We build. You grow.

Get best community software here

Start a social network, a fan-site, an education project with oxwall - free opensource community software

Solution to SPAM | Forum

Topic location: Forum home » Support » General Questions
John Jan 17 '12
I have 230 members in my commnity. There are 3 or 4 new spam members each day. I manually delete them but my patience is wearing thin.

As there appears to be no Spam protection I am thinking of writing a hack php script to seach for spam directly in the database then delete the user and everything that they have written.

For example look for any content containing the word viagra then deleting all content by the user who wrote it.

I notice that when a member is deleted by the admin all their posts etc are removed.

Can someone who is in development tell me the SQL I could use to delete a member and everything that they have written given their ID.

Oxwall software is very good but in my opinion anti spam is the number one priority. Nobody will continue to use Oxwall if they have to spend hours a day removing spam.

At the very least it should be possible to not publish stuff until it has been approved.

But any help with the deletion SQL for a quick fix would be appreciated.

Richard Carr
Richard Carr Jan 17 '12
Hi john i had this problem for a while also and when i deleted them they would create another account straight away..annoying...i started to just suspend their accounts and i think they finally got sick of creating new email addresses or something..the only problem doing this was i had to manually delete their content..sorry cant be of more help - some sort of spam detector like your talking about a word detection system might be good
John Jan 18 '12
I downloaded the entire database using PHPmyadmin.
My forum is completely riddled with spam.
It is so dismaying it makes me want to delete the whole thing.

As nobody has answered me I have started to work out how to properly delete all the content of a spammer.

I found out that when a user is deleted the messages they have sent are not deleted. One person had left 700 spam messages behind.

This is the work in progress:
999 is the user_id of the bad person.


FROM `ow_mailbox_message`
WHERE `senderId` =999


FROM `ow_ajaxim_message`
WHERE `from` =999


FROM `ow_base_component_entity_setting`
WHERE `entityId` =999


FROM `ow_base_component_place_cache`
WHERE `entityId` =999

FROM `ow_forum_post`
WHERE `userId` =999

Michael I.
Michael I. Jan 20 '12
Please consider about suggesting a anti-spam plugin at oxwall.uservoice.com and if other users find it useful, our team will eventually release it one day.
Paul Jan 21 '12
To prevent spam, ensure that your members have to confirm their email on signup by going to the Admin panel, selecting User Settings-->General.  Then ensure that the "Confirm Email" box is checked.  By doing this, members can't do anything on the site until they've confirmed their email address.

Half the battle is ensuring is ensuring that your signups are real people!!
Michael I.
Michael I. Jan 23 '12
That's a pretty neat solution to reduce the number of spammers on your site you shared, Paul!
Michael Leader
Michael Jan 26 '12
I personally have email verification on but I also have the default role set to "unverified" and it has very limited permissions.   I then goto each account and mark it as verified manually which gives them the permissions to use the site.  I can do it this way because my site is small and limited to a specialised audience so I can inspect each member.

Anti spam should be enabled now where a member sending messages quickly should be prompted a captcha to ensure is isn't an automated process.

I feel your pain with removing messages.  I had to do this earlier and it was a constant hunt through the db to eliminate them.
Instead of a plugin can it be implimented as an admin function, "Purge user" where it will remove all references in the required tables.
It shouldnt be hard to create this... Using the userID as the variable and inject the query to your DB.
Am I right, if it were a stored procedure in the db it would be easy to call via php? having a text field as the variable input?

Michael Leader
Michael Jan 26 '12
I don't know if this is of any use...

Mark Feb 5 '12
what has worked for me is 

1) have all members confirm their email which means that each member must have a real email account to access the site

2) never delete spammers just suspend them, this means that they have to then create a new email account should they want to re-register.

3) promote some standard members to moderators and have then fight the battle for you
Dromen Mar 13 '13

I set "avatar upload" on "required" (settings>user settings>registration) and hope no more spam ;)

Alia Team
Alia Mar 14 '13
Dromen, it is also a good idea to create a custom "text" type of field and make it required upon registration.