Obfuscate passwords

[viharm]

When I request my users to send me a debug log, it may include any passwords they may have entered.

Is there a builtin mechanism to obfuscate certain strings like passwords (crypt or password_hash, etc.); or is it better to do this outside of Kint ?

It becomes a bit tedious if the string is inside an array and the whole array is passed to Kint. If this feature does not exist or there is no plan to add, then I am happy to do this outside of Kint, but it may always be worth asking.

[raveren]

No, unfortunately, there's no generic way to do this, I never encountered this requirement, but for example when I need to log user activity I redact the known password fields from form submissions - so it's similar and I've never found a better way to do it but using custom code.

You may consider encoding the debug logs themselves so the user does not know what he's sending himself. I have a system in place that, when an error occurs, sends debug logs via email to developers and the user is shown a pretty error page with no technical information.

Finally, I'm sensing a big need for logging functionality in Kint, so I'll be working on that in the coming months - ant it will most likely include ability to pre-process data before sending for usecases like yours, but it will definitely take a while...

[viharm]

Understood. Thanks for taking the time to respond. I appreciate it.

Needless to say Kint has been very helpful to me. Thanks for developing it.

[raveren]

It's a pleasure, thanks for the kind words, sorry I couldn't be more helpful :)

[viharm]

I have created a wrapper around Kint for this. phpKhelper. It only adds this incremental functionality whilst using Kint's awesome features :-)