The "recurly_account" database table includes a "data" parameter that just stores everything about a particular account or transaction in a serialized format. However these objects may contain sensitive information such as tokens for user login to Recurly.com (without a password). We should not save this information due to the dangerous nature of its content. Really we might consider dropping the entire use of this table, since the point of Recurly is to offload the responsibility of account handling to Recurly. The one value it may provide is a Drupal ID to Recurly ID mapping table, though it's current structure is misleading because it only includes a "uid" column, while subscriptions could in theory be on nodes or OG groups.
In any case, let's remove the dangerous column for now and work on improving the table structure later.
| Comment | File | Size | Author |
|---|---|---|---|
| #1 | recurly_data_column.patch | 356 bytes | quicksketch |
| recurly_data_column.patch | 14.14 KB | quicksketch |
Comments
Comment #1
quicksketchHeh, sorry that patch includes unrelated additions. Here's the patch, which is trivial.
Comment #2
quicksketchCommitted to both branches.