How do I combat SPAM?

We did it slighly different (difference between registering and last login less than 3 sec.) but it worked very efficient (OJS 3.1.2.4):

SELECT * FROM users WHERE user_id NOT IN (SELECT user_id FROM roles) AND (UNIX_TIMESTAMP(date_last_login) - UNIX_TIMESTAMP(date_registered) < 3) and must_change_password = 0

*edit: I forgot the last part which excludes users, especially potential reviewers, created by the administrator but which never logged in themselves.

3 Likes

Thanks you all for this thread. It’s really useful.

I compiled all the sql-snippets in a wiki-page here to keep working together on them:

Feel free to modify or extend.

We have created a php script (spamkiller.php) by copying the codes presented here and then we changed nothing except two reference paths ( file and echo exec).

As it is, this tool only works on one merge at a time, but it can be scripted. An example php script would be:…

We saved our spam list in a text file called “names.txt”. When we run the script using root user (php spamkiller.php) it says …public_html/tools/mergeUsers.php: Permission denied
Are we missing something?

Does the Enable Account Validation feature work the same for accounts registered by the managers? Must the users registered by them validate their account too?

Also, does it clean previously registered users too?

Hi @pmelo, @gobeshona,

This is an older post and OJS has changed significantly since this original post. Can you please create new separate posts outlining your issue please? This will help avoid clutter and keep the forum organized.

Best regards,

Roger
PKP Team