Mask Sensitive Data With the PHP Masked Package

Fuko\Masked is a small PHP library by Kaloyan Tsvetkov for masking sensitive data by replacing blacklisted elements with a redacted value.

Here’s an example of the basic usage from the package’s readme:

use Fuko\Masked\Protect;

// hide the value inside the $secret_key var
Protect::hideValue($secret_key);

// hide the value of $_POST['password']
Protect::hideInput('password', INPUT_POST);

$redacted = Protect::protect($_POST);

Based on the above calls, the blacklisted values and inputs will be masked. Another example from the readme is a debug blacklist, similar to Laravel 5’s Whoops blacklist:

use \Fuko\Masked\Protect;

Protect::hideInputs(array(
    INPUT_ENV => array(
        'APP_KEY',
        'DB_PASSWORD',
        'REDIS_PASSWORD',
        'MAIL_PASSWORD',
        'PUSHER_APP_KEY',
        'PUSHER_APP_SECRET',
        ),
    INPUT_SERVER => array(
        'PHP_AUTH_PW',
        'APP_KEY',
        'DB_PASSWORD',
        'REDIS_PASSWORD',
        'MAIL_PASSWORD',
        'PUSHER_APP_KEY',
        'PUSHER_APP_SECRET',
        ),
    INPUT_POST => array(
        'password',
        )
    )
);

// Passing info through `\Fuko\Masked\Protect::protect()`
// will mask the blacklisted inputs.
\Fuko\Masked\Protect::protect($_POST);

Check out the readme for more examples, including custom masking rules. You can learn more about this package, get full installation instructions, and view the source code on GitHub at fuko-php/masked.

Related: PHP Array Redactor