On Jan 8, 2008 10:08 AM, tedd <tedd.sperling@xxxxxxxxx> wrote: > I just finished a credit card portion for a site where the programmer > before me required the customers to enter their credit card number > without spaces -- why? It's a simple matter to remove spaces for > processing -- why throw that responsibility on the user? I agree that removing spaces really isn't a huge deal, but aside from that I don't think there should be any other modification. I've seen code that will regex out anything but numbers. I think this is bad practice because we as programmers should validate, not modify data. Anything above and beyond that is sticking your neck out too far and will lead to problems sooner or later. What if the user mistyped what they intended? If the script just validates it will see the user accidently typed in a letter in the field and re-display it asking for numbers only. If it strips out the letters, then you've just sent the potentially invalid number to the gateway which in the end will be a charge against the client for a failed attempt. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
