You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I checked each table for those which do or are likely to contain personal data. I have noticed the relevant tables and fields below.
MariaDB [wordpress]> SHOW COLUMNS FROM wordpress.wp_give_log;
+----------+---------------------+------+-----+---------+----------------+
| Field | Type | Null | Key | Default | Extra |
+----------+---------------------+------+-----+---------+----------------+
| id | bigint(20) unsigned | NO | PRI | NULL | auto_increment |
| log_type | varchar(16) | NO | MUL | NULL | |
| data | text | NO | | NULL | |
| category | varchar(64) | NO | MUL | NULL | |
| source | varchar(64) | NO | MUL | NULL | |
| date | datetime | NO | | NULL | |
+----------+---------------------+------+-----+---------+----------------+
Might store personal data in data field?
MariaDB [wordpress]> SHOW COLUMNS FROM wordpress.wp_give_donors;
+-----------------+--------------+------+-----+---------+----------------+
| Field | Type | Null | Key | Default | Extra |
+-----------------+--------------+------+-----+---------+----------------+
| id | bigint(20) | NO | PRI | NULL | auto_increment |
| user_id | bigint(20) | NO | MUL | NULL | |
| email | varchar(255) | NO | UNI | NULL | |
| name | mediumtext | NO | | NULL | |
| purchase_value | mediumtext | NO | | NULL | |
| purchase_count | bigint(20) | NO | | NULL | |
| payment_ids | longtext | NO | | NULL | |
| date_created | datetime | NO | | NULL | |
| token | varchar(255) | NO | | NULL | |
| verify_key | varchar(255) | NO | | NULL | |
| verify_throttle | datetime | NO | | NULL | |
+-----------------+--------------+------+-----+---------+----------------+
Need to anonymize: email and name?
MariaDB [wordpress]> SHOW COLUMNS FROM wordpress.wp_give_donormeta;
+------------+--------------+------+-----+---------+----------------+
| Field | Type | Null | Key | Default | Extra |
+------------+--------------+------+-----+---------+----------------+
| meta_id | bigint(20) | NO | PRI | NULL | auto_increment |
| donor_id | bigint(20) | NO | MUL | NULL | |
| meta_key | varchar(255) | YES | MUL | NULL | |
| meta_value | longtext | YES | | NULL | |
+------------+--------------+------+-----+---------+----------------+
Might store private data in donormeta? Perhaps we should anonymize meta_value?
MariaDB [wordpress]> SHOW COLUMNS FROM wordpress.wp_give_donationmeta;
+-------------+--------------+------+-----+---------+----------------+
| Field | Type | Null | Key | Default | Extra |
+-------------+--------------+------+-----+---------+----------------+
| meta_id | bigint(20) | NO | PRI | NULL | auto_increment |
| donation_id | bigint(20) | NO | MUL | NULL | |
| meta_key | varchar(255) | YES | MUL | NULL | |
| meta_value | longtext | YES | | NULL | |
+-------------+--------------+------+-----+---------+----------------+
Might store private data in donationmeta? Perhaps we should anonymize meta_value?
MariaDB [wordpress]> SHOW COLUMNS FROM wordpress.wp_give_comments;
+------------------+------------+------+-----+---------+----------------+
| Field | Type | Null | Key | Default | Extra |
+------------------+------------+------+-----+---------+----------------+
| comment_ID | bigint(20) | NO | PRI | NULL | auto_increment |
| user_id | bigint(20) | NO | | NULL | |
| comment_content | longtext | NO | | NULL | |
| comment_parent | mediumtext | NO | | NULL | |
| comment_type | mediumtext | NO | | NULL | |
| comment_date | datetime | NO | | NULL | |
| comment_date_gmt | datetime | NO | | NULL | |
+------------------+------------+------+-----+---------+----------------+
We should anonymize comment_content?
MariaDB [wordpress]> SHOW COLUMNS FROM wordpress.wp_give_commentmeta;
+-----------------+--------------+------+-----+---------+----------------+
| Field | Type | Null | Key | Default | Extra |
+-----------------+--------------+------+-----+---------+----------------+
| meta_id | bigint(20) | NO | PRI | NULL | auto_increment |
| give_comment_id | bigint(20) | NO | MUL | NULL | |
| meta_key | varchar(255) | YES | MUL | NULL | |
| meta_value | longtext | YES | | NULL | |
+-----------------+--------------+------+-----+---------+----------------+
Might store private data in commentmeta? Perhaps we should anonymize meta_value?
Outside of the custom database tables we also need to consider the post type give_payment which the plugin creates. While all donation meta should end up in the wp_give_donationmeta table, it is possible some custom work ends up adding personal data in the default wp_postmeta table.
The text was updated successfully, but these errors were encountered:
I did a little research on what would need to be anonymized for the plugin GiveWP, based on the latest version (2.18.1).
Lets start with the custom DB tables Give creates:
I checked each table for those which do or are likely to contain personal data. I have noticed the relevant tables and fields below.
Might store personal data in
datafield?Need to anonymize:
emailandname?Might store private data in donormeta? Perhaps we should anonymize
meta_value?Might store private data in donationmeta? Perhaps we should anonymize
meta_value?We should anonymize
comment_content?Might store private data in commentmeta? Perhaps we should anonymize
meta_value?Outside of the custom database tables we also need to consider the post type
give_paymentwhich the plugin creates. While all donation meta should end up in thewp_give_donationmetatable, it is possible some custom work ends up adding personal data in the defaultwp_postmetatable.The text was updated successfully, but these errors were encountered: