I am working on a hotel reservation script for a client...I got this copy that does most of the work but then it sends the credit card number encrypted. How do i make it so it is not encrypted...this is needed because my client can only process the credit card payment manually at his office. Anything i change in the database for that field or what?
I think it would have to be that your script it writing the cc numbers to the db as an md5 hash (maybe not md5 because it *isn't decryptable) But the script is encoding it in some way. What script are you using? Read over this page http://dev.mysql.com/doc/refman/5.0/en/encryption-functions.html about the different types of encryption too.
<?php $card_number = '1234-5678-9101-1121'; $number=md5($card_number); echo $number; // result: 4de3d66340cbf8a54a4091a42cd39adf ?>
By 'send' do you mean by email? Sending or storing UNencrypted is not a good idea and possibly against any merchant account provider terms of service. Honestly, why not get your client to get a business PayPal account? 1) You can use the IPN code to practically build the processing straight into their site 2) They won't have to do any manual processing 3) There won't be any problems with storing or transmitting credit card numbers (encrypted or not) 4) Most importantly... it's probably cheaper anyway. They won't need to have their own merchant account anymore (unless they want to) and depending on the amounts and numbers of transactions they're processing, the merchant fees could very well drop. That's what I'd suggest / do.