Title: Hacklet's Replies | WordPress.org --- # Hacklet [ ](https://wordpress.org/support/users/hacklet/) * [Profile](https://wordpress.org/support/users/hacklet/) * [Topics Started](https://wordpress.org/support/users/hacklet/topics/) * [Replies Created](https://wordpress.org/support/users/hacklet/replies/) * [Reviews Written](https://wordpress.org/support/users/hacklet/reviews/) * [Topics Replied To](https://wordpress.org/support/users/hacklet/replied-to/) * [Engagements](https://wordpress.org/support/users/hacklet/engagements/) * [Favorites](https://wordpress.org/support/users/hacklet/favorites/) Search replies: ## Forum Replies Created Viewing 1 replies (of 1 total) * Forum: [Plugins](https://wordpress.org/support/forum/plugins-and-hacks/) In reply to: [[WP eCommerce] spam users in wp_users after wpsc upgrade](https://wordpress.org/support/topic/spam-users-in-wp_users-after-wpsc-upgrade/) * [Hacklet](https://wordpress.org/support/users/hacklet/) * (@hacklet) * [11 years, 10 months ago](https://wordpress.org/support/topic/spam-users-in-wp_users-after-wpsc-upgrade/page/12/#post-4448956) * Gaaah! I just upgraded to 3.8.14.1 and it made me update the database – And the 139,000+ users I had (9 of which were real) went from almost all being anonymous to almost all having no role so even the bulk erasers (which could only delete 1000 at a time anyway) couldn’t touch them … Which meant that I had to follow Pheriche’s advice and use SQL to fix it directly. * Since that was a few pages back, I’ll summarise: * > # mysql –host=localhost –user=SECRETUSER –password=SECRETPASSWORD > Welcome > to the MySQL monitor. Commands end with ; or \g. mysql> use wpblogdb; Reading > table information for completion of table and column names You can turn off > this feature to get a quicker startup with -A > Database changed > mysql> DELETE FROM wp_users WHERE ID >10; Query OK, 139201 > rows affected (2.17 sec) > mysql> DELETE FROM wp_usermeta WHERE user_id NOT IN (SELECT ID FROM wp_users); > > Query OK, 2259447 rows affected (1 min 5.54 sec) > mysql> select * from wp_users; > (just to check) 10 rows in set (0.00 sec) > mysql> exit; > Bye * … The id>10 was worked out by the fact I only had 9 legitimate users, I deleted the last spammer by hand – I was leaving a little safety gap because I am odd that way. * Thanks Pheriche… Grrrr to whoever caused this! Viewing 1 replies (of 1 total)