How to hide sensitive data using xslt - xslt

I have a requirement to modify sensitive data using xslt before entering data into database
For example -
If account number is 12345678 then it should go to database as ****5678. I have to make this changes in xslt.
As i am new to xslt i am not able to crack this.
Could you please help me out with this ??

Try something like:
<xsl:text>****</xsl:text>
<xsl:value-of select="substring(accountnumber, string-length(accountnumber) - 3)" />
No context was provided, so you will need to make the necessary adjustments yourself.
Added:
But what if my account number is not fixed value. For example - if account number is 123456 then it should go as **3456
I would be reluctant to provide a potential attacker information about the length of the masked portion. But if you are willing to take the risk, you can use:
<xsl:variable name="len" select="string-length(accountnumber)" />
<xsl:value-of select="translate(substring(accountnumber, 1, $len - 4), '0123456789', '**********')" />
<xsl:value-of select="substring(accountnumber, $len - 3)" />

Related

XSLT: how to sum a nodeset in a selected node

I was blocked and hope someone could guide me ~
My XML is:
<PaymentMethodData>
<PaymentMethodDetails PayMethodName="ZHRX_USP_SOE_OPM_NACHA" PayRelShipNo="955160008183756">
<PayMethodName>ZHRX_USP_SOE_OPM_NACHA</PayMethodName>
<PayRelShipNo>955160008183756</PayRelShipNo>
<PaymentPercentage>50</PaymentPercentage>
<RemainingAmountFlag>N</RemainingAmountFlag>
<BankAccountDetails AccountName="PERSON ZHRX_US_CO_01">
<AccountName>PERSON ZHRX_US_CO_01</AccountName>
<AccountNumber>11111111</AccountNumber>
</BankAccountDetails>
</PaymentMethodDetails>
<PaymentMethodDetails PayMethodName="ZHRX_USP_SOE_OPM_NACHA" PayRelShipNo="955160008183756">
<PayMethodName>ZHRX_USP_SOE_OPM_NACHA</PayMethodName>
<PayRelShipNo>955160008183756</PayRelShipNo>
<PaymentPercentage>40</PaymentPercentage>
<RemainingAmountFlag>N</RemainingAmountFlag>
<BankAccountDetails AccountName="PERSON ZHRX_US_CO_01">
<AccountName>PERSON ZHRX_US_CO_01</AccountName>
<AccountNumber>22222222</AccountNumber>
</BankAccountDetails>
</PaymentMethodDetails>
<PaymentMethodDetails PayMethodName="ZHRX_USP_SOE_OPM_NACHA" PayRelShipNo="955160008183756">
<PayMethodName>ZHRX_USP_SOE_OPM_NACHA</PayMethodName>
<PayRelShipNo>955160008183756</PayRelShipNo>
<BankAccountDetails AccountName="PERSON ZHRX_US_CO_01">
<AccountName>PERSON ZHRX_US_CO_01</AccountName>
<AccountNumber>33333333</AccountNumber>
</BankAccountDetails>
</PaymentMethodDetails>
</PaymentMethodData>
The meaning is, the person "955160008183756" has three bank accounts, 50% of his payment will be made into his 1st bank account 11111111; 40% of his payment will be made into his 2nd bank account 22222222; thus the remaining amount will be made into his 3rd back account. The number of banks is dynamic.
I need to write the XSL to calculate the "remaining percentage" for the 3rd bank. I tried below XSL but it returns 100 because "sum(PaymentPercentage)" returned "false".
Pls kindly help, thank you very much!
<Percentage_Bank>
<xsl:choose>
<xsl:when test="RemainingAmountFlag = 'N'" >
<xsl:value-of select="PaymentPercentage" >
</xsl:when>
<xsl:otherwise >
<xsl:value-of select="100-sum(PaymentPercentage)"/>
</xsl:otherwise>
</xsl:choose>
</Percentage_Bank>
Regards,
Paula
I am assuming your XSLT snippet is in a template matching PaymentMethodDetails. If so, doing <xsl:value-of select="100-sum(PaymentPercentage)"/> will be looking for a PaymentPercentage under this the current node, but such a node does not exist. You need to sum up the PaymentPercentage nodes for all the other PaymentMethodDetails records.
To do this, consider defining a key like so....
<xsl:key name="payments" match="PaymentMethodDetails" use="PayRelShipNo" />
Then, to get the remaining percentage you can do this...
<xsl:value-of select="100-sum(key('payments', PayRelShipNo)/PaymentPercentage)"/>
Note I assumed your XML might have more than one account number in.
See an example of it in action at http://xsltfiddle.liberty-development.net/6qM2e2f/1

XSL getting out of context using dynamic XPATH

I'm trying to reformat an XML I get from an appliance into an HTML table, and it's format is not usual.
It use unique references in node name's, like this:
/network/content/host/content/REF_1/content
/network/content/network/content/REF_2/content
and then, it use the same references to another part of the file, as a value of a content node, like this:
/rules/content/rules/content/REF_3/content/sources/content/name = REF_1
/rules/content/rules/content/REF_3/content/destinations/content/name = REF_2
I'm trying to write a template for content that instead of getting me REF_ID which is unique, I try to get the name, in the other branch leaf. this mean I'm trying to find a value that is out of my actual context.
I'm able to retrieve the name XPATH using this variable:
<xsl:variable name='objName' select="concat('/storage/objects/',#linkclass,'/content/',#linktype,'/content/',current(),'/content/name/content')" />
but, I'm not able to use this XPATH in a query like:
<xsl:value-of select="{$objName}">
I suppose this doesn't work because it's out of context but when I ask statically for one of those XPATH I get the value.
My full code is not very complicated:
<xsl:template match="content">
<xsl:variable name='objXPATH' select="concat('/storage/objects/',#linkclass,'/content/',#linktype,'/content/',current(),'/content/name/content')" />
<xsl:variable name='obj' select="{$objXPATH}" />
<xsl:element name="a">
<xsl:attribute name="href">
#<xsl:value-of select="."/>
</xsl:attribute>
<xsl:value-of select="$obj"/>
<br />
</xsl:element>
</xsl:template>
I need help to fix this, I'm on it since one day with no evolution, and it's driving me crazy. I'm more like a script kiddie than a real developer.
Dynamic evaluation (treating a string in a variable as an XPath expression and evaluating it) is available as a vendor extension in a number of XSLT processors, and it becomes part of the standard with the introduction of xsl:evaluate in XSLT 3.0. If your XSLT processor doesn't have such an extension you may be able to write it yourself. Alternatively, if you explain the problem better, we may be able to suggest a solution that does not require dynamic evaluation.

displaying the result of xsl in cusomised format

I have the below xsl tag
<RectypeLegType>
<xsl:value-of select="../#id" />
</RectypeLegType>
and there can be two possible out come values of this as shown below..
1) <RectypeLegType>fixedLeg_612822</RectypeLegType>
2)<RectypeLegType>floatingLeg_194743</RectypeLegType>
but i want this value to be dispalyed as
<RectypeLegType>fixedLeg</RectypeLegType>
<RectypeLegType>floatingLeg</RectypeLegType>
now please advise how can i achieve this possible outcome i need to do cheanges in my please advise what changes need to be done
Assuming the underscore will always exist in the id attribute:
<RectypeLegType>
<xsl:value-of select="substring-before(../#id, '_')" />
</RectypeLegType>

How Can I Reduce "When" Statement in XSLT

Hello I am writing a XSLT statement where I need to implement 1500 conditional statements like -
<xsl:when test="ID = '51'">
<br>
<xsl:text>background: url('rightcolumn_seniorliv.jpg') no-repeat;</xsl:text>
<br>
</xsl:when>
<br>
<xsl:when test="ID = '52'">
<br>
<xsl:text>background: url('rightcolumn_seniorliv.jpg') no-repeat;</xsl:text>
<br>
</xsl:when>
If i write statement like this way then my pages will be very slow. How can i reduce my code and write this statement in a smart way?
<xsl:variable name="idlist">
<ids>
<id>50</id>
<id>59</id>
<id>66</id>
...
</ids>
</xsl:variable>
<xsl:key name="idk" match="id" use="."/>
<xsl:when test="key('idk', ID, $idlist)">...
This is XSLT 2.0 but can be adapted to work with 1.0.
I can't see all your cases, but if the pattern from your first two continues and you want that same 'rightcolumn_seniorliv.jpg' for IDs 51 thru 1551 then
<xsl: when test="ID>'50' and ID<'1552'">
it sounds like these ID cases are going well beyond logic and into the data realm. i obviously dont know anything about your app, but perhaps an ID to imagename mapping somewhere (probably database) would be in order. depending on what process generates the XML file (the first one, before XSLT transformation), you might want to just set the image name (or lack thereof) explicitly thru this mapping. then lose the when all together

Biztalk explode in XSLT transformations

I'm receiving XML into BizTalk. One part is element and the value is ids separated by comma
<Stores>15,34</Stores>
I need to transform this into
<Stores>
<Store>Store 1</Store>
<Store>Store 4</Store>
</Stores>
What I need to do is to explode the value by comma, take each value and get value from database (15 -> Store 1, 34 -> Store 2).
How can I make the explode in xslt, how ca I get value from database for each exploded value. I already have procedure in db for that, just need to know how to call it.
Here is an XSLT 1.0 compatible solution that does the explode:
<!-- straightforward -->
<xsl:template match="Stores">
<xsl:copy>
<xsl:call-template name="explode">
<xsl:with-param name="str" select="text()" />
</xsl:call-template>
</xsl:copy>
</xsl:template>
<!-- string processing through recursion -->
<xsl:template name="explode">
<xsl:param name="str" select="''" />
<xsl:variable name="temp" select="concat($str, ',')" />
<xsl:variable name="head" select="substring-before($temp, ',')" />
<xsl:variable name="tail" select="substring-after($temp, ',')" />
<xsl:if test="$head != ''">
<Store>
<xsl:value-of select="$head" />
</Store>
<xsl:call-template name="explode">
<xsl:with-param name="str" select="$tail" />
</xsl:call-template>
</xsl:if>
</xsl:template>
Output for <Stores>15,34</Stores> would be:
<Stores>
<Store>Store 15</Store>
<Store>Store 34</Store>
</Stores>
David Hall's solution seems to contain a pointer how to use an XSLT extension function to make calls to that database from XSLT.
The BizTalk Mapper does not support XSLT 2.0 (see MSDN Documentation http://msdn.microsoft.com/en-us/library/aa559261(BTS.10).aspx) so you will need to use the EXSLT extensions if you want to use the mapper.
There is a great post here by Richard Hallgren that covers how to use EXSLT within the BizTalk Mapper.
One additional thought is about an alternative solution. It is not clear if you absolutely must make your database calls one by one - would making a single call work?
It is possible to provide a stored procedure a delimited string as a parameter and to then use a function to break this string up. I've included an example of such a function below, the example being a table function. You'll be able find lots of other implementations on the web.
With the table function you can join against this in you store lookup procedure.
If this meets your needs it should be a lot faster since you now perform just a single database hit and can perform set operations to get back your list of stores.
CREATE function fn_ParseCSVString
(
#INPUTCSV varchar(MAX)
)
RETURNS #TBL TABLE
(
COL1 INT
)
AS
BEGIN
DECLARE #NUM_STR NVARCHAR(MAX)
SET #NUM_STR = #INPUTCSV
SET #NUM_STR = REPLACE(#NUM_STR,' ','')
-- this will trim any intermediate spaces
WHILE LEN(#NUM_STR) >= 0
BEGIN
DECLARE ##SUBSTR VARCHAR(100)
IF CHARINDEX(',',#NUM_STR,0) <> 0
BEGIN
SET ##SUBSTR = SUBSTRING(#NUM_STR,0,CHARINDEX(',',#NUM_STR,0))
INSERT INTO #TBL VALUES(##SUBSTR)
END
ELSE
BEGIN
INSERT INTO #TBL VALUES(#NUM_STR)
BREAK
END
SET ##SUBSTR = ##SUBSTR + ','
SET #NUM_STR = SUBSTRING(#NUM_STR, CHARINDEX(',',#NUM_STR,0) + 1, LEN(#NUM_STR))
END
RETURN
END
I assume you know how to write the overall transform but need help with the tokenization of the string containing the store numbers.
If you're using XSLT 2.0, look at the definition of the tokenize() function. This will split the string value at a specified delimiter, allowing you to perform this transformation. In XSLT 1 you could look at EXSLT regex extension functions.