tinks87 Posted May 19, 2011 Share Posted May 19, 2011 Hi, Im developing a program and it contains bank details in some of the fields stored in the MySQL database. As part of the upload, I need to find bank details and then mask them by replacing them with XXXXXX for security purposes. An example of a field could be "TRANSFER 540021 61782457" and I need to replace to "TRANSFER XXXXXX XXXXX457" Any ideas to the best possible method? Maybe I would mask blocks of numbers (ie numbers in blocks of 6 or 9) to cover this...im not sure what the best possible way is. Thanks! Quote Link to comment https://forums.phpfreaks.com/topic/236843-masking-bank-details/ Share on other sites More sharing options...
JonnoTheDev Posted May 19, 2011 Share Posted May 19, 2011 You are storing bank details! Are you allowed to do this? Why would you store a series of X's in a database field? If they are not meant to be seen, why even store them? Quote Link to comment https://forums.phpfreaks.com/topic/236843-masking-bank-details/#findComment-1217438 Share on other sites More sharing options...
tinks87 Posted May 19, 2011 Author Share Posted May 19, 2011 Basically a user can download their bank transactions and upload for analysis. Only issue is that it contains bank details in transactions they have made. I see your point about why storing them at all. But I need to store them for the user but leaving the last two digits visible so they can see where the transfer went. Before the upload occurs, I want to remove any bank details for security purposes. Thanks Quote Link to comment https://forums.phpfreaks.com/topic/236843-masking-bank-details/#findComment-1217443 Share on other sites More sharing options...
anupamsaha Posted May 19, 2011 Share Posted May 19, 2011 Then take the JavaScript path to mask them before you upload them. Quote Link to comment https://forums.phpfreaks.com/topic/236843-masking-bank-details/#findComment-1217446 Share on other sites More sharing options...
JonnoTheDev Posted May 19, 2011 Share Posted May 19, 2011 <?php /* heres the transaction number */ $number = '123456789'; /* get the last $digits digits to save in the db */ $digits = 3; $to_save = substr($number, strlen($number)-$digits, $digits); ?> Quote Link to comment https://forums.phpfreaks.com/topic/236843-masking-bank-details/#findComment-1217452 Share on other sites More sharing options...
Adam Posted May 19, 2011 Share Posted May 19, 2011 I hope you're using SSL for these uploads..? Quote Link to comment https://forums.phpfreaks.com/topic/236843-masking-bank-details/#findComment-1217454 Share on other sites More sharing options...
tinks87 Posted May 19, 2011 Author Share Posted May 19, 2011 Thanks neil.johnson! That manages the masking issue but do you know how to find the numbers that need masking in the first place? I mean if the string is "TRANSFER 540021 61782457", how do I find just the 540021 or 61782457 within the string? Quote Link to comment https://forums.phpfreaks.com/topic/236843-masking-bank-details/#findComment-1217457 Share on other sites More sharing options...
tinks87 Posted May 19, 2011 Author Share Posted May 19, 2011 MrAdam, im just in development at the mo on my local machine. SSL will be the way forward along with a lot of security!! Not the best data to deal with using uploads! :-\ Quote Link to comment https://forums.phpfreaks.com/topic/236843-masking-bank-details/#findComment-1217459 Share on other sites More sharing options...
JonnoTheDev Posted May 19, 2011 Share Posted May 19, 2011 <?php /* heres the transaction string */ $string = 'TRANSFER 540021 61782457'; /* extract the numbers */ preg_match_all('/[0-9]+/', $string, $result, PREG_PATTERN_ORDER); $result = $result[0]; if(count($result)) { $number = implode('', $result); /* get the last 3 digits to save in the db */ $digits = 3; $to_save = substr($number, strlen($number)-$digits, $digits); } ?> Quote Link to comment https://forums.phpfreaks.com/topic/236843-masking-bank-details/#findComment-1217464 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.