WordPress.org

Making WordPress.org

Changeset 6111


Ignore:
Timestamp:
11/10/17 02:18:10 (5 weeks ago)
Author:
iandunn
Message:

WordCamp Budgets: Delete old payment information to protect privacy.

See #3244

Location:
sites/trunk/wordcamp.org/public_html/wp-content/plugins
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • sites/trunk/wordcamp.org/public_html/wp-content/plugins/wordcamp-payments-network/bootstrap.php

    r6106 r6111  
    2323    require_once( WP_PLUGIN_DIR . '/wordcamp-payments/includes/sponsor-invoice.php' ); 
    2424    require_once( WP_PLUGIN_DIR . '/wordcamp-payments/includes/reimbursement-request.php' ); 
     25    require_once( WP_PLUGIN_DIR . '/wordcamp-payments/includes/payment-request.php' ); 
    2526 
    2627    require_once( __DIR__ . '/includes/wordcamp-budgets-dashboard.php' ); 
  • sites/trunk/wordcamp.org/public_html/wp-content/plugins/wordcamp-payments-network/includes/wordcamp-budgets-dashboard.php

    r6106 r6111  
    22 
    33namespace WordCamp\Budgets_Dashboard; 
     4 
     5use WordCamp_Budgets; 
     6use WCP_Payment_Request; 
     7use Payment_Requests_Dashboard; 
     8use WordCamp\Budgets\Reimbursement_Requests; 
     9use WordCamp\Budgets_Dashboard\Reimbursement_Requests AS Reimbursements_Dashboard; 
     10 
    411defined( 'WPINC' ) or die(); 
     12 
     13define( 'REDACTED_VALUE',               '[deleted for privacy]'    ); 
     14define( 'REDACT_PAID_REQUESTS_CRON_ID', 'wcb_redact_paid_requests' ); 
    515 
    616/* 
     
    1727add_action( 'admin_init', __NAMESPACE__ . '\process_action_set_pending_payment', 11 ); 
    1828add_action( 'admin_init', __NAMESPACE__ . '\process_import_request', 11 ); 
     29 
     30add_action( REDACT_PAID_REQUESTS_CRON_ID, __NAMESPACE__ . '\redact_paid_requests' ); 
     31 
     32if ( ! wp_next_scheduled( REDACT_PAID_REQUESTS_CRON_ID ) ) { 
     33    wp_schedule_event( time(), 'twicedaily', REDACT_PAID_REQUESTS_CRON_ID ); 
     34} 
    1935 
    2036/** 
     
    894910} 
    895911 
     912/** 
     913 * Redact payment information when it's no longer needed, to protect privacy. 
     914 */ 
     915function redact_paid_requests() { 
     916    global $wpdb; 
     917 
     918    $reimbursements_index = Reimbursements_Dashboard\get_index_table_name(); 
     919    $vendors_index        = Payment_Requests_Dashboard::get_table_name(); 
     920    $encrypted_fields     = WordCamp_Budgets::get_encrypted_fields(); 
     921    $retention_period     = strtotime( WordCamp_Budgets::PAYMENT_INFO_RETENTION_PERIOD . ' days ago' ); 
     922 
     923    $paid_reimbursements = $wpdb->get_results( " 
     924        SELECT blog_id, request_id, date_paid 
     925        FROM `$reimbursements_index` 
     926        WHERE status = 'wcb-paid' 
     927    " ); 
     928 
     929    $paid_vendors = $wpdb->get_results( " 
     930        SELECT blog_id, post_id AS request_id, paid AS date_paid 
     931        FROM `$vendors_index` 
     932        WHERE status = 'wcb-paid' 
     933    " ); 
     934 
     935    foreach ( array_merge( $paid_reimbursements, $paid_vendors ) as $indexed_reimbursement ) { 
     936        switch_to_blog( $indexed_reimbursement->blog_id ); 
     937 
     938        $reimbursement_post = get_post( $indexed_reimbursement->request_id ); 
     939        $field_prefix       = get_encrypted_field_prefix( $reimbursement_post->post_type ); 
     940 
     941        if ( $indexed_reimbursement->date_paid < $retention_period ) { 
     942            foreach ( $encrypted_fields as $field ) { 
     943                $field = $field_prefix . $field; 
     944 
     945                if ( ! empty( $reimbursement_post->$field ) && REDACTED_VALUE !== $reimbursement_post->$field ) { 
     946                    update_post_meta( $reimbursement_post->ID, $field, REDACTED_VALUE ); 
     947                } 
     948            } 
     949        } 
     950 
     951        restore_current_blog(); 
     952    } 
     953} 
     954 
     955/** 
     956 * Get the encrypted field prefix for the given post type 
     957 * 
     958 * @todo Instead of hardcoding them here and in the Payments modules, it'd be better to setup 
     959 *       constants and use those everywhere. 
     960 * 
     961 * @see WordCamp_Budgets::validate_save_payment_method_fields() 
     962 * 
     963 * @param string $post_type 
     964 * 
     965 * @return string 
     966 */ 
     967function get_encrypted_field_prefix( $post_type ) { 
     968    switch ( $post_type ) { 
     969        case Reimbursement_Requests\POST_TYPE: 
     970            $prefix = '_wcbrr_'; 
     971            break; 
     972 
     973        case WCP_Payment_Request::POST_TYPE: 
     974            $prefix = '_camppayments_'; 
     975            break; 
     976 
     977        default: 
     978            $prefix = ''; 
     979            break; 
     980    } 
     981 
     982    return $prefix; 
     983} 
     984 
    896985class WCB_Import_Results { 
    897986    public static $data; 
  • sites/trunk/wordcamp.org/public_html/wp-content/plugins/wordcamp-payments/includes/encryption.php

    r6107 r6111  
    4343        if ( ! is_string( $raw_data ) ) { 
    4444            return new WP_Error( 'encryption-error', 'Only strings can be encrypted.' ); 
     45        } 
     46 
     47        if ( REDACTED_VALUE === $raw_data ) { 
     48            return $raw_data; 
    4549        } 
    4650 
Note: See TracChangeset for help on using the changeset viewer.