Howto to a delete lot of Zope/Plone/CPS User account ?
In a previous post, I study the way some spammers use plone user folder to spam my blog. But this time, it’s my turn. I host since a little time right now, a small CPS
website for my work. And I discovered a lot of spammer user account on it.
The main issue, is that I haven’t unset the “joinable” flag, so everybody can create a account. By the way password are sent, spammers doesn’t manage to post stuff in the personnal area.
With 300 users, and only 4 valids, I need to find a way to clean the acl_user folder. Last time I used twill, this works really great, so I decided to use the same stuff for Zope.
Here my little script:
#!/usr/bin/python
LOGIN='foo'
PASSWORD='far'
LOGIN_URL='http://your_server/manage_main'
USER_URL='http://your_server/acl_users/manage_users'
GOOD_USERS = ['jkx','foobar']
import twill
def delUsers():
twill.commands.go(USER_URL)
form = twill.commands.showforms()[0]
usernames = form.possible_items('names:list')
for u in usernames:
if u not in GOOD_USERS:
twill.commands.formvalue(1,'names:list',u)
twill.commands.showforms()
twill.commands.submit(3)
def doLogin():
twill.commands.go(LOGIN_URL)
forms = twill.commands.showforms()
twill.commands.formvalue(2,'__ac_name',LOGIN)
twill.commands.formvalue(2,'__ac_password',PASSWORD)
twill.commands.submit()
if __name__ =='__main__':
doLogin()
delUsers()
This will drop all user account (not the ones in GOOD_USERS) ..
- Plone too complicated ?
- How to spam a blog with Plone for Free :(
- Python on Rails: The bazzar
- Blog vs CMS
- Ouch: Plone 2.0 vs Plone 2.1
admin February 5th, 2007
- Zope
- Comments(1)
Nice code :)
Line 18 is genial xD:
if u(’re) not in GOOD_USERS:
:D