On Mon, Mar 14, 2016 at 3:39 AM, James Cameron <qu...@laptop.org> wrote:
> On Mon, Mar 14, 2016 at 02:32:36AM -0300, Samuel Cantero wrote: > > Regarding to the inability to access the user page, I've checked our > > current users and I found 97426 users. We had a lot of spam > > here. I've checked this by doing: > > > > sqlite> select count(*) from session; > > 97426 > > Perhaps "session" is wrong table. My notes on this are; > > 0. trac.htdigest file is used to form list shown on manage user accounts, > 1. passphrase is stored in trac.htdigest file, > 2. the last login and authenticated flag are taken from session table, > > select * from session where sid = 'Quozl'; > 3. name and e-mail are taken from session_attribute table, > > select * from session_attribute where sid = 'Quozl'; > We should delete all information inside session and session_attribute tables. We don't have any trac.htdigest file. Maybe 'cause we're storing pwd in the trac database (SessionStore) [1]. The ideal would be to delete users through the trac-admin utility: - List users: trac-admin /project session list I can find here the same users that we find in the session table. - Delete users: trac-admin /project session delete <username1> ... <usernameN> But doing this for ~90.000 users is not viable. 4. deletion of the users via manage user accounts results in removal > from trac.htdigest, removal from session table, removal from > session_attribute table. > Hope that helps. > > > [...] > > I tried to remove all suspicious users with the trac-admin utility > > and directly by database but this is almost imposible. > > It may require very careful scripting, yes. Last time I looked at > that, I made a mistake deleted all users. (3rd March 2014, for > dev.laptop.org). It hasn't been a problem since. > > > I guess we should delete all users and ask them to re-register > > again. However, I don't want to proceed before your approval. > > I'm fine with that. Let's hear from others. > > -- > James Cameron > http://quozl.netrek.org/ > [1] https://trac-hacks.org/wiki/AccountManagerPlugin/AuthStores
_______________________________________________ Sugar-devel mailing list Sugar-devel@lists.sugarlabs.org http://lists.sugarlabs.org/listinfo/sugar-devel