/** * The log function, in the context of the PciDssLogger is responsible * for interpolating the $context into $message and parsing the output * to identify data in the $context passed parameter that IS or MIGHT * constitute sensitive data under PCI DSS by reference to the * $elementTypeMap passed parameter. * * @param type $level * @param type $message * @param array $context * @param array $elementTypeMap */ public function log($level, $message, array $context = array(), array $elementTypeMap = array()) { // // Sanitize the context array by reference to the element type map // passed as a parameter. // $sanitizedContext = PciDss::sanitizeAssociativeArrayElements($context, $elementTypeMap); // // If 'loggable' context is provided and it is an object, or an array, // translate the loggable context to a string for straightforward // inclusion within the interpolated log message. // if (array_key_exists('loggable', $sanitizedContext)) { $loggable = self::generateStringFromLoggableElement($sanitizedContext['loggable']); $sanitizedContext['loggable'] = $loggable; } $this->logger->log($level, self::interpolate($message, $sanitizedContext)); if (!empty($sanitizedContext)) { $this->logger->log($level, self::interpolate('{loggable}', $sanitizedContext)); } }
/** * */ public function testSanitizeAssociativeArrayElements() { $source = array('a' => '4000000000000002', 'b' => '4000000000000002', 'c' => '4000000000000002', 'd' => '4000000000000002', 'e' => '4000000000000002', 'f' => '1234', 'g' => '1234', 'h' => '1234', 'i' => '1234', 'j' => '1234', 'k' => '12345678', 'l' => '123456789', 'm' => '1234567890', 'n' => '12345678901', 'o' => '123456789012', 'p' => '1234567890123', 'q' => '12345678901234', 'r' => '123456789012345'); $sanitized = PciDss::sanitizeAssociativeArrayElements($source, array('c' => PciDss::CARDNUMBER, 'd' => PciDss::CSC, 'h' => PciDss::CSC, 'i' => PciDss::CARDNUMBER, 'k' => PciDss::CARDNUMBER, 'l' => PciDss::CARDNUMBER, 'm' => PciDss::CARDNUMBER, 'n' => PciDss::CARDNUMBER, 'o' => PciDss::CARDNUMBER, 'p' => PciDss::CARDNUMBER, 'q' => PciDss::CARDNUMBER, 'r' => PciDss::CARDNUMBER)); $expected = array('a' => '4000000000000002', 'b' => '4000000000000002', 'c' => '400000******0002', 'd' => '****************', 'e' => '4000000000000002', 'f' => '1234', 'g' => '1234', 'h' => '****', 'i' => '1234', 'j' => '1234', 'k' => 'nnnn5678', 'l' => 'nnnnn6789', 'm' => 'nnnnnn7890', 'n' => 'nnnnnnn8901', 'o' => '123456******', 'p' => '123456******3', 'q' => '123456******34', 'r' => '123456******345'); $this->assertEquals($expected, $sanitized); }