ansaurus

Question

Is 42 a valid credit card number? jQuery validator thinks it is

Answer 1

+11 A:

This is probably because this validator merely checks that the number supplied satisfies the LUHN-10 algorithm (which 42 satisfies since 4*2 + 2 = 10 which is 0 modulo 10).

A better validator should maybe check for a minimal number of digits.

I'm not sure this corresponds to the very latest code from jQuery, but I found the snippet associated with credit card validation:

 // http://docs.jquery.com/Plugins/Validation/Methods/creditcard
 // based on http://en.wikipedia.org/wiki/Luhn
 creditcard: function(value, element) {
  if ( this.optional(element) )
   return "dependency-mismatch";
  // accept only digits and dashes
  if (/[^0-9-]+/.test(value))
   return false;
  var nCheck = 0,
   nDigit = 0,
   bEven = false;

  value = value.replace(/\D/g, "");

  for (n = value.length - 1; n >= 0; n--) {
   var cDigit = value.charAt(n);
   var nDigit = parseInt(cDigit, 10);
   if (bEven) {
    if ((nDigit *= 2) > 9)
     nDigit -= 9;
   }
   nCheck += nDigit;
   bEven = !bEven;
  }

  return (nCheck % 10) == 0;
 },

... and as you see this merely check that all characters are digits and that LUHN-10 is satisfied, without any attention to a minial length.

mjv 2009-12-08 02:28:44

Wow, what a crappy validation routine.

Ed Swangren 2009-12-08 02:43:02

@ed unfortunately yes :-/

Simon_Weaver 2009-12-08 02:49:12

Answer 2

+4 A:

The length of credit card numbers can vary depending on the issuer (though yes, there's generally a minimum length of ~13 digits). However, since this is client-side validation, the focus is probably more on reducing the chance of a small typo, and less on checking arbitrary data. That should probably be done server-side.

Amber 2009-12-08 02:32:14

but the problem is if you've already got it wrong once - as you begin to start typing to correct it it will tell you *as youre typing* that its correct, and then wrong, and then correct again. all credit cards must be at least 15 characters right - so why isnt it making a check. i have the source i suppose but it just makes me weary of using this library overall.

Simon_Weaver 2009-12-08 02:37:16

The length must be between 13 and 19 digits, in general.

Dave Hinton 2009-12-08 02:39:16

The 19-digit max is a limitation of ISO 7812. Theoretically a card number might be as few as 6 digits (for the IIN), though in practice 13-digit cards are the shortest that have been commonly issued by the financial industry (and they are no longer in use).

bobince 2009-12-08 03:15:01

Answer 3

+2 A:

You can combine the credit card rule with the minimum and maximum length rules to achieve what you want. That may seem like too much effort -- and I might agree -- though it does give you more control if you only want to accept certain card number lengths.

$('form').validate({
    '#ccNum': {
                   creditcard: true,
                   required: true,
                   minlength: 13,
                   maxlength: 19
              }
});

tvanfosson 2009-12-08 14:56:03

thanks! and OF COURSE I only want to accept CC numbers of certain lengths !!!

Simon_Weaver 2010-01-06 23:18:55

ansaurus

tags:

views:

answers:

Is 42 a valid credit card number? jQuery validator thinks it is

related questions