diff options
Diffstat (limited to 'FS/bin/freeside-wipe-cvv')
| -rwxr-xr-x | FS/bin/freeside-wipe-cvv | 87 |
1 files changed, 87 insertions, 0 deletions
diff --git a/FS/bin/freeside-wipe-cvv b/FS/bin/freeside-wipe-cvv new file mode 100755 index 0000000..70f0df9 --- /dev/null +++ b/FS/bin/freeside-wipe-cvv @@ -0,0 +1,87 @@ +#!/usr/bin/perl -w + +use strict; +use Getopt::Std; +use FS::UID qw(adminsuidsetup dbh); +use FS::Record qw(qsearch qsearchs); +use Time::Local 'timelocal'; +use Date::Format 'time2str'; + +my %opt; +getopts('vnd:', \%opt); + +my $user = shift or die &usage; +adminsuidsetup $user; +$FS::UID::AutoCommit = 0; +$FS::Record::nowarn_identical = 1; + +my $extra_sql = FS::cust_main->cancel_sql; +$extra_sql = "WHERE $extra_sql +AND cust_main.payby IN('CARD','DCRD','CHEK','DCHK') +"; + +if($opt{'d'}) { + $opt{'d'} =~ /^(\d+)$/ or die &usage; + my $time = timelocal(0,0,0,(localtime(time-(86400*$1)))[3..5]); + print "Excluding customers canceled after ".time2str("%D",$time)."\n" + if $opt{'v'}; + $extra_sql .= ' AND 0 = (' . FS::cust_main->select_count_pkgs_sql . + " AND cust_pkg.cancel > $time)"; +} + +foreach my $cust_main ( qsearch({ + 'table' => 'cust_main', + 'hashref' => {}, + 'extra_sql' => $extra_sql + }) ) { + if($opt{'v'}) { + print $cust_main->name, "\n"; + } + if($opt{'n'}) { + $cust_main->payinfo(''); + $cust_main->paydate(''); + $cust_main->payby('BILL'); +# can't have a CARD or CHEK without a valid payinfo + } + $cust_main->paycvv(''); + my $error = $cust_main->replace; + if($error) { + dbh->rollback; + die "$error (changes reverted)\n"; + } +} +dbh->commit; + +sub usage { + "Usage:\n\n freeside-wipe-cvv [ -v ] [ -n ] [ -d days ] user\n" +} + +=head1 NAME + +freeside-wipe-cvv - Wipe sensitive payment information from customer records. + +=head1 SYNOPSIS + + freeside-wipe-cvv [ -v ] [ -n ] [ -d days ] user + +=head1 DESCRIPTION + +freeside-wipe-cvv deletes the CVV numbers (and, optionally, credit +card or bank account numbers) of customers who have no non-canceled +packages. Normally CVV numbers are deleted as soon as a payment is +processed; if the customer is canceled before a payment is processed, +this may not happen and the CVV will remain indefinitely, violating +good security practice and (possibly) your merchant agreement. +Running freeside-wipe-cvv will remove this data. + +-v: Be verbose. + +-n: Remove card and account numbers in addition to CVV numbers. This +will also set the customer's payment method to 'BILL'. + +-d days: Only remove CVV/card numbers from customers who have been +inactive for at least that many days. Optional; will default to +all canceled customers. + +=cut + |