spam users in wp_users after wpsc upgrade

Hi:

I have in wp-config.php i have

define( ‘WPSC_CUSTOMER_DATA_EXPIRATION’, 3 * 3600 );

if ( !defined(‘ABSPATH’) )
define(‘ABSPATH’, dirname(__FILE__) . ‘/’);

/** Sets up WordPress vars and included files. */
require_once(ABSPATH . ‘wp-settings.php’);

In Wp Control i see
wpsc_hourly_cron_task
next run is (23 minutes 11 seconds), this task executes every hour according wp control says.

In my Wp Users still showing temp users older than 48h , for example the last time i deleted user manually in PhpAdmin was February 3rd 14:48 and since here temp users are created, cron job seems dont run….

In My server Firewall is deactivated…

I can create Php File with the cron job for execute in my server but , that code i have to put in this php file?

Thxs

Regards

Hi ionainteractive,

There is a proposed hardening for exactly the problem you described already completed. It is being evaluated/tested by the core dev team. Hopefully it will pass master and be included in an upcoming point release.

– jeff

alfredo49,

The existing cron will only delete a small number of users each time it runs. This is by design so that out of memory and server performance issues can be avoided.

If you have accumulated many temporary users you may have to let the cron to run multiple times before all of the users are cleared.

See my note above about creating a new cron with a shorter interval. If your expired users count still doesn’t decrease you need to look for reasons why the cleanup routine is not working.

Help!!!

I delete all the anonymous users in the database but in users panels shows
Anonymous (1225) but when you click it not users are shown (logically)

How i can do for the number of Anonymous Users is updated to 0?

@alfredo49 that issue has been addressed in the 3.8.13.3 version.
Are you running the latest version ?

yep 3.8.13.3 , now is deactivate , but no anonymous users in database..
The question is why in users panel shows 1225 anonymous users?

only not show when plugin is activated, but i can delete the plugin because i close online shop and i dont want see 1225 nonexistent users.

help please

nobody? :_(

Wow, trying to migrate a site to a new hosting account, and have thousands of “users” and their metadata multiplied, making the sql dump run my computer out of memory….not kool people…

Had this issue for over a month now, kept users manageable by adding text below:
1. Edit your wp-config.php file, add this line below your database configuration:
define( ‘WPSC_CUSTOMER_DATA_EXPIRATION’, 12 * 3600 );

and using “No Users Delete” plugin periodically

Problem is I am now trying to update WP “ecommerce” plugin from version Version 3.8.13.1 to Version 3.8.13.3 our site bonfire.co.uk just “whites out”….the site will load but just with a white page !

This also seems to happen when I deactivate the WP ecommerce plugin.

Could it be down to extra line (above ) added to WP-config file ? or maybe something to do with plugin “No users delete” plugin ?

Any ideas, is anyone one else getting issue ? this is now stopping me updating the WPEC plugin

I have 175,000 spam users!
Updated to newest version of plugin, does not fix the problem.
WHEN IS THIS EVER GONNA GET FIXED????????????!!!!!!!!!

My mistake, the 175K users are gone.
The update worked for me!! ??

I’m having really ugly performance issues when running the cron task that removes the anonymous users, so they never get deleted. However, I came to a solution by adding this to a mu-plugin (I think it should work in functions.php too):

// Remove users and meta data.
function fix_wpsc_clear_customer_meta() {
	global $wpdb;
	require_once( ABSPATH . 'wp-admin/includes/user.php' );
	$purge_count = 200;
	$sql = "
		SELECT user_id
		FROM {$wpdb->usermeta}
		WHERE
		meta_key = '_wpsc_last_active'
		AND meta_value < UNIX_TIMESTAMP() - " . WPSC_CUSTOMER_DATA_EXPIRATION . "
		LIMIT {$purge_count}
	";
	// Do this in batches of 200 to avoid memory issues when there are too many
	// anonymous users.
	@set_time_limit( 0 ); // no time limit
	do {
		$ids = $wpdb->get_col( $sql );
		$included_ids = array();
		foreach ( $ids as $id ) {
			$included_ids[$id] = $id;
		}
		$in = implode(',', $included_ids);
		$wpdb->query( "DELETE FROM $wpdb->users WHERE ID IN ($in)" );
		$wpdb->query("DELETE FROM $wpdb->usermeta WHERE user_id IN ($in)");
	} while ( count( $ids ) == $purge_count );
	// Update number of users.
	update_option( 'user_count', count_users()['total_users'] );
}

// Modify action hook for WP e-Commerce automated task.
function fix_reset_wpsc_cron() {
	remove_action( 'wpsc_hourly_cron_task', '_wpsc_clear_customer_meta' );
	add_action( 'wpsc_hourly_cron_task', 'fix_wpsc_clear_customer_meta' );
}

// Do reset.
add_action( 'wpsc_init', 'fix_reset_wpsc_cron' );

Maybe this code can help somebody with my same issue.

@andres are you sure about your function? i get a blank page.

I think

update_option( 'user_count', count_users

isn’t good.
i changed it to
update_option( 'user_count', count_users() );

but the users are still there.

i directly call function fix_wpsc_clear_customer_meta() to test it out and on my local site it works, but on the production site it doesn’t???

oh and should we use NOW() vs UNIX_TIMESTAMP() ?? As on my prod. server UNIX_TIMESTAMP() only returns 1 and NOW() returns a lot more