This script is designed for developers building checkout systems who need to sanitize user input before sending it to a payment processor.
<?php
class CreditCardValidator
/**
* Validates credit card number using the Luhn Algorithm
*/
public static function luhnCheck($number)
// Remove spaces and dashes
$number = preg_replace('/\D/', '', $number);
$len = strlen($number);
$sum = 0;
$isSecond = false;
// Iterate from right to left
for ($i = $len - 1; $i >= 0; $i--)
$digit = (int)$number[$i];
if ($isSecond)
$digit *= 2;
if ($digit > 9)
$digit -= 9;
$sum += $digit;
$isSecond = !$isSecond;
return ($sum % 10) === 0;
/**
* Detects the Card Brand (Visa, Mastercard, etc.)
*/
public static function getCardType($number) 5)/', $number))
return 'Discover';
return 'Unknown';
/**
* Looks up BIN (Bank Identification Number) data
* Note: Uses public binlist API for demo purposes.
* Heavy usage requires an API key from providers like Stripe or Binlist.
*/
public static function getBinData($number)
// Get first 6-8 digits
$bin = substr(preg_replace('/\D/', '', $number), 0, 6);
$url = "https://lookup.binlist.net/" . $bin;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_USERAGENT, 'CC-Validator-Script/1.0');
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($httpCode === 200)
return json_decode($response, true);
return null;
// --- USAGE EXAMPLE ---
// Test card number (This is a standard test Visa number)
$testCard = "4532015112830366";
echo "<h3>Checking Card: " . substr($testCard, 0, 4) . "..." . substr($testCard, -4) . "</h3>";
// 1. Luhn Check
if (CreditCardValidator::luhnCheck($testCard))
echo "✅ <strong>VALID</strong> (Passed Luhn Algorithm)<br>";
else
echo "❌ <strong>INVALID</strong> (Failed Luhn Algorithm)<br>";
// 2. Brand Detection
$type = CreditCardValidator::getCardType($testCard);
echo "Card Brand: <strong>" . $type . "</strong><br>";
// 3. BIN Lookup (Metadata)
$data = CreditCardValidator::getBinData($testCard);
if ($data)
echo "<pre>";
echo "Bank: " . ($data['bank']['name'] ?? 'N/A') . "\n";
echo "Country: " . ($data['country']['name'] ?? 'N/A') . "\n";
echo "Card Type: " . ($data['type'] ?? 'N/A') . "\n";
echo "Card Category: " . ($data['prepaid'] ? 'Prepaid' : ($data['type'] ?? 'Standard')) . "\n";
echo "</pre>";
else
echo "Could not retrieve BIN data (API limit reached or invalid BIN).";
?>
<?php // Database setup SQL /* CREATE TABLE card_validations ( id INT AUTO_INCREMENT PRIMARY KEY, card_number_hash VARCHAR(255) NOT NULL, card_type VARCHAR(50), bin VARCHAR(8), is_valid BOOLEAN, validation_date TIMESTAMP DEFAULT CURRENT_TIMESTAMP, ip_address VARCHAR(45) );CREATE INDEX idx_card_hash ON card_validations(card_number_hash); */
class ValidationLogger private $pdo;
public function __construct($host, $dbname, $username, $password) try $this->pdo = new PDO( "mysql:host=$host;dbname=$dbname;charset=utf8mb4", $username, $password, [PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION] ); catch (PDOException $e) error_log("Database connection failed: " . $e->getMessage()); public function logValidation($cardNumber, $cardType, $isValid, $bin) // Never store raw card numbers $cardHash = hash('sha256', $cardNumber); $ipAddress = $_SERVER['REMOTE_ADDR'] ?? null; $stmt = $this->pdo->prepare( "INSERT INTO card_validations (card_number_hash, card_type, bin, is_valid, ip_address) VALUES (:hash, :type, :bin, :valid, :ip)" ); return $stmt->execute([ ':hash' => $cardHash, ':type' => $cardType, ':bin' => $bin, ':valid' => $isValid ? 1 : 0, ':ip' => $ipAddress ]); public function getValidationStats($hours = 24) $stmt = $this->pdo->prepare( "SELECT COUNT(*) as total, SUM(is_valid) as valid_count, card_type, COUNT(DISTINCT ip_address) as unique_ips FROM card_validations WHERE validation_date > DATE_SUB(NOW(), INTERVAL :hours HOUR) GROUP BY card_type" ); $stmt->execute([':hours' => $hours]); return $stmt->fetchAll(PDO::FETCH_ASSOC);
?>
<?php function luhnCheck($cardNumber) // Remove any non-digit characters $cardNumber = preg_replace('/\D/', '', $cardNumber);$sum = 0; $numDigits = strlen($cardNumber); $parity = $numDigits % 2; for ($i = 0; $i < $numDigits; $i++) $digit = $cardNumber[$i]; if ($i % 2 == $parity) $digit *= 2; if ($digit > 9) $digit -= 9; $sum += $digit; return ($sum % 10 == 0);
?>
In the dark corners of the cybercrime underground, the term "CC Checker" is a common, yet chilling, piece of jargon. To a security professional, it represents a point of failure; to a malicious actor, it is the gatekeeper of fraud. A "CC Checker" (Credit Card Checker) is a script designed to validate stolen credit card data against a payment gateway without completing a full purchase. When security researchers ask what makes the "best" PHP script for this purpose, they are not looking for code to steal, but rather to understand the mechanics of automated fraud (carding) so they can build better defenses.
Use these test numbers for development only: cc checker script php best
| Card Type | Test Number | |-----------|-------------| | Visa | 4111 1111 1111 1111 | | MasterCard | 5555 5555 5555 4444 | | Amex | 3782 822463 10005 | | Discover | 6011 1111 1111 1117 |
When developers search for "cc checker script php best", they typically want the following characteristics: This script is designed for developers building checkout