Are there best practices for handling user input in PHP to prevent the display of sensitive information like phone numbers?

When handling user input in PHP, it is important to sanitize and validate the data to prevent the display of sensitive information like phone numbers. One way to achieve this is by using regular expressions to detect and mask phone numbers before displaying them to the user.

// Sample code to mask phone numbers in user input
$userInput = &quot;My phone number is 123-456-7890&quot;;
$maskedInput = preg_replace(&#039;/\b\d{3}[-.]?\d{3}[-.]?\d{4}\b/&#039;, &#039;XXX-XXX-XXXX&#039;, $userInput);

echo $maskedInput;

Keywords

sanitize validation input filtering data masking security vulnerability

Are there best practices for handling user input in PHP to prevent the display of sensitive information like phone numbers?

Keywords

Related Questions