seb213 Posted August 17, 2009 Share Posted August 17, 2009 Im trying to write a script to decrypt my CC#'s, and print them to a table with the unique ID. More accurately, I already have a function to Decrypt the CC's, and the CC's already have a unique ID, but Im at a loss as to how to pass the CC hashes to the function, and return the results in a table(ID, CCNUMBER) Heres what I have thus far <?php $res3 = $query = "SELECT __UserID, ccnumber FROM DB "; $rec3 = $res3->$result = mysql_query($query) OR die(mysql_error()); if ($rec3["ccnumber"][0] == "_") { require_once (dirname (__FILE__)."Encryption.php"); $strErr = ""; $rec3["ccnumber"] = _DecryptCCNumber ($rec3["ccnumber"], $strErr); if (strlen ($strErr)) { echo "Failed to decrypt ccnumber for the user ".$rec["username"]."\n"; echo $strErr."\n"; continue; } } ?> The function that Encrypts/Decrypts CC's is 'Encryption.php', I cant figure out how to pass the hash from the DB to the function, and INSERT both the Unique ID and decrypted CC to a table? Any help would be greatly appreciated :confused:. Thanks in advance. Link to comment https://forums.phpfreaks.com/topic/170743-php-decrypt-ccs-pass-the-hash/ Share on other sites More sharing options...
p2grace Posted August 17, 2009 Share Posted August 17, 2009 Credit card number storing is illegal in the U.S. unless your server has been authorized by your credit card agency (not the service provider, the actual credit card agency). I would recommend using an outside source to store this information (e.g. paypal). Link to comment https://forums.phpfreaks.com/topic/170743-php-decrypt-ccs-pass-the-hash/#findComment-900518 Share on other sites More sharing options...
MadTechie Posted August 18, 2009 Share Posted August 18, 2009 Credit card number storing is illegal in the U.S. unless your server has been authorized by your credit card agency I'm pretty sure your not allowed to store the CVV2 data (last 3 digits on the signature side) but can store the non-CVV2 data, but I'm from the UK and I'm no lawyer. Link to comment https://forums.phpfreaks.com/topic/170743-php-decrypt-ccs-pass-the-hash/#findComment-900537 Share on other sites More sharing options...
seb213 Posted August 18, 2009 Author Share Posted August 18, 2009 Credit card number storing is illegal in the U.S. unless your server has been authorized by your credit card agency (not the service provider, the actual credit card agency). I would recommend using an outside source to store this information (e.g. paypal). Which is precisely why Im writing this script for my client, so they can take their information off site to a PCI compliant merchant. I don't intend to store anything. Link to comment https://forums.phpfreaks.com/topic/170743-php-decrypt-ccs-pass-the-hash/#findComment-900557 Share on other sites More sharing options...
gergy008 Posted August 18, 2009 Share Posted August 18, 2009 Credit card number storing is illegal in the U.S. unless your server has been authorized by your credit card agency (not the service provider, the actual credit card agency). I would recommend using an outside source to store this information (e.g. paypal). He's right. Even in the UK too, You have to get a proper SSL certificate from someone like verisign. Link to comment https://forums.phpfreaks.com/topic/170743-php-decrypt-ccs-pass-the-hash/#findComment-900566 Share on other sites More sharing options...
MadTechie Posted August 18, 2009 Share Posted August 18, 2009 In any case.. I don't think anyone can help without seeing the code in Encryption.php, you know a function name is nice but really doesn't help, and if you didn't write it yourself (which I a have to assume you didn't) then try referring to the documentation/website etc. (which would also mean this should be in the third party section. Link to comment https://forums.phpfreaks.com/topic/170743-php-decrypt-ccs-pass-the-hash/#findComment-900573 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.