I have to wonder how else he'd be able to properly test it with a vast amount of real data that he doesn't otherwise have?
Besides, I'd be more concerned about names, emails, and other highly personal information we hand over so easily in many other places online than about what a few members on a site are talking about, which more often than not is unimportant. If you're not comfortable handing over that information, then don't.
Anyway, I'm excited to see this over as that means more XenForo customers are on the way over.
If you do an import for someone you don't need to go through the database visually and read the content.
Most of the times I do not get to see any threads, posts, nor is there a need to even look up any personal msgs. The only reason you'd go to the public forum after an import is to view if the forum structure is there, if a thread loads and doesn't look broken and if the forum statistics look like things went fine.
A preview can be given to the owner of the site who can review the content - it's their forum after all.
I see no reason (for the imports that I do for others) to scan through a database, read content from threads, etc. It's all back-end stuff. And it's a courtesy towards those who trusted you with their database.
After all, if one is interested in the content, they can just sign up on the site when it runs live and read the posts.
This is also why I would do an import via a professional, rather than someone who says: this should be easy, I will do it for free or $4, trust me .. I won't resell your .sql on digitalpoint.com or flippa.com
Run a query to replace the PM content with dummy text.
Emails and passwords would be more of an issue than PM's more than likely (Unless someones like sharing banking information, and then they're already incapable of keeping private information private ).
If it's for testing a converter - sanitise the data by installing a test copy of the forum and filling it with dummy content.
If it's for someone to convert it for you, either get some feedback from the community to vouch for the professionalism of the person/company, or get an agreement that all data supplied for converstion is destroyed afterwards. (I know that, technically, you can't stop someone making and sharing a copy of your data - but at least you'd have some recourse if they do!).
I think the "ideal" though, is for the forum makers to offer a conversion service themselves - at least that way there shouldn't be any trust issues.
I'm sure Kier would prefer to read your users' PMs than finalise an IPB importer and make some money for XenForo Ltd.
In terms of dealing with private data, I would just export the PM table and replace the text with dummy text (but ensure everything else stays the same), then reimport the original PMs after the conversion has taken place.
Clearly some people believe so. Then again, some people go round with tin foil hats on.
If people arent prepared to provide real world data for testing, then they cant complain if it fails on a real world import. I've already encounted this while doing the vb4 importer - people report an issue I cannot replicate [without access to their data] and they wont provide the access - which simply means I wont be able to fix their issue.
Why on earth anyone thinks people writing importers have nothing better to do than read the posts, PM's or whatever of people they have no connection with is beyond me - I certainly have better things to do with my time.
I do think it would be nice if there was even an uber basic md5 hash for PMs at least it would keep it away from prying eyes, would be useful esp. in the event some rtard admin had the pm table publicly visible(I'm bad at situations...)