Skip to content

Commit

Permalink
make obscured login email slightly more guessable
Browse files Browse the repository at this point in the history
  • Loading branch information
tamw-wnet committed Sep 26, 2023
1 parent 14e6a95 commit 8cd6ba8
Showing 1 changed file with 9 additions and 1 deletion.
10 changes: 9 additions & 1 deletion classes/class-pbs-passport-authenticate.php
Original file line number Diff line number Diff line change
Expand Up @@ -238,7 +238,15 @@ public function read_jwt($token) {
public function obscured_login_account($mvaultinfo) {
$profile_email = !empty($mvaultinfo['pbs_profile']['email']) ? $mvaultinfo['pbs_profile']['email'] : false;
if ($profile_email) {
return preg_replace("/(.)(.*@)(.)(.*)\.(\w)\w+$/", "$1****@$3****.$5**", $profile_email);
$parts = explode('@', $profile_email);
$address_parts = explode('.', $parts[1]);
$obscured_email = substr($parts[0], 0, 1) . str_repeat('*', ( strlen($parts[0])-1 ) ) . '@';
$domainsep = "";
foreach ($address_parts as $part) {
$obscured_email .= $domainsep . substr($part, 0, 1) . str_repeat('*', ( strlen($part)-1 ) );
$domainsep = '.';
}
return $obscured_email;
}
return false;
}
Expand Down

0 comments on commit 8cd6ba8

Please sign in to comment.