Partially hide email address in PHP
Here's my alternate solution for this.
I wouldn't use the exact number of mask characters to match the original length of the email, but rather use a fixed length mask for privacy reasons. I would also set the maximum allowed characters to show as well as never show more than half of the email. I would also mask all emails less than a minimum length.
With those rules in mind, here's my function with optional parameters:
function maskEmail($email, $minLength = 3, $maxLength = 10, $mask = "***") {
$atPos = strrpos($email, "@");
$name = substr($email, 0, $atPos);
$len = strlen($name);
$domain = substr($email, $atPos);
if (($len / 2) < $maxLength) $maxLength = ($len / 2);
$shortenedEmail = (($len > $minLength) ? substr($name, 0, $maxLength) : "");
return "{$shortenedEmail}{$mask}{$domain}";
}
Tests:
$email = "";
$tests = [];
for ($i=0; $i < 22; $i++) {
$email .= chr(97 + $i);
$tests[] = $email . " -> " . maskEmail("{$email}@example.com");
}
print_r($tests);
Results:
Array
(
[0] => a -> ***@example.com
[1] => ab -> ***@example.com
[2] => abc -> ***@example.com
[3] => abcd -> ab***@example.com
[4] => abcde -> ab***@example.com
[5] => abcdef -> abc***@example.com
[6] => abcdefg -> abc***@example.com
[7] => abcdefgh -> abcd***@example.com
[8] => abcdefghi -> abcd***@example.com
[9] => abcdefghij -> abcde***@example.com
[10] => abcdefghijk -> abcde***@example.com
[11] => abcdefghijkl -> abcdef***@example.com
[12] => abcdefghijklm -> abcdef***@example.com
[13] => abcdefghijklmn -> abcdefg***@example.com
[14] => abcdefghijklmno -> abcdefg***@example.com
[15] => abcdefghijklmnop -> abcdefgh***@example.com
[16] => abcdefghijklmnopq -> abcdefgh***@example.com
[17] => abcdefghijklmnopqr -> abcdefghi***@example.com
[18] => abcdefghijklmnopqrs -> abcdefghi***@example.com
[19] => abcdefghijklmnopqrst -> abcdefghij***@example.com
[20] => abcdefghijklmnopqrstu -> abcdefghij***@example.com
[21] => abcdefghijklmnopqrstuv -> abcdefghij***@example.com
)
here's something quick:
function obfuscate_email($email)
{
$em = explode("@",$email);
$name = implode('@', array_slice($em, 0, count($em)-1));
$len = floor(strlen($name)/2);
return substr($name,0, $len) . str_repeat('*', $len) . "@" . end($em);
}
// to see in action:
$emails = ['"Abc\@def"@iana.org', '[email protected]'];
foreach ($emails as $email)
{
echo obfuscate_email($email) . "\n";
}
echoes:
"Abc\*****@iana.org
abcdl*****@hotmail.com
uses substr()
and str_repeat()
Maybe this is not what you want, but I would go for this:
<?php
/*
Here's the logic:
We want to show X numbers.
If length of STR is less than X, hide all.
Else replace the rest with *.
*/
function mask($str, $first, $last) {
$len = strlen($str);
$toShow = $first + $last;
return substr($str, 0, $len <= $toShow ? 0 : $first).str_repeat("*", $len - ($len <= $toShow ? 0 : $toShow)).substr($str, $len - $last, $len <= $toShow ? 0 : $last);
}
function mask_email($email) {
$mail_parts = explode("@", $email);
$domain_parts = explode('.', $mail_parts[1]);
$mail_parts[0] = mask($mail_parts[0], 2, 1); // show first 2 letters and last 1 letter
$domain_parts[0] = mask($domain_parts[0], 2, 1); // same here
$mail_parts[1] = implode('.', $domain_parts);
return implode("@", $mail_parts);
}
$emails = array(
'[email protected]',
'[email protected]',
'[email protected]',
'[email protected]',
'[email protected]',
'[email protected]',
'[email protected]',
'[email protected]',
'[email protected]'
);
foreach ($emails as $email){
echo '<b>'.$email.'</b><br>'.mask_email($email).'<br><hr>';
}
Result:
[email protected]
*@*.com
[email protected]
**@**.com
[email protected]
***@***.com
[email protected]
ab*d@aa*a.com
[email protected]
ab**e@aa**a.com
[email protected]
ab***f@aa***a.com
[email protected]
ab****g@aa****a.com
[email protected]
ab*****h@aa*****a.com
[email protected]
ab******i@aa******a.com