· 1 min read
Securing Sensitive Data in Laravel: Leveraging PHP's #[SensitiveParameter] Attribute
Here's a tip for Laravel developers. In PHP 8.2, you can use the #[\SensitiveParameter] attribute to mark sensitive parameters in your Eloquent model methods.
![Securing Sensitive Data in Laravel: Leveraging PHP's #[SensitiveParameter] Attribute](https://kevdees.com/uploads/2024/07/q-mh2zk9ngc.jpg)
Here's a tip for Laravel developers. In PHP 8.2, you can use the #[\SensitiveParameter] attribute to mark sensitive parameters in your Eloquent model methods. This is useful for protecting sensitive data in stack traces. For example:
php
class User extends Model
{
public function updatePassword(#[\SensitiveParameter] string $newPassword)
{
// https://laravel.com/docs/11.x/hashing#hashing-passwords
$this->password = Hash::make($newPassword);
$this->save();
}
}If an exception occurs in this method, PHP will replace the $newPassword value with Object(SensitiveParameterValue) in any stack traces, helping to prevent accidental exposure of sensitive information.
This can be particularly useful when working with sensitive data like financial transactions, personal information, and passwords in your Laravel ORM models.