We started getting errors when someone submits a new business directory listing. Here is the full error message from server log:
AH01071: Got error 'PHP message: PHP Fatal error: Uncaught Error: Call to undefined function get_home_path() in /var/www/vhosts/mydomain.com/httpdocs/wp-content/plugins/user-spam-remover/user-spam-remover.php:93\nStack trace:\n#0 /var/www/vhosts/mydomain.com/httpdocs/wp-content/plugins/user-spam-remover/user-spam-remover.php(113): UserSpamRemover->__construct()\n#1 /var/www/vhosts/mydomain.com/httpdocs/wp-content/plugins/user-spam-remover/user-spam-remover.php(924): UserSpamRemover::getInstance()\n#2 /var/www/vhosts/mydomain.com/httpdocs/wp-includes/user.php(3467): wp_new_user_notification()\n#3 /var/www/vhosts/mydomain.com/httpdocs/wp-includes/class-wp-hook.php(324): wp_send_new_user_notifications()\n#4 /var/www/vhosts/mydomain.com/httpdocs/wp-includes/class-wp-hook.php(348): WP_Hook->apply_filters()\n#5 /var/www/vhosts/mydomain.com/httpdocs/wp-includes/plugin.php(517): WP_Hook->do_action()\n#6 /var/www/vhosts/mydomain.com/httpdocs/wp-includes/user.php(3447): do_actio…', referer: https://www.mydomain.com/directory/?wpbdp_view=submit_listing
Thanks so much for this plugin. I recently reinstalled it on a website after a spike of spam user accounts. I used it in the past, and it was perfect. This time, I am getting this error when I try to run the removal manually.
PHP Fatal error: Uncaught Error: Call to undefined function get_template_part() in /srv/htdocs/wp-content/themes/contentberg/index.php:10 Stack trace: #0 {main} thrown in /srv/htdocs/wp-content/themes/contentberg/index.php on line 10The theme developer had this to say:
The get_template_part() is a core WordPress function and we just use it to load a template part. It hence does not need to be defined. Based on this, I would also recommend consulting the plugins’ support team about this matter so that they can check why their plugin is triggering a “call to undefined function get_template_part()” in this case.
Any help sorting this out is appreciated.
]]>It’s a nice plugin to remove the user without the post. But in my eCommerce site which has Easy Digital Downloads plugin. It also deleted the user with the order.
Can you tell me how to exclude the deletion of user with Order?
]]>I’m no longer really maintaining this plugin but just did a minor update to version 1.1. This was always a free plugin/volunteer project but I will always make the effort to be responsive to security reports. (I’m not monitoring www.remarpro.com or this forum in general, but I will watch this thread for any bug reports related to the new version for a little while.)
If you are already using the plugin, there is nothing you need to know or do. Let WordPress do its autoupdate, the new version works exactly the same.
Here’s what changed: By default the plugin has always initialized the default log file location for new installs to a “log” directory inside the plugin itself, along with big warnings in the install instructions and on the admin panel to change this to something that is outside your www root. Otherwise your user info and logs are visible over the web. So, if you were following instructions and changed this setting, great, there is nothing to worry about. If for some reason you’ve never changed this, you really might want to do that now (just upgrading the plugin isn’t going to change your settings).
For new installs, version 1.1 now instead will try to initalize the log file location to the PHP error_log location, or if that value is not set, it will go with one directory up from wherever WordPress is installed (e.g. if WordPress is /www/somedir/WordPress-html it will try /www/somedir ). This is better for security because the default is no longer a www-visible location. The downside is that the new default may not be webserver-writable or where you want your User Spam Remover log files to go, so if you’re a new user be sure to update this setting on the admin panel to wherever you want your logs to go and chown/chmod that dir so that it’s writable by the webserver/PHP/WordPress user.
Props and thanks Joshua for your attention and submitting a report. I really appreciate it.
]]>This plugin helped me eliminate over 10k spam registrations from a website recently, and it did its job very well regardless of being 3 years without updates.
Yet some security software complains that the plugin appears to be abandoned. Would you please update it so this warning disappears?
Thanks.
]]>Hello,
Please how can I only remove spam users with subscriber role.
Thanks
]]>So I deleted users I shouldn’t have and would like to just restore all of them. I have to do it thru myphpadmin but can’t seem to quite get it.
Do I go into the database and then into wp-user and run the file? I have tried several things but it’s not working. Can you maybe give me a little more detail on how to do it. I have found your FAQ and all that but still am struggling to get it to work.
do I have to add more of the location of the file? other than just
“mysql my-wp-database < userspamremover.restore.sql”
I would really like to see this plugin being able to detect spam users specifically within the usage of WooCommerce. For example, a user who has not made any purchase and has not been active after having registered.
]]>Hi there,
This is a great plugin that has solved a big problem for me. However, I’m having some trouble with it after it has been running for some time on a site.
I started to suspect it wasn’t automatically deleting users with no posts or comments. When I clicked on the “Remove spam/unused accounts now” button, I got this error message:
There was a problem removing using accounts. Check the most recent line in the log below for details.
However, I didn’t currently have the log activated, so there was no recent line to check. I then clicked the Activity Log checkbox to start creating the log, and I got these messages, the first one under the Automatic User Deletion section header:
User removal will not be performed because logging is requested, but the log directory does not exist. You must create it on the server. See below for details.
And the second after the Log Directory field:
The log directory does not exist. You must create it on the server.
I double and triple checked to make sure the directory was indeed on the server, and it was. I tried uninstalling and re-installing the plugin, but I keep getting the same errors.
Any help getting this plugin to work again is appreciated. It’s been a life saver for me.
]]>I have over 20,000 users registered on my site, many of which are spam registrations. Over the years I’ve improved my spam defenses, so I imagine most of those users are older. Members on my site, in most cases, need to log in to renew their membership. They login and pay via paypal, which if they’re new users moves them from level 0 users (free subscribers) to level 1 users (paid members). If they’re already members, it extends their membership for another year (using s2Member which assigned an EOT time). Therefore in theory this plugin shouldn’t catch any members, yet for some reason it does. I’m not sure why. The site is a non-profit organization and we organize our membership based on who is paid up on the web site. We can’t risk deleting members. So as an extra protection, is there (or could you add) a way to only allow deletion of a specific role? This would be useful even for sites without membership – just to insure that all Contributors, Authors, Editors, and Administrators are not deleted (you would only look at the Subscriber role). If the site is using a plugin that allows for different kinds of roles, it would be useful of course to allow a specific role to be chosen (in s2Member there is a Free Subscriber role which replaces the standard Subscriber role).
]]>Hi
I have 1696 Wordpess users defined and teh same amount is shown in the Mailpoet :Wordpress Users” list however it tells me I am over the 2000 limit and shows 2767 users?
Where does it get the extra users from?
It is alos no possible to delete users from the Mailpoet user lists
Please advise
Thanks
Plugin is good but sometime have problem with woocommrce checkout, woocomrce normally send user entered data to server, but sometime those request block by this plugin and checkout process stuck, can you please add a fix to that
]]>Hi there,
I’m just curious why this plugin uses SQL queries to remove users rather than built in WP functions. Is there a specific reason for this?
If it used the wp_delete_user function it would also cleanup and remove other data from the user as well as delete it from other plugins as well in most cases.
You can see the code for that function here. It will delete posts, comments, links, and also due to the actions it should delete any other plugin accounts such as forums accounts, WooCommerce account, etc. which hook into them. The delete_user action before a user is deleted and the deleted_user action after it’s deleted so that other plugins can hook into it and delete their data associated with the user being deleted.
What would be really cool is if it also could somehow lookup the username and email on a spam lookup database such as Stop Forum Spam and remove existing users known to be spammers.
]]>How i can restore my deleted users????
]]>I was able to filter woocommerce customers from getting deleted and i have modified your query to the following
$sql = "SELECT $select FROM ${pre}users AS u ".
"LEFT OUTER JOIN ${pre}comments AS c ON u.ID = c.user_id ".
"LEFT OUTER JOIN ${pre}posts AS p ON u.ID = p.post_author ".
"LEFT OUTER JOIN ${pre}links AS l ON u.ID = l.link_owner ".
"WHERE c.user_id IS NULL ".
"AND p.post_author IS NULL AND l.link_owner IS NULL ".
"AND u.ID NOT IN (SELECT DISTINCT(meta_value) from ${pre}postmeta WHERE meta_key = '_customer_user') ".
$this->getUserWhitelistSQL()." ".
"AND u.user_registered < DATE_ADD(NOW(), INTERVAL -$daysGrace DAY) ".
"GROUP BY u.ID${limit};";Above query works fine but as i have thousands of users in my users table your plugin get crashed. Can you help me how we can optimize this?
If we can fix this then your plugin can add this feature to filter woocommerce customers. Because woocommerce stores order data in postmeta table and customer id is stored in the meta_value where meta_key = ‘_customer_user’
]]>Hi,
I installed the plugin and I like how it works. But it seems it does not consider users without posts but with comments.
I could not find a way to configure that. I don’t want to fork the plugin (or is it on github) but maybe I overlooked this feature or it is easy to implement.
Cheers
]]>Recently the www.remarpro.com plugin directory was redesigned and the installation instructions are no longer visible on the plugin page. So I’ve pasted the installation instructions below (they’re also in the readme.txt file).
Requirements:
If you are strictly assigning MySQL privileges, note that the plugin adds two column indexes, so your database account must be assigned the ALTER and CREATE privileges (if you don’t know what this means, don’t worry, you probably already have this).
Note: if you see mysqli errors at the top of the activation or settings page, you need to tell WordPress use use the mysqli extension instead of the older mysql one. Add this line to your wp-config.php (insert it next to all the other DB settings, near the top):
define('WP_USE_EXT_MYSQL', FALSE);
One note on logging: By default, all logging is enabled (good!), but the log directory is set to the log subdirectory of the plugin. While this is OK, it means your log files will be viewable over the web, so I recommend you change this directory to someplace else (i.e., if the root of your site is /www/mysite/html, do something like /www/mysite/log). Be sure to use chmod or your FTP program to make this directory webserver-writable (don’t worry, User Spam Remover will warn you if it’s not).
#1 FAQ
What is all this mysqli vs. mysql stuff? Why are you making my life so hard?
Answer: Just put define('WP_USE_EXT_MYSQL', FALSE); in your wp-config.php and this problem will go away forever!
Long answer: The mysqli API is the new way PHP connects to MySQL, it is safe and has been around for about 15 years (since PHP 5.0 was released).
The old mysql API was officially deprecated by PHP when they released version 5.6 and it was removed entirely from PHP in version 7.0. So you will have to stop using it at some point whether you want to or not!
For the last couple of years, with this plugin I decided to support only mysqli because it is safe, it permits database transactions with rollback and can ensure the integrity of your data, while mysql is old and bad and I haven’t even used it in 10+ years, except for compatibility with WordPress.
Chances are that you already have mysqli installed, the problem is that WordPress needs you to put that line into your wp-config.php or it will try to “detect” which API to use, and it does not do this in a particularly smart way.
Of course I could make the plugin modify your wp-config.php automatically but that is something I don’t want to do, I don’t think any plugin should be changing your system configuration.
The #1 goal of this plugin is to not harm your data, break your site, or do other bad things, that is why I am going for safety over ease of use.
]]>My site doesn’t have commenting even turned on, or any of the other methods described in the plugin. Could it simply be set to delete users who haven’t logged in after a few days or something?
]]>I installed the plugin but can’t active it.
]]>Hello,
Using wpforo forum. I use this plugin but it removed all my users who had posted in the forum as well. Any way around this?
]]>I’ve been using your plugin for years, but I had to upgrade WordPress today to try and solve another problem and then I of course tried to re-enable all my plugins yours would not re-enable so I upgrade to the latest version I still get the same error:
Fatal error: Uncaught exception ‘UserSpamRemoverException’ with message ‘Your WordPress installation is not configured to use the PHP mysqli extension to connect to MySQL.This is required by the plugin. Please refer to the documentation for more information.’ in /home/muskie/domains/muschamp.ca/public_html/blog/wp-content/plugins/user-spam-remover/user-spam-remover.php:797 Stack trace: #0 /home/muskie/domains/muschamp.ca/public_html/blog/wp-content/plugins/user-spam-remover/user-spam-remover.php(144): UserSpamRemover->checkMySQL() #1 [internal function]: UserSpamRemover::activate(”) #2 /home/muskie/domains/muschamp.ca/public_html/blog/wp-includes/plugin.php(524): call_user_func_array(Array, Array) #3 /home/muskie/domains/muschamp.ca/public_html/blog/wp-admin/plugins.php(166): do_action(‘activate_user-s…’) #4 {main} thrown in /home/muskie/domains/muschamp.ca/public_html/blog/wp-content/plugins/user-spam-remover/user-spam-remover.php on line 797
I got 9 new spam subscribers today, I turned off anyone can register but I have 24000+ spam subscribers, I really should purge them it is possible a few are old actual commenters before I switched to using Disqus, but yeah I got problems but I’m not sure if I can use your plugin anymore,it worked for me or at least no fatal errors in older versions of WordPress, I’m not sure what version I was using before but I can look it up if I had to.
]]>As far as I can tell WordPress is quite happy for usernames to contain spaces, but they cannot be added to the User Spam Remover whitelist – I’ve tried putting quotes around the name as well as putting %20 instead of a space without success.
]]>This version fixes a bug that was introduced by a change in WordPress version 4.3.0 that resulted in the content of the new user email that is sent to newly registered users to be mangled. Rather than including a link for the new user to set a password, it just sends the useless text “Password: Both”.
All users of the plugin should update to the new and latest version 0.9.9.
For more information, please see this support thread.
]]>Hi,
Please update the plugin to be compatible with WordPress 4.3. I get a “both” password emailed to newly registered users issue with current plugin version 0.9.8.1.
Regards,
Oliver
]]>Can anyone provide directions to a solution?
Thanks in advance
Fatal error: Uncaught exception ‘UserSpamRemoverException’ with message ‘Your WordPress installation is not configured to use the PHP mysqli extension to connect to MySQL.This is required by the plugin.
Please refer to the documentation for more information.’ in /home2/sojhanet/public_html/wp-content/plugins/user-spam-remover/user-spam-remover.php:795 Stack trace: #0 /home2/sojhanet/public_html/wp-content/plugins/user-spam-remover/user-spam-remover.php(144): UserSpamRemover->checkMySQL() #1 [internal function]: UserSpamRemover::activate(”) #2 /home2/sojhanet/public_html/wp-includes/plugin.php(503): call_user_func_array(Array, Array) #3 /home2/sojhanet/public_html/wp-admin/plugins.php(160): do_action(‘activate_user-s…’) #4 {main} thrown in /home2/sojhanet/public_html/wp-content/plugins/user-spam-remover/user-spam-remover.php on line 795
]]>Twenty Fourteen Theme.
How do I set up to install this correctly OR what else can i use instead?
]]>Hi
When I go to the User Spam Remover settings page, I have the following message:
“WordPress installation is not configured to use the PHP mysqli extension to connect to MySQL.This is required by the plugin. Please refer to the documentation for more information.”
Unfortunately I can’t find any documentation that explains this.
Please help!
Cheers
]]>As mentioned previously by another user, the plugin isn’t blocking user registration emails.
]]>Hello,
Does this plugin support WooCommerce? I have many customers who have never posted or commented, but they have purchased items in the store. Will this plugin delete those customers?
Thanks,
Tim
First it told me that the log was unwwritable so I fixed that, now it’s saying error
“Could not SHOW INDEX on database table wp_comments.”
under the following section:
These unused user accounts are older than the age threshold you’ve set below. To remove them, either enable automatic deletion or click the “Remove spam/unused accounts now” button above.
]]>