Comments

jessepinho’s picture

StatusFileSize
new361 bytes

Hmmm, attachment didn't work. Trying again.

jessepinho’s picture

StatusFileSize
new365 bytes

I updated this to use a valid e-mail address (using @example.com). Otherwise, orders can't be saved due to an invalid e-mail address.

rszrama’s picture

Wow, I didn't even know this existed. I had the idea for a while that we should consider ways to sanitize sensitive information, including things like card on file references, payment gateway variables, billing addresses, etc. I didn't know there was a method for doing so. What is the recommended usage for this drush function, and is it already sanitizing the e-mail addresses of user profiles, too?

jessepinho’s picture

I just discovered it recently myself! It's great for setting up test instances of a site.

This hook allows you to register queries that will be executed after the source site's database has been imported to the target site. It is already sanitizing the e-mail addresses of user profiles in the format 'user+UID@localhost', which is the behavior I copied for orders until I realized that using '@localhost' prevents orders from being saved due to e-mail address format validation.

I've written a couple Drupal Commerce payment method modules (which I'll be posting to d.o as soon as my Git application is approved) which also hook into drush to switch to sandbox mode when using --sanitize. I'm thinking that's the best practice for sanitization of sensitive payment information. (You may want to sanitize customer profiles, too! Names/addresses/etc.)

rszrama’s picture

Whoa, dude - lemme know where your review is happening and I'll do what I can to pitch in on reviews to get you approved. : )

jessepinho’s picture

StatusFileSize
new399 bytes

OK, one more modificaysh. This version doesn't change the e-mail addresses of orders where the mail field is already set to "" (blank).

nico.knaepen’s picture

Issue summary: View changes

You could try using the https://www.drupal.org/project/scrambler module. This module scrambles/sanitizes data which you have defined. There is no UI module for commerce yet but it is possible to define which fields for which tables to scramble. Here's a code example of how to use the hooks.

/**
 * Implements hook_scrambler_api().
 */
function scrambler_example_scrambler_api() {
  // Define your module name.
  $params['scrambler_example'] = array(
    // Give a unique machine name for your scrambling group.
    'shuffle_words_for_title' => array(
      // Define base table where these fields are located.
      'base_table' => 'scrambler_example',
      // Define the id of the base table.
      'id' => 'sid',
      // Define field names.
      'fields' => array('title'),
      // Define a scramble method from the scrambler API.
      'method' => SCRAMBLER_METHOD_SHUFFLE_WORDS,
    ),
    // Give a unique machine name for your scrambling group.
    'custom_method_for_teaser' => array(
      // Define base table where these fields are located.
      'base_table' => 'scrambler_example',
      // Define the id of the base table.
      'id' => 'sid',
      // Define field names.
      'fields' => array('teaser'),
      // Define your custom scrambling method.
      'method' => 'custom_scrambling',
    ),
  );

  return $params;
}

/**
 * Implements hook_scrambler_methods().
 */
function scrambler_example_scrambler_methods() {
  return array('custom_scrambling' => 'Custom scrambling (scrambler_example module)');
}

/**
 * Custom scrambling method by the scrambler_example module.
 *
 * @param string $data
 *   Input data to scramble.
 *
 * @return string
 *   Returns the scrambled string.
 */
function _scrambler_example_method_custom_scrambling(&$data) {
  // Manipulate the $data parameter in which way you think is necessary.
  return str_replace('e', 'x', str_replace('a', 'y', $data));
}