1.name.value.length <=0) {
window.alert("Please enter your name");
form1.name.focus();
return false;
}
if (form1.password1.value == "") {
window.alert("You must enter a password");
form1.password1.focus();
return false;
}
// Make sure that the passwords entered are identical
if (form1.password1.value !=form1.password2.value) {
window.alert("Entered passwords did not match");
form1.password1.focus(); // Moves the input focus
form1.password1.select(); // Highlights the input area
return false;
}
// If an email address is required, include the following
// statements to verify the syntax of the email address

emailAddress = form1.email.value;
if (form1.email.value == "") {
window.alert("Please enter your email address.");
form1.email.focus();
return false;
}
// Make sure the email address does not contain any of the following
// invalid characters: space, slash, colon, comma, and semicolon
invalidChars = " /:,;";
for (i=0; i<invalidChars.length; i++) {
badChar = invalidChars.charAt(i);
if (form1.email.value.indexOf(badChar, 0) > -1) {
window.alert("Invalid characters: " + badChar);
return false;
}
}
// Make sure there is an @ symbol in the email address
atPos = form1.email.value.indexOf("@",1);
if (atPos == -1) {
window.alert("There must be one @ symbol in the email address");
return false;
}
// Make sure there is no more than one @ symbol
if (form1.email.value.indexOf("@", atPos+1) != -1) {
window.alert("You have more than one @ symbol in the email address");
return false;
}
// Make sure there is a period after the @ symbol
periodPos = form1.email.value.indexOf(".", atPos);
if (periodPos == -1) {
window.alert("Email address should have a period after the @ symbol");
return false;
}

if (form1.terms.checked==false) {
window.alert("Please check the terms and conditions");
return false;
}
if (check())
return true;
else
return false;
// Submit the form data to the Web server
}
</script>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css">
<!--
.unnamed1 { font-family: Arial, Helvetica, sans-serif; font-size: 12px; font-weight: bolder}
-->
</style>
</head>

<body bgcolor="#FFFFFF" text="#000000">
<form name="form1" action="http://webmaster.com/cgi-bin/secureorder.cgi" method="POST" onSubmit="return validate(form1)">
<table width="598" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="133" height="28" valign="top" class="unnamed1"> User Name</td>
<td width="465" valign="top">
<input type="text" name="name" size="40">
</td>
</tr>
<tr>
<td height="28" class="unnamed1" valign="top">Password</td>
<td valign="top">
<input type="password" name="password1" size="40">
</td>
</tr>
<tr>
<td height="28" class="unnamed1" valign="top">Confirm Password</td>
<td valign="top">
<input type="password" name="password2" size="40">
</td>
</tr>
<tr>
<td height="8" valign="top" class="unnamed1">Email Address</td>
<td valign="top">
<input type="text" name="email" size="40">
</td>
</tr>
<tr>
<td height="8" valign="top" class="unnamed1" colspan="2"><INPUT TYPE=text NAME="Name_on_card" SIZE=15>
<SELECT NAME="type">
<OPTION VALUE="Visa">Visa
<OPTION VALUE="Mastercard">Mastercard
<OPTION VALUE="Diners">Diners
<OPTION VALUE="Amex">Amex
<OPTION VALUE="Switch">Switch
</SELECT>
<INPUT TYPE=text NAME="CardNumber" SIZE=20 >
<INPUT TYPE=text NAME="Expiry_Date" SIZE=10>
</td>
</tr>
<tr>
<td height="98" colspan="2" valign="top"><br>
<span class="unnamed1">
<input type="checkbox" name="terms" value="Yes">
I have read and accept the terms and conditions.<br>
<br>
<input type="submit" value="Submit">
</span></td>
</tr>
</table>
</form>
<script language="JavaScript">
document.form1.name.focus();
</script>
</body>
</html>

Originally posted by labzone
Umm.. who would want to go through the hassle and why?

Fraud?

Originally posted by Rich2k


Fraud?

This isn't a fraud screener people. It's nothing more than a validator to avoid incorrectly entered credit card numbers and those rare people that submit fake order forms and waste my time.

Thanks for the help Eric it worked. Unfortunately, the credit card validation is pretty weak though. It seems to only check that Visa starts with a 4 and has 16 numbers, Mastercard starts with a 5 and has 16 numbers, etc. I was looking for something a little more advanced but this will be fine for now.

You asked a question as to why people would edit the form and submit it themselves... fraud is one possible answer... however seeing as it's not in your case it doesn't matter

labzone, i see your point.. sounds like you have your basis covered... just a word of advice though, people do things coz they can and coz they can get something you need to pay for, for free... :)


kunal