Back to blog home

Acquia hooks us in to sanitise our sites

Acquia Cloud is great, but what makes it even better are Cloud Hooks that allow us to perform some much needed tasks after a deployment.

 

Acquia Cloud Hooks are simple automated scripts that are triggered on your behalf after performing an action. For example, when new code is deployed onto a production environment, Cloud Hooks can perform a database update for you.

If you have a website in production and you need to pull the latest database down onto a local environment, you don’t want to keep sensitive data such as customer email addresses. Using the post-db-copy Hook, you can create a simple script to scrub the email addresses using sql-sanitize

By creating a script file in a post-db-copy folder (let’s call this sanitize.sh) you can add the following drush command $ drush sqlsan -y

Which will go through each user on the database and change their email address to a default one. This will prevent any emails being sent out to these users on this environment.

If you are using additional fields to store email addresses, you can scrub this data by using a Drush Hook, hook_drush_sql_sync_sanitize() that will execute additional scrubbing queries when you are running sql-sanitize.

To use this Hook you will need to make a custom module and create an include file, modulename.drush.inc.

<?php
/**
* Implementation of hook_drush_sql_sync_sanitize().
*/
function modulename_drush_sql_sync_sanitize($source) {
   $query = "UPDATE content_type_profile SET field_primary_email_email = CONCAT(SUBSTRING_INDEX(field_primary_email_email,'@', 1), '@example.com');";
  drush_sql_register_post_sync_op('my-sanitize-id', dt('Sanitize email addresses'), $query);
}
?>

Moving forward, there may be a scenario where more than email addresses and passwords need to be scrubbed from a database, such as commerce data or user information entered into a webform.

Using the hook_drush_sql_sync_sanitize()Hook, we can add these additional queries to protect our user data just that little bit more:

Webform submissions

You probably won’t need webform data on a non production site, so we can remove the submitted data from this table

$query = "UPDATE webform_submitted_data SET data='scrubbed'";

Or you could truncate the webform tables by removing all instances of user submissions.

$query = "TRUNCATE webform_submitted_data";
$query = "TRUNCATE webform_submissions";

Commerce orders

User email addresses are stored against commerce orders, so if you wish to keep the orders, we can reuse the query used for changing user email addresses to a default one

$query = "UPDATE commerce_order SET mail = CONCAT(SUBSTRING_INDEX(mail,'@', 1), '@example.com');";

Commerce profiles

$query = "UPDATE commerce_customer_profile SET data = NULL;";

Commerce Paypal

$query = "UPDATE commerce_paypal_ipn SET payer_email = CONCAT(SUBSTRING_INDEX(payer_email,'@', 1), '@example.com');";

There could be many more scenarios where Cloud Hooks would be useful for development and production environments, please feel free to share in the comments!

 


Article update
This article was originally published under iKOS Digital, which unified with Inviqa in June 2016. For more information about the unification visit https://inviqa.com/new-era.