Recently the WordPress.org plugin directory was redesigned and the installation instructions are no longer visible on the plugin page. So I’ve pasted the installation instructions below (they’re also in the readme.txt file).
- PHP 5.1+ (tested with PHP 5.2-7.0)
- MySQL using PHP mysqli extension (read on for details)
- WordPress 3.9+
If you are strictly assigning MySQL privileges, note that the plugin adds two column indexes, so your database account must be assigned the ALTER and CREATE privileges (if you don’t know what this means, don’t worry, you probably already have this).
- Download, unzip and upload into your plugins directory. (Or, install through the plugins menu in WordPress, just like any other plugin.)
- Go to the Plugins configuration screen in WordPress and activate. Look for the settings link to go to the User Spam Remover settings page (User Spam Remover also gets added to the left menu under “Users”).
Note: if you see mysqli errors at the top of the activation or settings page, you need to tell WordPress use use the
mysqliextension instead of the older
mysqlone. Add this line to your
wp-config.php(insert it next to all the other DB settings, near the top):
- On the settings page, you’ll need to click the “Enable” checkbox to turn the plugin on. Scroll down and change any options you like. Click “Save Changes.”
One note on logging: By default, all logging is enabled (good!), but the log directory is set to the
logsubdirectory of the plugin. While this is OK, it means your log files will be viewable over the web, so I recommend you change this directory to someplace else (i.e., if the root of your site is
/www/mysite/html, do something like
/www/mysite/log). Be sure to use
chmodor your FTP program to make this directory webserver-writable (don’t worry, User Spam Remover will warn you if it’s not).
- Once you’re done, that’s it! Feel free to use the blue “Remove spam/unused accounts now” button to test it out. User Spam Remover will run once a day automatically from now on.
What is all this mysqli vs. mysql stuff? Why are you making my life so hard?
Answer: Just put
define('WP_USE_EXT_MYSQL', FALSE);in your wp-config.php and this problem will go away forever!
Long answer: The
mysqliAPI is the new way PHP connects to MySQL, it is safe and has been around for about 15 years (since PHP 5.0 was released).
mysqlAPI was officially deprecated by PHP when they released version 5.6 and it was removed entirely from PHP in version 7.0. So you will have to stop using it at some point whether you want to or not!
For the last couple of years, with this plugin I decided to support only
mysqlibecause it is safe, it permits database transactions with rollback and can ensure the integrity of your data, while
mysqlis old and bad and I haven’t even used it in 10+ years, except for compatibility with WordPress.
Chances are that you already have
mysqliinstalled, the problem is that WordPress needs you to put that line into your wp-config.php or it will try to “detect” which API to use, and it does not do this in a particularly smart way.
Of course I could make the plugin modify your wp-config.php automatically but that is something I don’t want to do, I don’t think any plugin should be changing your system configuration.
The #1 goal of this plugin is to not harm your data, break your site, or do other bad things, that is why I am going for safety over ease of use.
I keep getting the following message when I try to activate the plugin;
Warning: get_class() expects parameter 1 to be object, resource given in /home3/andybarton/public_html/wp-content/plugins/user-spam-remover/user-spam-remover.php on line 812
Hi, WordPress user! User Spam Remover is refusing to activate because it requires the PHP mysqli database driver (and not the old, bad mysql one). This is for your own protection!
I do not understand where I need to put “define(‘WP_USE_EXT_MYSQL’, FALSE);” into my WordPress to be able to access the settings? What is DB settings?
You can put it anywhere in
I’d recommend putting it near the top of the file, where the other database settings that are being defined, but it doesn’t actually matter where in the file.
I have a question, I set this up I believe with a bit of a misunderstanding of the plugin.
My website is set up to allow people to subscribe to the site, so they are not actually contributing, but they are receiving my newsletter.
Obviously on running this, it removed the majority of my users, most of whom will receive the newsletter, but don’t require logging into site to do anything at all.
I know I can restore them, (I’m not sure yet how to do this), but can you tell me if there is a way to set this up where it will recognize non legit email addresses and remove them? That is my biggest problem, all of the spam addresses that have been registered. The legitimate email addresses in there are mainly signing up to be alerted of new content on the website.
I really appreciate your time Joel!
For how to restore users, there’s some more info in the FAQ.
The restore file is basically a text file containing a bunch of SQL commands. If you are familiar with
mysqldumpthen it is the same format. You basically just need to run this file against your database and it will re-insert all the users who have been deleted. One way to do this is just to use the
mysqlcommand from the command line, this is this example in the FAQ:
mysql your_wp_database < userspamremover.restore.sql
Alternately if you are using a MySQL admin tool like phpMyAdmin, I think the majority of those have a way to upload and execute a SQL file. The main thing to know is that it is just a standard file full of SQL commands so you can just google something like “how do I run a SQL file using [whatever tool you use]”.
I can’t help you with your last problem unfortunately, the plugin doesn’t have any capability to tell whether an email address is good or likely to be fraudulent. In my day job I do some work with Emailage, which is a company with a web service that does this.
If all you need is a simpler rule, like only allowing registrations from @somedomain.com, that’s probably a pretty simple function to create to block all other domains and not allow them to register. Or if you wanted to remove these users on the backend, you could run a SQL command like this:
DELETE FROM wp_users WHERE user_email NOT LIKE '%@somedomain.com';
(note I did not test this query!)
- The topic ‘Official Installation Instructions – And what to do about errors’ is closed to new replies.