Add String, domain, and email masking functions (#6532)

* Adding initial draft of a privacy policy template #6530

* Fix spelling error in filter #6530

* Adding in string, email, and domain masking functions #6502

* Adding in string, email, and domain masking functions #6502

* removing incorrect function from another issue #6502

* Add negative checks, tests, and docblocks #6502

* Update since tag for main privacy file #6502

* Fix spelling errors in docblocks #6502

easy-digital-downloads.php

@@ -311,6 +311,7 @@ private function includes() {
 		require_once EDD_PLUGIN_DIR . 'includes/login-register.php';
 		require_once EDD_PLUGIN_DIR . 'includes/shortcodes.php';
 		require_once EDD_PLUGIN_DIR . 'includes/admin/tracking.php'; // Must be loaded on frontend to ensure cron runs
+		require_once EDD_PLUGIN_DIR . 'includes/privacy-functions.php';
 
 		if ( is_admin() || ( defined( 'WP_CLI' ) && WP_CLI ) ) {
 			require_once EDD_PLUGIN_DIR . 'includes/admin/add-ons.php';

includes/privacy-functions.php

@@ -0,0 +1,118 @@
+<?php
+/**
+ * Privacy Functions
+ *
+ * @package     EDD
+ * @subpackage  Functions
+ * @copyright   Copyright (c) 2018, Easy Digital Downloads, LLC
+ * @license     http://opensource.org/licenses/gpl-2.0.php GNU Public License
+ * @since       2.9.2
+ */
+
+// Exit if accessed directly
+if ( ! defined( 'ABSPATH' ) ) exit;
+
+/**
+ * Given a string, mask it with the * character.
+ *
+ * First and last character will remain with the filling characters being changed to *. One Character will
+ * be left in tact as is. Two character strings will have the first character remain and the second be a *.
+ *
+ * @since 2.9.2
+ * @param string $string
+ *
+ * @return string
+ */
+function edd_mask_string( $string = '' ) {
+
+	if ( empty( $string ) ) {
+		return '';
+	}
+
+	$first_char  = substr( $string, 0, 1 );
+	$last_char   = substr( $string, -1, 1 );
+
+	$masked_string = $string;
+
+	if ( strlen( $string ) > 2 ) {
+
+		$total_stars = strlen( $string ) - 2;
+		$masked_string = $first_char . str_repeat( '*', $total_stars ) . $last_char;
+
+	} elseif ( strlen( $string ) === 2 ) {
+
+		$masked_string = $first_char . '*';
+
+	}
+
+
+
+	return $masked_string;
+
+}
+
+/**
+ * Given a domain, mask it with the * character.
+ *
+ * TLD parts will remain intact (.com, .co.uk, etc). All subdomains will be masked t**t.e*****e.co.uk.
+ *
+ * @since 2.9.2
+ * @param string $domain
+ *
+ * @return string
+ */
+function edd_mask_domain( $domain = '' ) {
+
+	if ( empty( $domain ) ) {
+		return '';
+	}
+
+	$domain_parts = explode( '.', $domain );
+
+	if ( count( $domain_parts ) === 2 ) {
+
+		// We have a single entry tld like .org or .com
+		$domain_parts[0] = edd_mask_string( $domain_parts[0] );
+
+	} else {
+
+		$part_count     = count( $domain_parts );
+		$possible_cctld = strlen( $domain_parts[ $part_count - 2 ] ) <= 3 ? true : false;
+
+		$mask_parts = $possible_cctld ? array_slice( $domain_parts, 0, $part_count - 2 ) : array_slice( $domain_parts, 0, $part_count - 1 );
+
+		$i = 0;
+		while ( $i < count( $mask_parts ) ) {
+			$domain_parts[ $i ] = edd_mask_string( $domain_parts[ $i ]);
+			$i++;
+		}
+
+	}
+
+	return implode( '.', $domain_parts );
+}
+
+/**
+ * Given an email address, mask the name and domain according to domain and string masking functions.
+ *
+ * Will result in an email address like a***n@e*****e.org for admin@example.org.
+ *
+ * @since 2.9.2
+ * @param $email_address
+ *
+ * @return string
+ */
+function edd_pseudo_mask_email( $email_address ) {
+	if ( ! is_email( $email_address ) ) {
+		return $email_address;
+	}
+
+	$email_parts = explode( '@', $email_address );
+	$name        = edd_mask_string( $email_parts[0] );
+	$domain      = edd_mask_domain( $email_parts[1] );
+
+	$email_address = $name . '@' . $domain;
+
+
+	return $email_address;
+}

tests/tests-privacy.php

@@ -0,0 +1,59 @@
+<?php
+
+/**
+ * @group edd_payments
+ */
+class Tests_Privacy extends EDD_UnitTestCase {
+
+	public function setUp() {
+		parent::setUp();
+	}
+
+	public function tearDown() {
+		parent::tearDown();
+	}
+
+	public function test_string_mask_0_char() {
+		$this->assertSame( '', edd_mask_string( '' ) );
+	}
+
+	public function test_string_mask_1_char() {
+		$this->assertSame( 'a', edd_mask_string( 'a' ) );
+	}
+
+	public function test_string_mask_2_char() {
+		$this->assertSame( 'h*', edd_mask_string( 'hi' ) );
+	}
+
+	public function test_string_mask_5_char() {
+		$this->assertSame( 'h***o', edd_mask_string( 'hello' ) );
+	}
+
+	public function test_domain_mask_0_parts() {
+		$this->assertSame( '', edd_mask_domain( '' ) );
+	}
+
+	public function test_domain_mask_2_parts() {
+		$this->assertSame( 'e*****e.org', edd_mask_domain( 'example.org' ) );
+	}
+
+	public function test_domain_mask_3_parts_cctld() {
+		$this->assertSame( 'e*****e.co.uk', edd_mask_domain( 'example.co.uk' ) );
+	}
+
+	public function test_domain_mask_3_parts_subdomain() {
+		$this->assertSame( 'e*****e.i*****d.org', edd_mask_domain( 'example.invalid.org' ) );
+	}
+
+	public function test_domain_mask_4_parts_subdomain_cctld() {
+		$this->assertSame( 'e*****e.i*****d.org.uk', edd_mask_domain( 'example.invalid.org.uk' ) );
+	}
+
+	public function test_email_mask() {
+		$this->assertSame( 'a***n@e*****e.org', edd_pseudo_mask_email( 'admin@example.org' ) );
+	}
+
+	public function test_email_mask_not_email() {
+		$this->assertSame( 'test-string', edd_pseudo_mask_email( 'test-string' ) );
+	}
+}