Files
hub-insurance/wp-content/plugins/esp-instanda-integration/includes/class-logger.php
T
2026-07-02 15:54:39 -06:00

45 lines
1.4 KiB
PHP

<?php
/**
* Logger - thin wrapper over Gravity Forms' add-on logging, with mandatory
* redaction on every write. The Basic auth header and any password must never
* reach a log line or a transaction record.
*
* @package ESP\Instanda
*/
declare(strict_types=1);
namespace ESP\Instanda;
final class Logger {
public static function debug(string $message): void {
self::write('debug', $message);
}
public static function error(string $message): void {
self::write('error', $message);
}
private static function write(string $level, string $message): void {
$message = self::redact($message);
$addon = class_exists(__NAMESPACE__ . '\\Instanda_AddOn')
? Instanda_AddOn::get_instance()
: null;
if ($addon !== null) {
$level === 'error' ? $addon->log_error($message) : $addon->log_debug($message);
} elseif (function_exists('error_log')) {
error_log("ESP INSTANDA [{$level}] {$message}");
}
}
/** Strip Basic auth headers and password-like values from any string before it is written. */
public static function redact(string $text): string {
$text = (string) preg_replace('/(Authorization:\s*Basic\s+)\S+/i', '$1[redacted]', $text);
$text = (string) preg_replace('/("?(?:password|pass|pwd)"?\s*[:=]\s*)"?[^",\s}]+/i', '$1[redacted]', $text);
return $text;
}
}