Context Navigation

← Previous Ticket
Next Ticket →

Modify ↓

Ticket #1291 (closed defect: wontfix)

Last modified 10 months ago

delete_private_data() does not delete all private data

Reported by:	pavlos256@…	Owned by:	jbe
Priority:	major	Milestone:
Component:	Core	Version:	2.0
Keywords:		Cc:

Description

'text_search_data' is not cleared and exposes the login name

Does not clear the table 'member_history'

Does not clear the 'identification' field

Should probably change or hide the 'name' field. Either replace it with a random string or by some a hash like hash(id+login+name).

Attachments

Change History

comment:1 Changed 10 months ago by jbe

Status changed from new to closed
Resolution set to wontfix

1) "text_search_data" is partially cleared by "delete_private_data"() because of triggers (see line 4417 in v2.0.11 of core.sql). Beside that, it never contains the login name (see lines 132 to 137 in v2.0.11 of core.sql).

2), 3) and 4) A database dump shall be suitable to verify the results of the system. It is thus neccessary to identify the members. The fields "name", "member_history" and "identification" (as well as "authentication") are NOT cleared. This is intended. If you do need another behaviour, you may create a different function and modify lf_export accordingly.

Note that LiquidFeedback is not designed to provide anonymous voting.

Last edited 10 months ago by jbe (previous) (diff)

View ↑

Add a comment

You may use WikiFormatting here.

Modify Ticket

Action

leave as closed

reopen The resolution will be deleted. Next status will be 'reopened'

Author

Your email or username:

E-mail address and user name can be saved in the Preferences.

Attachments ↑

Note: See TracTickets for help on using tickets.

Download in other formats: