pachico / magoo
PHP library to mask (redact) credit card numbers, emails and more.
Installs: 385 953
Dependents: 1
Suggesters: 0
Security: 0
Stars: 28
Watchers: 4
Forks: 8
Open Issues: 2
Requires
- php: >=5.4.0
- psr/log: ^1.0
Requires (Dev)
- codacy/coverage: dev-master
- phpunit/phpunit: ^4.8
- squizlabs/php_codesniffer: ^2.7
README
Magoo is a PHP library that will mask sensitive data in strings. Built-in masks use regex to find credit card numbers, emails, etc. and will mask only those, leaving the rest of the strings intact. This might be useful, for instance, to log sensitive user input.
You can also mask strings that match your own regex or inject masking class as long as they implement a simple interface.
Multidimensional arrays can also be masked and use it can be used to mask PSR-3 compliant logger libraries, such as Monolog.
Use the issues page to request masks to implement.
Table of contents
- Install
- Usage
- Generic
- Mask arrays
- Mask PSR-3 logger
- Testing
- Contributing
- Security
- Credits
- License
- Help
Install
Via Composer:
composer require pachico/magoo
Usage
Generic
This is a generic usage of the library.
use Pachico\Magoo\Magoo; $magoo = new Magoo(); $magoo->pushCreditCardMask() ->pushEmailMask() ->pushByRegexMask('/(email)+/m'); $mySensitiveString = 'My email is roy@trenneman.com and my credit card is 6011792594656742'; echo $magoo->getMasked($mySensitiveString); // 'My ***** is ***@trenneman.com and my credit card is ************6742'
Mask credit cards
Credit card mask accepts a custom replacement.
use Pachico\Magoo\Magoo; $magoo = new Magoo(); $magoo->pushCreditCardMask('·'); $mySensitiveString = 'This is my credit card number: 4111 1111 1111 1111.'; echo $magoo->getMasked($mySensitiveString); // This is my credit card number: ······1111.
Mask emails
Email mask accepts as optional parameters the replacement for local and domain parts.
use Pachico\Magoo\Magoo; $magoo = new Magoo(); $magoo->pushEmailMask('$', '*'); $mySensitiveString = 'My email is pachicodev@gmail.com but I need privacy.'; echo $magoo->getMasked($mySensitiveString); // My email is $$$$$$$$$$@********* but I need privacy.
Mask by regex
Regex mask will replace matches with strings that are long as each individual match. It requires a regex and accepts custom replacement.
use Pachico\Magoo\Magoo; $magoo = new Magoo(); $magoo->pushByRegexMask('(\d+)', '_'); $mySensitiveString = 'My telephone number is 639.639.639. Call me at 19:00!'; echo $magoo->getMasked($mySensitiveString); // My telephone number is ___.___.___. Call me at __:__!
Reset
You might want to use the same instance of Magoo in your application but not the same masks everytime. You can reset all masks at any time by using the reset() method.
use Pachico\Magoo\Magoo; $magoo = new Magoo(); $magoo->pushCreditCardMask()->pushByRegexMask('(\d+)', '_'); $mySensitiveString = 'My CC is 4111 1111 1111 1111 and my telephone number is 639.639.639.'; echo $magoo->getMasked($mySensitiveString); // My CC is ************____ and my telephone number is ___.___.___. $magoo->reset(); echo $magoo->getMasked($mySensitiveString); // My CC is 4111 1111 1111 1111 and my telephone number is 639.639.639.
Custom masks
Additionally, you can add your own mask as long as it implements Maskinterface.
use Pachico\Magoo\Magoo; class FooMask implements \Pachico\Magoo\Mask\MaskInterface { protected $replacement = '*'; public function __construct(array $params = []) { if (isset($params['replacement']) && is_string($params['replacement'])) { $this->replacement = $params['replacement']; } } public function mask($string) { return str_replace('foo', $this->replacement, $string); } } $magoo = new Magoo(); $customMask = new FooMask(['replacement' => 'bar']); $magoo->pushMask($customMask); $mySensitiveString = 'It is time to go to the foo.'; echo $magoo->getMasked($mySensitiveString); // It is time to go to the bar.
Mask arrays
Magoo includes a handy way to mask multidimensional arrays, which can be useful, for instance, for logger contexts.
use Pachico\Magoo\Magoo; use Pachico\Magoo\MagooArray; $magoo =new Magoo(); $magoo->pushByRegexMask('(foo)', 'bar'); $magooArray = new MagooArray($magoo); $mySensitiveArray = [ 'It is time to go to the foo.', [ 'It is never too late to go the foo.' ], new DateTime() ]; $magooArray->getMasked($mySensitiveArray);
will output
Array ( [0] => It is time to go to the bar. [1] => Array ( [0] => It is never too late to go the bar. ) [2] => DateTime Object ( [date] => 2020-08-21 11:44:33.000000 [timezone_type] => 3 [timezone] => UTC ) )
##Mask PSR-3 logger You can also use Magoo as a wrapper for PSR-3 compliant loggers. In this example, we use Monolog.
use Pachico\Magoo\Magoo; use Pachico\Magoo\MagooLogger; use Monolog\Logger; use Monolog\Handler\ErrorLogHandler; $magoo = new Magoo(); $magoo->pushByRegexMask('(foo)', 'bar'); $logger = new Logger('app'); $handler = new ErrorLogHandler(); $logger->pushHandler($handler); $magooLogger = new MagooLogger($logger, $magoo); $mySensitiveString = 'It is time to go to the foo.'; $magooLogger->warning($mySensitiveString); // [2020-08-20 15:54:34] app.WARNING: It is time to go to the bar. [] []
Change log
Please see CHANGELOG for more information what has changed recently.
Testing
$ composer test
Contributing
Please see CONTRIBUTING and CONDUCT for details.
Security
If you discover any security related issues, please email pachicodev@gmail.com instead of using the issue tracker.
Credits
License
The MIT License (MIT). Please see License File for more information.
Help
Please report any bug you might find and/or collaborate with your own masks.