I think its a form of the site secret. Its used (or result of) md5 hash with the timestamp and its used as a (low) security feature.
This is PHP session data. Elgg stores sessions in the database instead of on the file system. It's exactly the same as what you'd find in your temp directory with standard PHP sessions.
I would delete all annotations owned by the deleted user in the annotation table.
Of course, if you don't happen to know the user guid for the deleted user, then you would need to write some slightly fancy SQL involving a NOT IN subquery I expect.
Something like:
SELECT * FROM elgg_annotations WHERE owner_guid > 1 AND owner_guid NOT IN (SELECT guid FROM elgg_users_entity);
should give you the bad annotations in phpMyAdmin.
So far as I know, only user entities and sites can own annotations.
But as always, back up your database before trying this kind of surgery!
OK so the bug or whatever you want to call it is fixed
Is there a patch for us pour souls that got caught in it's web to fix our databases
or is there a way to sort this out, as in, is there an upgrade option or any guidance to tell us how to fix it
I'm not really sure where to go from here
Any guidance or sugestions would be appreciated.
Thanks
May be a better developed GUI in the administration CP (control panel) will list a particular user and his activity on elgg with the options to delete such activity. In case of blog or forum posts/annotations, the admin will sometimes choose not to delete but change the user to something general like "Former Site User" (FSU). Furthermore, this FSU can be investigated to see if content is proper. Inventory list of the FSU should be displayed based on activity dates and action location with the option to delete such activity.
-ahr
Everything it is possible - we just don't have it yet.
I would delete all annotations owned by the deleted user in the annotation table.
Of course, if you don't happen to know the user guid for the deleted user, then you would need to write some slightly fancy SQL involving a NOT IN subquery I expect.
Something like:
SELECT * FROM elgg_annotations WHERE owner_guid > 1 AND owner_guid NOT IN (SELECT guid FROM elgg_users_entity);
should give you the bad annotations in phpMyAdmin.
So far as I know, only user entities and sites can own annotations.
But as always, back up your database before trying this kind of surgery!
OK so the bug or whatever you want to call it is fixed
Is there a patch for us pour souls that got caught in it's web to fix our databases
or is there a way to sort this out, as in, is there an upgrade option or any guidance to tell us how to fix it
I'm not really sure where to go from here
Any guidance or sugestions would be appreciated.
Thanks
May be a better developed GUI in the administration CP (control panel) will list a particular user and his activity on elgg with the options to delete such activity. In case of blog or forum posts/annotations, the admin will sometimes choose not to delete but change the user to something general like "Former Site User" (FSU). Furthermore, this FSU can be investigated to see if content is proper. Inventory list of the FSU should be displayed based on activity dates and action location with the option to delete such activity.
-ahr
Everything it is possible - we just don't have it yet.
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by RaĆ¼l Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.