+ or return "Illegal payby: ". $self->payby;
+
+ if ( $self->payby eq 'CARD' && ! $self->is_encrypted($self->payinfo) ) {
+
+ if ( $self->payinfo =~ /^99\d{14}$/ && ! $self->paycardtype ) {
+ return "paycardtype required (cannot be derived from a token)";
+ } else {
+ $self->set('paycardtype', cardtype($self->payinfo));
+ }
+
+ if ( $ignore_masked_payinfo and $self->mask_payinfo eq $self->payinfo ) {
+ # allow it
+ } else {
+ my $payinfo = $self->payinfo;
+ $payinfo =~ s/\D//g;
+ $self->payinfo($payinfo);
+ if ( $self->payinfo ) {
+ $self->payinfo =~ /^(\d{13,16}|\d{8,9})$/
+ or return "Illegal (mistyped?) credit card number (payinfo)";
+ $self->payinfo($1);
+ validate($self->payinfo) or return "Illegal credit card number";
+ return "Unknown card type" if $self->paycardtype eq "Unknown";
+ } else {
+ $self->payinfo('N/A'); #???
+ }
+ }
+ } else {
+ if ( $self->payby eq 'CARD' and $self->paymask ) {
+ # if we can't decrypt the card, at least detect the cardtype
+ $self->set('paycardtype', cardtype($self->paymask));
+ } else {
+ $self->set('paycardtype', '');
+ }
+ if ( $self->is_encrypted($self->payinfo) ) {
+ #something better? all it would cause is a decryption error anyway?
+ my $error = $self->ut_anything('payinfo');
+ return $error if $error;
+ } else {
+ my $error = $self->ut_textn('payinfo');
+ return $error if $error;
+ }
+ }
+
+ return '';
+}