dvg_payment_webform adds a full $form and $form_state to the payment entity property context_data. This both makes the entries in the database pretty large, as well as lacks the proper encryption for the input values and most likely is unnecessary.
On a high activity site this results quickly in a >500MB payment table.

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

pburg created an issue. See original summary.

paulvandenburg’s picture

Assigned: paulvandenburg » Unassigned
Status: Active » Needs review
FileSize
3.73 KB

This patch reduces the average size from +- 35KB to +-900B.
$form and $form_state are removed from the context. Since they are still used in the finallize submit callback I've moved them to the $_SESSION, which already gets reset after the payment is complete.

To not remove possibly valuable info I've added the submission to the context instead. The submission is encrypted before saving to not expose possibly sensitive user data.

mvwensen’s picture

Status: Needs review » Reviewed & tested by the community

Great patch, especially the part where you add the encryption.
Patch applies and does it's job.

  • ralphvdhoudt committed 464d40b on 7.x-1.x authored by pburg
    Issue #2867005 by pburg: dvg_payment_webform makes payment context_data...
ralphvdhoudt’s picture

Status: Reviewed & tested by the community » Fixed

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.