Hi Miguel,
I feel your pain here. This is a general WP problem and not specific to AWPCP. Here are a number of plugins and links to help with the prevention and cleanup of the users:
http://www.wpbeginner.com/plugins/how-to-stop-spam-registrations-on-your-wordpress-membership-site/
https://ww.wp.xz.cn/plugins/stop-spammer-registrations-plugin/
http://wpblogexperts.com/wordpress-experts-spam-users/
Start with those to shut down the flow of spammers, and you should be able to cleanup spammy users that way. The query to find the users that haven’t posted an ad may end up removing other legit users on your site (such as yourself!) so that can be dangerous to try. See if these help first.
I’ve already managed to stop bots registration with a simple math operation at register page, now my problem is to mass delete existing spam accounts.
Unfortunately those links doesn’t help because I need to target members that have an AWPCP ad which any plugin or method does.
All my members get active on registration with subscriber role.
So a script to delete spammers would have to check if member has 0 AWPCP ads posted AND if member has 0 comments posted. On true member is deleted.
I found some code that delete all members with subscriber role AND have a @hotmail email. How do I adapt this function to target members without an ad rather than with hotmail account AND 0 comments posted?
<?php $args = array(
'blog_id' => $GLOBALS['blog_id'],
'role' => 'subscriber',
'search' => '*@hotmail.com'
);
$blogusers = get_users($args);
foreach ($blogusers as $user) {
wp_delete_user( $user->ID, $reassign );
}
?>
Just one more note:
get_users( $args ) seems to work fine for this purpose in conjuction with wp_delete_user().
The danger of break the database isn’t there because we’re using WP API.
As you say there’s still the danger of legit members deletion in the process.
It can be avoided if before the definitive deletion the script use for example echo ($user->user_email) instead of wp_delete_user() , just to make sure that the members selection is correct and then replace the code to perform deletion.
Hi Miguel,
I’ll need to contact my developer to find that answer out. I’ll report back when I know more.
Thanks a lot for your concern, but I’ve managed a way to kick all my spammers out.
For future readers looking for a solution to deal with this, I did it as following:
1. Installed the plugin “Delete Spammers” and backed up my database.
2. Created an empty page with title AWPCPusers, pasted this shortcode [killspam] and saved it as draft (we don’t want search engines crawling it).
3. Added this code to theme’s functions.php
// function to target and display AWPCP users
add_action('list_ad_users', 'list_AWPCP_users');
function list_AWPCP_users() {
if(is_page('AWPCPusers')) {
global $wpdb;
$args = array(
'blog_id' => $GLOBALS['blog_id'],
'role' => 'subscriber',
'meta_key' => 'awpcp-profile'
);
$blogusers = get_users($args);
foreach ($blogusers as $user) {
echo 'AWPCP user: ' . ($user->user_login) . '<br />';
}
}
}
// Create [killspam] shortcode to use in AWPCPusers page where all AWPCP users will be displayed
function list_AWPCP_sc($atts){
do_action('list_ad_users');
}
add_shortcode('killspam', 'list_AWPCP_sc');
This code generates only on that page the list of all users that have ads displaying the login name. You can have instead users email by replacing in the code user_login by user_email.
4. With Delete Spammers plugin I’ve displayed on screen the best users selection taking in account users with comments on blog posts.
5. Selected all users and started to uncheck the users displayed on AWPCP listing generated at the created page one by one.
6. The remaining checked users were my spammers so it was all about to press delete users button.
7. After users deletion done, either the functions.php code added and the created page aren’t necessary anymore, so delete them.
With this method I could go through all my members and apply all possible cautions before start deletion.
The catch here was to identify which users had posted ads.
Just to correct the name of the used plugin mentioned above:
It’s not delete spammers but Inactive User Deleter
Great tips. Thanks for sharing.
