diff options
Diffstat (limited to 'FS')
| -rwxr-xr-x | FS/bin/freeside-wipe-cvv | 87 | 
1 files changed, 87 insertions, 0 deletions
| diff --git a/FS/bin/freeside-wipe-cvv b/FS/bin/freeside-wipe-cvv new file mode 100755 index 000000000..611e841ae --- /dev/null +++ b/FS/bin/freeside-wipe-cvv @@ -0,0 +1,87 @@ +#!/usr/bin/perl -w + +use strict; +use Getopt::Std; +use FS::UID qw(adminsuidsetup dbh); +use FS::Record qw(qsearch qsearchs); +use Time::Local 'timelocal'; +use Date::Format 'time2str'; + +my %opt; +getopts('vnd:', \%opt); + +my $user = shift or die &usage; +adminsuidsetup $user; +$FS::UID::AutoCommit = 0; +$FS::Record::nowarn_identical = 1; + +my $extra_sql = FS::cust_main->cancel_sql; +$extra_sql = "WHERE $extra_sql  +AND cust_main.payby IN('CARD','DCRD','CHEK','DCHK') +"; + +if($opt{'d'}) { +  $opt{'d'} =~ /^(\d+)$/ or die &usage; +  my $time = timelocal(0,0,0,(localtime(time-(86400*$1)))[3..5]); +  print "Excluding customers canceled after ".time2str("%D",$time)."\n"  +    if $opt{'v'}; +  $extra_sql .= ' AND 0 = (' . FS::cust_main->select_count_pkgs_sql .  +                " AND cust_pkg.cancel > $time)"; +} + +foreach my $cust_main ( qsearch({ +    'table'     => 'cust_main', +    'hashref'   => {}, +    'extra_sql' => $extra_sql +  }) ) { +  if($opt{'v'}) { +    print $cust_main->name, "\n"; +  } +  if($opt{'n'}) { +    $cust_main->payinfo('deleted'); +    $cust_main->paydate(''); +    $cust_main->payby('BILL');  +# can't have a CARD or CHEK without a valid payinfo +  } +  $cust_main->paycvv(''); +  my $error = $cust_main->replace; +  if($error) { +    dbh->rollback; +    die "$error (changes reverted)\n"; +  } +} +dbh->commit; + +sub usage { +  "Usage:\n\n  freeside-wipe-cvv [ -v ] [ -n ] [ -d days ] user\n" +} + +=head1 NAME + +freeside-wipe-cvv - Wipe sensitive payment information from customer records. + +=head1 SYNOPSIS + +  freeside-wipe-cvv [ -v ] [ -n ] [ -d days ] user + +=head1 DESCRIPTION + +freeside-wipe-cvv deletes the CVV numbers (and, optionally, credit +card or bank account numbers) of customers who have no non-canceled  +packages.  Normally CVV numbers are deleted as soon as a payment is  +processed; if the customer is canceled before a payment is processed,  +this may not happen and the CVV will remain indefinitely, violating  +good security practice and (possibly) your merchant agreement. +Running freeside-wipe-cvv will remove this data. + +-v: Be verbose. + +-n: Remove card and account numbers in addition to CVV numbers.  This  +will also set the customer's payment method to 'BILL'. + +-d days: Only remove CVV/card numbers from customers who have been  +inactive for at least that many days.  Optional; will default to  +all canceled customers. + +=cut + | 
