Plugin Rules: GiveWP - Githubissues

I did a little research on what would need to be anonymized for the plugin GiveWP, based on the latest version (2.18.1).

Lets start with the custom DB tables Give creates:

wp_give_commentmeta
wp_give_comments
wp_give_donationmeta
wp_give_donormeta
wp_give_donors
wp_give_formmeta
wp_give_log
wp_give_migrations
wp_give_revenue
wp_give_sequential_ordering 
wp_give_sessions

I checked each table for those which do or are likely to contain personal data. I have noticed the relevant tables and fields below.

MariaDB [wordpress]> SHOW COLUMNS FROM wordpress.wp_give_log;
+----------+---------------------+------+-----+---------+----------------+
| Field    | Type                | Null | Key | Default | Extra          |
+----------+---------------------+------+-----+---------+----------------+
| id       | bigint(20) unsigned | NO   | PRI | NULL    | auto_increment |
| log_type | varchar(16)         | NO   | MUL | NULL    |                |
| data     | text                | NO   |     | NULL    |                |
| category | varchar(64)         | NO   | MUL | NULL    |                |
| source   | varchar(64)         | NO   | MUL | NULL    |                |
| date     | datetime            | NO   |     | NULL    |                |
+----------+---------------------+------+-----+---------+----------------+

Might store personal data in data field?

MariaDB [wordpress]> SHOW COLUMNS FROM wordpress.wp_give_donors;
+-----------------+--------------+------+-----+---------+----------------+
| Field           | Type         | Null | Key | Default | Extra          |
+-----------------+--------------+------+-----+---------+----------------+
| id              | bigint(20)   | NO   | PRI | NULL    | auto_increment |
| user_id         | bigint(20)   | NO   | MUL | NULL    |                |
| email           | varchar(255) | NO   | UNI | NULL    |                |
| name            | mediumtext   | NO   |     | NULL    |                |
| purchase_value  | mediumtext   | NO   |     | NULL    |                |
| purchase_count  | bigint(20)   | NO   |     | NULL    |                |
| payment_ids     | longtext     | NO   |     | NULL    |                |
| date_created    | datetime     | NO   |     | NULL    |                |
| token           | varchar(255) | NO   |     | NULL    |                |
| verify_key      | varchar(255) | NO   |     | NULL    |                |
| verify_throttle | datetime     | NO   |     | NULL    |                |
+-----------------+--------------+------+-----+---------+----------------+

Need to anonymize: email and name?

MariaDB [wordpress]> SHOW COLUMNS FROM wordpress.wp_give_donormeta;
+------------+--------------+------+-----+---------+----------------+
| Field      | Type         | Null | Key | Default | Extra          |
+------------+--------------+------+-----+---------+----------------+
| meta_id    | bigint(20)   | NO   | PRI | NULL    | auto_increment |
| donor_id   | bigint(20)   | NO   | MUL | NULL    |                |
| meta_key   | varchar(255) | YES  | MUL | NULL    |                |
| meta_value | longtext     | YES  |     | NULL    |                |
+------------+--------------+------+-----+---------+----------------+

Might store private data in donormeta? Perhaps we should anonymize meta_value?

MariaDB [wordpress]> SHOW COLUMNS FROM wordpress.wp_give_donationmeta;
+-------------+--------------+------+-----+---------+----------------+
| Field       | Type         | Null | Key | Default | Extra          |
+-------------+--------------+------+-----+---------+----------------+
| meta_id     | bigint(20)   | NO   | PRI | NULL    | auto_increment |
| donation_id | bigint(20)   | NO   | MUL | NULL    |                |
| meta_key    | varchar(255) | YES  | MUL | NULL    |                |
| meta_value  | longtext     | YES  |     | NULL    |                |
+-------------+--------------+------+-----+---------+----------------+

Might store private data in donationmeta? Perhaps we should anonymize meta_value?

MariaDB [wordpress]> SHOW COLUMNS FROM wordpress.wp_give_comments;
+------------------+------------+------+-----+---------+----------------+
| Field            | Type       | Null | Key | Default | Extra          |
+------------------+------------+------+-----+---------+----------------+
| comment_ID       | bigint(20) | NO   | PRI | NULL    | auto_increment |
| user_id          | bigint(20) | NO   |     | NULL    |                |
| comment_content  | longtext   | NO   |     | NULL    |                |
| comment_parent   | mediumtext | NO   |     | NULL    |                |
| comment_type     | mediumtext | NO   |     | NULL    |                |
| comment_date     | datetime   | NO   |     | NULL    |                |
| comment_date_gmt | datetime   | NO   |     | NULL    |                |
+------------------+------------+------+-----+---------+----------------+

We should anonymize comment_content?

MariaDB [wordpress]> SHOW COLUMNS FROM wordpress.wp_give_commentmeta;
+-----------------+--------------+------+-----+---------+----------------+
| Field           | Type         | Null | Key | Default | Extra          |
+-----------------+--------------+------+-----+---------+----------------+
| meta_id         | bigint(20)   | NO   | PRI | NULL    | auto_increment |
| give_comment_id | bigint(20)   | NO   | MUL | NULL    |                |
| meta_key        | varchar(255) | YES  | MUL | NULL    |                |
| meta_value      | longtext     | YES  |     | NULL    |                |
+-----------------+--------------+------+-----+---------+----------------+

Might store private data in commentmeta? Perhaps we should anonymize meta_value?

Outside of the custom database tables we also need to consider the post type give_payment which the plugin creates. While all donation meta should end up in the wp_give_donationmeta table, it is possible some custom work ends up adding personal data in the default wp_postmeta table.

DekodeInteraktiv / anonymize-mysqldump

Plugin Rules: GiveWP #7