how to mass delete users awaiting approval

[pheyde]

my forum at coconutbeef.com has been getting a ton of spam so i turned on registration approval. but now i have 350 spam users awaiting approval so how can i just delete them all thanks

 

[Divinum Fiat]

Well, didn't work after all. I keep getting a script error (http://www.....com/js/jquery/jquery-1.5.2.min.js:16) and when I click "process users" it gives me an error message. When I click "stop script" it gives me the error message and when I say "continue" the page locks and Firefox says "not responding."

Any suggestions?

By the way, I get the script error notice on several other web pages even though my computer is new and updated.

 

[Jake Bunce]

Do I need to remove that library code again to hide the development area?

Yes.

I keep getting a script error (http://www.....com/js/jquery/jquery-1.5.2.min.js:16) and when I click "process users" it gives me an error message.

Is there a more detailed error message?

 

[Divinum Fiat]

I deleted the little code in the library.php file and it still gives me a script error message as soon as I go to the "users awaiting approval" page. It says this:

A script on this page may be busy, or it may have stopped responding. You can stop the script now, or you can continue to see if the script will complete.

Script: http://www.xxxx.com/js/jquery/jquery-1.5.2.min.js:16

When I say "stop script" and go to the bottom of the page delete all users I get this message:

Error
Security error occurred. Please press back, refresh the page, and try again.
I have never changed a file within the FTP. Maybe I did something wrong there? What I did is find the config.php file, which was within the library folder. I right clicked it, added the short code and then closed the file. It asked if I wanted to save the new file and I said "yes." Then I went into the Admin panel and Development area and added the long code. Over in the "users awaiting approval" section the changes took place and the defaults were set to 'reject' and the box was unchecked. However, when I click the button it gets me to this error page. Then I went back to the FTP and right-clicked on that same config.php file, deleted that line and saved the file. I didn't download that file and didn't reupload it, not sure if I should have done that. I tried erasing people again but still gives me the error page.

 

[Jake Bunce]

Oh you know what? You said you have 3500 users to process? That's a very large form. The security error can be the result of such a long form exceeding limits set in a hardened PHP installation. Are you running suhosin? Ask your host or server person to disable suhosin or to relax the various "max_vars" settings within suhosin (to something higher than 3500).

 

[Divinum Fiat]

I have no clue if I'm running suhosin (sounds like a venereal disease, gee). Will call them to find out. Yes, there are over 3,500 in there now.

 

[gordy]

Can mass deleting users awaiting confirmation be done with a SQL query ?

 

[Divinum Fiat]

Oh you know what? You said you have 3500 users to process? That's a very large form. The security error can be the result of such a long form exceeding limits set in a hardened PHP installation. Are you running suhosin? Ask your host or server person to disable suhosin or to relax the various "max_vars" settings within suhosin (to something higher than 3500).

Just talked to Hostgator and Suhoisin is not installed by default but he doesn't know why I could not delete 3500 users. He's issued a ticket but we're not even sure what to look for at this point. Any other ideas why I can't delete them?

 

[Jake Bunce]

Well my guess is that the input vars are being truncated by the server. Suhosin can do this. If you exceed the max_vars then the excess vars are truncated. If the security token is truncated then it will generate a security error. I have seen this before.

That's my best guess. Otherwise I will need FTP and admin access so I can debug it.

 

[Jake Bunce]

Can mass deleting users awaiting confirmation be done with a SQL query ?

Nope. There are too many joined tables to do a manual deletion.

 

[MattW]

Just talked to Hostgator and Suhoisin is not installed by default but he doesn't know why I could not delete 3500 users. He's issued a ticket but we're not even sure what to look for at this point. Any other ideas why I can't delete them?

Hostgator are retarded! I'm putting those settings into php.ini now

root@blu [~]# php -v
PHP 5.3.19 (cli) (built: Dec 15 2012 01:53:50)
Copyright (c) 1997-2012 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2012 Zend Technologies
with the ionCube PHP Loader v4.2.2, Copyright (c) 2002-2012, by ionCube Ltd., and
with Zend Guard Loader v3.3, Copyright (c) 1998-2010, by Zend Technologies
with Suhosin v0.9.33, Copyright (c) 2007-2012, by SektionEins GmbH

 

[Divinum Fiat]

Jake and Matt - my heros...

thank you!

 

[MattW]

All done, want to give it a try now?

 

[Divinum Fiat]

Still getting the same error messages (script still errors too).
Error
Security error occurred. Please press back, refresh the page, and try again.

 

[MattW]

SORTED!

I ended up disabling Suhosin, and eventually caught an error when the list of 3,500 users eventually loaded!

[23-Jan-2013 16:28:42 America/Chicago] PHP Warning:  Unknown: Input variables exceeded 1000. To increase the limit change max_input_vars in php.ini. in Unknown on line 0

So I increased it to 4,000, and it still didn't like that, so I've ended up whacking it to 20,000. I also changed a few things in php.ini to allow the page to run for longer:

max_execution_time = 300
max_input_time = 300
memory_limit = 256M
max_input_vars = 20000

There was also no tuning in my.cnf for InnoDB, so I've added some in there as well

innodb_file_per_table=1
innodb_additional_mem_pool_size=16M
innodb_buffer_pool_size=500M
innodb_log_buffer_size=8M
innodb_flush_log_at_trx_commit=2
innodb_thread_concurrency=0
innodb_flush_method=O_DIRECT

and now:

 

[Divinum Fiat]

No way I could have done this. Thank you, Matt. You rock!!

 

[Digital Doctor]

Admin CP -> Users -> Users Awaiting Approval

What's the protocol to get rid of this many ?

 

[Digital Doctor]

I'm getting rid of 100 at a time.

this - community/admin.php?users/moderated
lists 100 at a time (it takes 20 seconds to delete 100)

Can I bump it up to 1000 at a time ?

So when I click ... it does 1000 / time.

 

[Jake Bunce]

I'm getting rid of 100 at a time.

this - community/admin.php?users/moderated
lists 100 at a time (it takes 20 seconds to delete 100)

Can I bump it up to 1000 at a time ?

So when I click View attachment 60068 ... it does 1000 / time.

It's hard-coded.

library/XenForo/ControllerAdmin/User.php

	/**
	 * Shows a list of moderated users and allows them to be managed.
	 *
	 * @return XenForo_ControllerResponse_Abstract
	 */
	public function actionModerated()
	{
		$users = $this->_getUserModel()->getUsers(array(
			'user_state' => 'moderated'
		), array('limit' => 100));

 

[Digital Doctor]

@Jake Bunce
I ended up writing an AHK script to do it.

#NoEnv  ; Recommended for performance and compatibility with future AutoHotkey releases.
; #Warn  ; Enable warnings to assist with detecting common errors.

Sleep 10000 ; Wait 10 seconds
Loop 400
{
Loop 28
{ 
Send {PgDn} ; goes to the bottom of the page
}
    Click 597, 894 ; clicks Process Users
    Sleep 30000  ; Wait 30 seconds.
}

 

[Digital Doctor]

I used:

array('limit' => 400)

#NoEnv  ; Recommended for performance and compatibility with future AutoHotkey releases.
; #Warn  ; Enable warnings to assist with detecting common errors.
SendMode Input  ; Recommended for new scripts due to its superior speed and reliability.
Sleep 10000 ; wait 10 seconds
Loop 80
{
Loop 128
{ 
Send {PgDn} ; get to bottom of page.
}
    Click 597, 894 ; click process users.
    Sleep 120000  ; Wait 120 seconds.
}

400 seemed to avoid this problem (whereas 1000, and 700) had issues.



For my webhost, it took 80 seconds to delete 400 accounts and 20 seconds to re-display another 400.


And I awoke to this: