Hello Friends
I want to have my users submit their phone number to a collection and have it only partially shown when displayed on repeater (replaced with X’s)
ex: 999-999-XXXX
Thank You
Josue
Hi, josue.
You can replace the value with XXXX like this.
let phoneNumber = “999-999-9999”;
let temp = phoneNumber.split(“-”);
console.log(${temp[0]}-${temp[1]}-XXXX);
// output: “999-999-XXXX”
Hi josue, Note that if you don’t want to leak full phone numbers then you’ll need to make a second sanitized collection that only has the portion of the phone number you want available publicly.
You can also use data hooks to strip this data before it goes back to the browser or to automatically create the second sanitized collection when new phone numbers are submitted.
https://www.wix.com/velo/reference/wix-data/hooks/afterinsert
https://www.wix.com/velo/reference/wix-data/hooks/beforeget
https://www.wix.com/velo/reference/wix-data/hooks/beforequery
Hi, anthony.
I have a question regarding data security in cases like josue’s situation.
If I get original data (not sanitized but encrypted) from collection in backend module, and decrypt and sanitize the data in the backend then return the data to the frontend, is there any security risks?
Or do I necessarily have to create a sanitize collection?
You’re correct. As long as you sanitize it on the backend before returning it you’re fine.
I would suggest sanitizing in an allowlist way rather than a blocklist way as in explicitly defining the data you allow so any new columns don’t get accidentally leaked if you don’t update the function.
A general example would be using lodash’s pick instead of omit.
https://lodash.com/docs/4.17.15#pick / https://lodash.com/docs/4.17.15#omit
Thank you anthony.
I’m relieved to hear that. 
Also, I’m not familiar with lodash yet, so I’d like to study lodash to improve my system’s security.