Here are the queries I have added to my "yeskillspam" section of admin_users.php. It fully removes the user from every trace of the database.
I replaced:
PHP Code:
$db->query('UPDATE `' . table_users . '` SET `user_pass` = "63205e60098a9758101eeff9df0912ccaaca6fca3e50cdce3" WHERE `user_login` = "'.$_GET["user"].'"');
$db->query('UPDATE `' . table_users . '` SET `user_email` = "blank@blank.com" WHERE `user_login` = "'.$_GET["user"].'"');
$db->query('UPDATE `' . table_links . '` SET `link_status` = "discard" WHERE `link_author` = "'.$_GET["id"].'"');
$db->query('DELETE FROM `' . table_comments . '` WHERE `comment_user_id` = "'.$_GET["id"].'"');
with:
PHP Code:
//New Code to Truly Kill the User
$db->query('DELETE FROM `' . table_votes . '` WHERE `vote_user_id` = "'.$_GET["id"].'"');
$db->query('DELETE FROM `' . table_saved_links . '` WHERE `saved_user_id` = "'.$_GET["id"].'"');
$db->query('DELETE FROM `' . table_trackbacks . '` WHERE `trackback_user_id` = "'.$_GET["id"].'"');
$db->query('DELETE FROM `' . table_friends . '` WHERE `friend_id` = "'.$_GET["id"].'"');
$db->query('DELETE FROM `' . table_messages . '` WHERE `sender` = "'.$_GET["id"].'"');
$db->query('DELETE FROM `' . table_messages . '` WHERE `receiver` = "'.$_GET["id"].'"');
$db->query('DELETE FROM `' . table_pageviews . '` WHERE `pv_user_id` = "'.$_GET["id"].'"');
$db->query('DELETE FROM `' . table_comments . '` WHERE `comment_user_id` = "'.$_GET["id"].'"');
$db->query('DELETE FROM `' . table_links . '` WHERE `link_author` = "'.$_GET["id"].'"');
$db->query('DELETE FROM `' . table_users . '` WHERE `user_id` = "'.$_GET["id"].'"');
I have tested this code both on a local installation and a live installation and have seen no issues after killspaming a user.