Can someone please help me sanitize my POST credit card data?

I am trying to sanitize my POST credit card data. I have tried the solutions online but can’t seem to get FILTER_SANITIZE_STRING to work. Any help would be appreciated.

    <?php
    if(isset($_POST['submit']))
        {
            $trans = new SecurePay();

            //PLEASE SANITIZE $_POST data. We will be heavily marked down otherwise.
            //THIS will need to put put into a form and posted to the confirmation page.
            //get values from form and set them to variables

            $creditcard = $_POST['creditcard'];
            $ExpYear = $_POST['ExpMon'] . "/". $_POST['ExpYear'];
            $CVV = $_POST['CVV'];

            $trans->cardnumber = $creditcard;
            $trans->expiry = $ExpYear;
            $trans->cvv = $CVV;
            $trans->orderId = "PO123456";
            $trans->amount = str_replace(".","",urlencode("100.00"));

            $responseCode = $trans->processPayment();

            /* If the response code is 00 (success from securePay), send an email and redirect to confirmation page, if not display an error */
            if ($trans->getLastResponseCode() == "00") {
                header("Location: $ConfirmationPage", false);
                } elseif ($trans->getLastResponseCode() == "") { 
                    echo "<h1> No Card Details Entered</h1>";
                } else {
                    echo "<h1>".$trans->getLastResponseCode()."     ".$trans->getLastResponseText()."</h1>";
                }
        } 
    ?>

Thanks for the help! 😀

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s