openemr · bradymiller · Apr 26, 2024 · Apr 26, 2024
diff --git a/src/Common/Logging/EventAuditLogger.php b/src/Common/Logging/EventAuditLogger.php
@@ -144,14 +144,6 @@ class EventAuditLogger
 </ParticipantObjectIdentification>
 MSG;
 
-
-    /**
-     * Keep track of the tables and the fields in each table that contains sensitive information
-     */
-    private const SENSITIVE_RECORDS = [
-        "ar_session" => array("reference")
-    ];
-
     /**
      * @param $event
      * @param $user
@@ -640,27 +632,6 @@ public function auditSQLEvent($statement, $outcome, $binds = null)
             }
         }
 
-        /**
-         * Avoid logging sensitive information in logs.
-         * For any insert operation, if the current table contains any field containing sensitive information,
-         * the value for that field is masked to match its length.
-         */
-        if ($querytype == "insert") {
-            foreach (self::SENSITIVE_RECORDS as $table => $fields) {
-                if (strpos($comments, $table) !== false) {
-                    foreach ($fields as $field) {
-                        $pattern = "/($field)\s*=\s*'([^']+)'/";
-                        $comments = preg_replace_callback($pattern, function ($matches) {
-                            $field_name = $matches[1];
-                            $field_value = $matches[2];
-                            $masked_value = str_repeat('X', strlen($field_value));
-                            return "$field_name = '$masked_value'";
-                        }, $comments);
-                    }
-                }
-            }
-        }
-
         /* Avoid filling the audit log with trivial SELECT statements.
          * Skip SELECTs from unknown tables.
          */