Partially hide email address in PHP

Here's my alternate solution for this.

I wouldn't use the exact number of mask characters to match the original length of the email, but rather use a fixed length mask for privacy reasons. I would also set the maximum allowed characters to show as well as never show more than half of the email. I would also mask all emails less than a minimum length.

With those rules in mind, here's my function with optional parameters:

function maskEmail($email, $minLength = 3, $maxLength = 10, $mask = "***") {
    $atPos = strrpos($email, "@");
    $name = substr($email, 0, $atPos);
    $len = strlen($name);
    $domain = substr($email, $atPos);

    if (($len / 2) < $maxLength) $maxLength = ($len / 2);

    $shortenedEmail = (($len > $minLength) ? substr($name, 0, $maxLength) : "");
    return  "{$shortenedEmail}{$mask}{$domain}";
}

Tests:

$email = "";
$tests = [];
for ($i=0; $i < 22; $i++) {
    $email .= chr(97 + $i);

    $tests[] = $email . " -> " . maskEmail("{$email}@example.com");
}
print_r($tests);

Results:

Array
(
    [0] => a -> ***@example.com
    [1] => ab -> ***@example.com
    [2] => abc -> ***@example.com
    [3] => abcd -> ab***@example.com
    [4] => abcde -> ab***@example.com
    [5] => abcdef -> abc***@example.com
    [6] => abcdefg -> abc***@example.com
    [7] => abcdefgh -> abcd***@example.com
    [8] => abcdefghi -> abcd***@example.com
    [9] => abcdefghij -> abcde***@example.com
    [10] => abcdefghijk -> abcde***@example.com
    [11] => abcdefghijkl -> abcdef***@example.com
    [12] => abcdefghijklm -> abcdef***@example.com
    [13] => abcdefghijklmn -> abcdefg***@example.com
    [14] => abcdefghijklmno -> abcdefg***@example.com
    [15] => abcdefghijklmnop -> abcdefgh***@example.com
    [16] => abcdefghijklmnopq -> abcdefgh***@example.com
    [17] => abcdefghijklmnopqr -> abcdefghi***@example.com
    [18] => abcdefghijklmnopqrs -> abcdefghi***@example.com
    [19] => abcdefghijklmnopqrst -> abcdefghij***@example.com
    [20] => abcdefghijklmnopqrstu -> abcdefghij***@example.com
    [21] => abcdefghijklmnopqrstuv -> abcdefghij***@example.com
)

here's something quick:

function obfuscate_email($email)
{
    $em   = explode("@",$email);
    $name = implode('@', array_slice($em, 0, count($em)-1));
    $len  = floor(strlen($name)/2);

    return substr($name,0, $len) . str_repeat('*', $len) . "@" . end($em);   
}

// to see in action:
$emails = ['"Abc\@def"@iana.org', '[email protected]'];

foreach ($emails as $email) 
{
    echo obfuscate_email($email) . "\n";
}

echoes:

"Abc\*****@iana.org
abcdl*****@hotmail.com

uses substr() and str_repeat()


Maybe this is not what you want, but I would go for this:

<?php

    /*

    Here's the logic:

    We want to show X numbers.
    If length of STR is less than X, hide all.
    Else replace the rest with *.

    */

function mask($str, $first, $last) {
    $len = strlen($str);
    $toShow = $first + $last;
    return substr($str, 0, $len <= $toShow ? 0 : $first).str_repeat("*", $len - ($len <= $toShow ? 0 : $toShow)).substr($str, $len - $last, $len <= $toShow ? 0 : $last);
}

function mask_email($email) {
    $mail_parts = explode("@", $email);
    $domain_parts = explode('.', $mail_parts[1]);

    $mail_parts[0] = mask($mail_parts[0], 2, 1); // show first 2 letters and last 1 letter
    $domain_parts[0] = mask($domain_parts[0], 2, 1); // same here
    $mail_parts[1] = implode('.', $domain_parts);

    return implode("@", $mail_parts);
}

$emails = array(
    '[email protected]',
    '[email protected]',
    '[email protected]',
    '[email protected]',
    '[email protected]',
    '[email protected]',
    '[email protected]',
    '[email protected]',
    '[email protected]'
);

foreach ($emails as $email){
    echo '<b>'.$email.'</b><br>'.mask_email($email).'<br><hr>';
}

Result:

[email protected]
*@*.com

[email protected]
**@**.com

[email protected]
***@***.com

[email protected]
ab*d@aa*a.com

[email protected]
ab**e@aa**a.com

[email protected]
ab***f@aa***a.com

[email protected]
ab****g@aa****a.com

[email protected]
ab*****h@aa*****a.com

[email protected]
ab******i@aa******a.com

Tags:

Php