Credit Card numbers cleaner

[michael_s]

For those using the Credit Card Number Encryption contribution (http://addons.oscommerce.com/info/4359), you'll need to modify your code as follows:


Find the section of code in /catalog/admin/clean_cc_numbers.php:

while ($orders = tep_db_fetch_array($orders_query)) {
$newNum = 'XXXXXXXXXXXX';
$newNum .= substr($orders['cc_number'], strlen($orders['cc_number'])-4);
echo "".$orders['orders_id']." ".$newNum."".substr($orders['date_purchased'],0,-8)."".$orders['orders_status']."";
// Uncommenting the line below will ACTIVATE the script
//tep_db_query("update " . TABLE_ORDERS . " set cc_number='".$newNum."' where orders_id=".$orders['orders_id'].";");
}


And replace with:


while ($orders = tep_db_fetch_array($orders_query)) {
$newNum = 'XXXXXXXXXXXX';

// Credit Card Number Decryption
// check for encryption status and if credit card number exist decrypt
if ((USE_ENCRYPTION == true) && (tep_not_null($orders['cc_number'])) && (strlen($orders['cc_number']) > 19) ) {
$cc_new_value = md5_decrypt($orders['cc_number'], TEXT_ENCRYPTION_PW, $iv_len = 16);
} else {
$cc_new_value = $orders['cc_number'];
}

$newNum .= substr($cc_new_value, strlen($cc_new_value)-4);
echo "".$orders['orders_id']." ".$newNum."".substr($orders['date_purchased'],0,-8)."".$orders['orders_status']."";
// Uncommenting the line below will ACTIVATE the script
//tep_db_query("update " . TABLE_ORDERS . " set cc_number='".$newNum."' where orders_id=".$orders['orders_id'].";");
}

--------------------------------

Thanks. Great Contrib!

Other things I'd suggest others consider - on our site, we are contemplating
that across ALL orders. I cannot think of a use case where the cc number should be cleansed
regardless of order status.

Also, I'd prefer if there was some way for this script to be automated (run once daily)

Attached File just contains what I have posted

More...