DotNetNuke-Sanitization-Script/sanitization.sql at master · ventrian/DotNetNuke-Sanitization-Script · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
-- #################################
-- Sanitization Script
-- Scott McCulloch (10/1/2012)
-- #################################

-- Setup utility functions

CREATE FUNCTION fn_RandomString(@length tinyint = 8)
RETURNS varchar(255)
AS
BEGIN
-- Strings to be at least 8 characters and no more than 15 in length
SET @length =	CASE
WHEN @length < 8 THEN 8
WHEN @length > 15 THEN 15
ELSE @length
END

DECLARE @pool varchar(100)
DECLARE @counter int
DECLARE @rand float
DECLARE @pos int
DECLARE @rstring varchar(15)

SET @pool = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'
SET @counter = 1
SET @rstring = ''

WHILE @counter <= @length
BEGIN
SET @counter = @counter + 1
SET @rand = (SELECT random from vw_random)
SET @pos = ceiling(@rand *(len(@pool)))
SET @rstring = @rstring + substring(@pool, @pos, 1)
END

RETURN (@rstring)
END
GO

CREATE VIEW vw_Random
AS
SELECT rand() as Random
GO

-- Instructions:
-- Make sure you specify the roles to Exclude (if any)
--

DECLARE @rolesToExclude varchar(max)
SET @rolesToExclude = 'Administrators'',''Some Role Name'

DECLARE @profileFieldsToExclude varchar(max)
SET @profileFieldsToExclude = 'TimeZone'',''PreferredLocale'',''PreferredTimeZone'',''Photo'

-- Updating profile Fields

EXEC
('
UPDATE
	UserProfile
SET
	PropertyValue = dbo.fn_RandomString(8)
WHERE
	UserID NOT IN
		(
		SELECT
			ur.UserID
		FROM
			UserRoles ur INNER JOIN
				Roles r ON r.RoleID = ur.RoleID
		WHERE
			RoleName IN (''' + @rolesToExclude + ''')
		GROUP BY
			ur.UserID
		)
	AND
	PropertyDefinitionID NOT IN (SELECT pd.PropertyDefinitionID FROM ProfilePropertyDefinition pd WHERE pd.PropertyName IN (''' + @profileFieldsToExclude + '''))
	AND
	PropertyValue <> ''''
')

-- Updating firstname, lastname, displayname

EXEC
('
UPDATE
	Users
SET
	FirstName = dbo.fn_RandomString(8),
	LastName = dbo.fn_RandomString(8),
	DisplayName = dbo.fn_RandomString(8),
	UserName = dbo.fn_RandomString(8),
	Email =  (dbo.fn_RandomString(8) + ''@'' + dbo.fn_RandomString(8) + ''.com'')
WHERE
	UserID NOT IN
		(
		SELECT
			ur.UserID
		FROM
			UserRoles ur INNER JOIN
				Roles r ON r.RoleID = ur.RoleID
		WHERE
			RoleName IN (''' + @rolesToExclude + ''')
		GROUP BY
			ur.UserID
		)
')

-- Remove utility functions

DROP VIEW vw_Random
GO
DROP FUNCTION fn_RandomString
GO