I had a user sign onto our system and post a viagra ad on their profile. I was able to delete the user account but not the profile, help?
http://dpaweb.hss.state.ak.us/training/moodle/user/view.php?id=72&course=1
If you delete malicious user profile from Administration menu the user is only marked deleted but all data is in database and user folders.
Set first from Administration -> Security -> Site policies
Force users to login for profiles
and if you have phpmyadmin or some other tool to use mysql find table mdl_user and from that table row with id 72
This person or bot has probably not done anything else - only saved the profile so you can delete that row with id 72 with 
or use a command like
DELETE FROM `mdl_user` WHERE `id` = 72
Hi Mauno,
I have had several of these bogus accounts created with spam profiles. I have changed my admin setting to force users to login for profiles now, but I would like all those spam profiles to be deleted. Some of these are coming up when searching for our site. Now, they are directed to a page that says you have to be logged in, but I would reather the profile just be completely removed.
What would you recommend? I am guessing we had about 100 of these profiles created.
Thanks!
If you do a direct query on the database looking for
something like
select * from mdl_user where description like '%img%*
I suspect all your bogus accounts will show up.
You should then be able to do a
delete from mdl_user where description like '%img%'
(Be careful with that command as deleting from user can be a dangerous exercise, perhaps take a backup first)
I got so fed up with descriptions offering horse porn (?????) I resized the description field to two characters. It does mean nobody can have a meaningful description but at least I get to amuse myself by the failed attempts at creating profiles with spammy descriptions
MG
something like
select * from mdl_user where description like '%img%*
I suspect all your bogus accounts will show up.
You should then be able to do a
delete from mdl_user where description like '%img%'
(Be careful with that command as deleting from user can be a dangerous exercise, perhaps take a backup first)
I got so fed up with descriptions offering horse porn (?????) I resized the description field to two characters. It does mean nobody can have a meaningful description but at least I get to amuse myself by the failed attempts at creating profiles with spammy descriptions
MG
I have also had these bogus users - about 20 I deleted them as users and then looked in the database mdl_user for all records that had deleted set to 1. Then I deleted all the found records.
se
se
This is good if you are confident that they haven't undertaken any activity. I run a regular query built in the form, just adding terms to the list when I find the devious marketers are punting something else out:
UPDATE mdl_user
SET username='timestamp' || email, email='', password='xxx', firstname='xxx', lastname='xxx', description = '', deleted = 1
WHERE description LIKE '%horse porn%'
OR description LIKE '%etc%';
This makes it highly likely that the account will be of any use to the spammer without deleting any rows.
UPDATE mdl_user
SET username='timestamp' || email, email='', password='xxx', firstname='xxx', lastname='xxx', description = '', deleted = 1
WHERE description LIKE '%horse porn%'
OR description LIKE '%etc%';
This makes it highly likely that the account will be of any use to the spammer without deleting any rows.
Sorry, but I have just had it pointed out to me that my message should have read:
This makes it highly UN-likely that the account will be of any use to the spammer ...
This makes it highly UN-likely that the account will be of any use to the spammer ...
Hi,
Please see Reducing spam in Moodle for advice on preventing/reducing the chance of spammers creating an account on your site.
Please see Reducing spam in Moodle for advice on preventing/reducing the chance of spammers creating an account on your site.