From 7b57b4c4cc94dfc7200b956ee3738fa381d010f1 Mon Sep 17 00:00:00 2001
From: Justin Shreve <justin.shreve@gmail.com>
Date: Mon, 8 Feb 2016 08:36:27 -0800
Subject: [PATCH] Validate length for expiry - 4 chars for year and 2 for
 month.

---
 includes/abstracts/abstract-wc-payment-token.php      | 4 ++--
 includes/payment-tokens/class-wc-payment-token-cc.php | 8 ++++++++
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/includes/abstracts/abstract-wc-payment-token.php b/includes/abstracts/abstract-wc-payment-token.php
index 7e261faa424..b3f96b5ce35 100644
--- a/includes/abstracts/abstract-wc-payment-token.php
+++ b/includes/abstracts/abstract-wc-payment-token.php
@@ -77,10 +77,10 @@ if ( ! defined( 'ABSPATH' ) ) {
 	}
 
 	/**
-	 * Returns the type of this payment token (cc, echeck, or something else)
+	 * Returns the type of this payment token (CC, eCheck, or something else)
 	 *
 	 * @since 2.6.0
-	 * @return string Payment token type
+	 * @return string Payment Token Type (CC, eCheck)
 	 */
 	public function get_type() {
 		return isset( $this->data['type'] ) ? $this->data['type'] : '';
diff --git a/includes/payment-tokens/class-wc-payment-token-cc.php b/includes/payment-tokens/class-wc-payment-token-cc.php
index 2b4b7e81807..6b44ef4eec6 100644
--- a/includes/payment-tokens/class-wc-payment-token-cc.php
+++ b/includes/payment-tokens/class-wc-payment-token-cc.php
@@ -54,6 +54,14 @@ class WC_Payment_Token_CC extends WC_Payment_Token {
 			return false;
 		}
 
+		if ( 4 !== strlen( $this->meta['expiry_year'] ) ) {
+			return false;
+		}
+
+		if ( 2 !== strlen( $this->meta['expiry_month'] ) ) {
+			return false;
+		}
+
 		return true;
 	}