Deleting a user and its messages don't delete quotes

Get help with installation and running phpBB 3.2.x here. Please do not post bug reports, feature requests, or extension related questions here.
njs
Registered User
Posts: 89
Joined: Mon Feb 18, 2008 10:59 pm
Location: Aveiro, Portugal

Deleting a user and its messages don't delete quotes

Post by njs »

Hi

I've got a recent request from a user to delete his user and its posts, up to here all is good, I deleted everything, but now the user realised that the quotes to his posts are still present on the board and he is threatening with a GDPR complaint.

I know this doesn't have wings to fly and this guy is just being a PITA, but is there a way to remove the quotes ?

I think it can be solved by running something like:

Code: Select all

SELECT * FROM `phpbb_posts` WHERE post_text like "%<QUOTE author=\"USERNAME%"
and load it into a script that basically does:

Code: Select all

$new_post_text = preg_replace('#<QUOTE author=\"USERNAME*>.*?</QUOTE>#si', '', $post_text);
and put it back on to the DB.

But would I need to reparse the whole posts ? or would this be enough ?

Thanks in advance for all the help and support I can get.
Last edited by njs on Mon Feb 03, 2020 9:05 am, edited 1 time in total.
User avatar
JoshyPHP
Code Contributor
Posts: 1122
Joined: Mon Jul 11, 2011 12:28 am

Re: [GDPR Violation] Deleting a user and its messages don't delete quotes

Post by JoshyPHP »

If you manage to preserve the validness of the XML, then you don't have to reparse. That's risky though (especially if you consider nested quotes) and I wouldn't recommend it unless you're comfortable fixing things.

You can use DOM manipulation rather than string manipulation so you don't accidentally make the XML invalid. The XPath query would be //QUOTE[@author="namegoeshere" or @user_id=123].
I wrote the thing that does BBCodes in 3.2+.
njs
Registered User
Posts: 89
Joined: Mon Feb 18, 2008 10:59 pm
Location: Aveiro, Portugal

Re: [GDPR Violation] Deleting a user and its messages don't delete quotes

Post by njs »

JoshyPHP wrote:
Thu Jan 30, 2020 8:45 pm
If you manage to preserve the validness of the XML, then you don't have to reparse. That's risky though (especially if you consider nested quotes) and I wouldn't recommend it unless you're comfortable fixing things.

You can use DOM manipulation rather than string manipulation so you don't accidentally make the XML invalid. The XPath query would be //QUOTE[@author="namegoeshere" or @user_id=123].
Thanks for your reply.

Will DOM manipulation work ? Are phpbb posts valid XML ? if so, Maybe that's the way to go and it's even easier.
User avatar
JoshyPHP
Code Contributor
Posts: 1122
Joined: Mon Jul 11, 2011 12:28 am

Re: [GDPR Violation] Deleting a user and its messages don't delete quotes

Post by JoshyPHP »

Any post created, edited, or reparsed on phpBB 3.2 or later will be valid XML, yes.
I wrote the thing that does BBCodes in 3.2+.
njs
Registered User
Posts: 89
Joined: Mon Feb 18, 2008 10:59 pm
Location: Aveiro, Portugal

Re: [GDPR Violation] Deleting a user and its messages don't delete quotes

Post by njs »

JoshyPHP wrote:
Thu Jan 30, 2020 8:53 pm
Any post created, edited, or reparsed on phpBB 3.2 or later will be valid XML, yes.
Awesome :) Thanks for your tip, I'll post my script once I get anything working.

Thanks
User avatar
stevemaury
Support Team Member
Support Team Member
Posts: 51362
Joined: Thu Nov 02, 2006 12:21 am
Location: The U.P.
Name: Steve
Contact:

Re: [GDPR Violation] Deleting a user and its messages don't delete quotes

Post by stevemaury »

There is no need to do this. Once a post is quoted, it is the quoter's post.
For REALLY good and VERY inexpensive hosting CLICK HERE

I can stop all your spam. I can upgrade or update your Board. PM or email me. (Paid support)
njs
Registered User
Posts: 89
Joined: Mon Feb 18, 2008 10:59 pm
Location: Aveiro, Portugal

Re: [GDPR Violation] Deleting a user and its messages don't delete quotes

Post by njs »

stevemaury wrote:
Fri Jan 31, 2020 5:07 pm
There is no need to do this. Once a post is quoted, it is the quoter's post.
I understand your point, but the content of the quoter's post might not be his, and that's where things go weird in terms of legislation, because it's quoting an original content from another user.

It's a grey area and no one knows for sure what's right and what's not, not even the legislators :D
User avatar
HiFiKabin
Community Team Member
Community Team Member
Posts: 4669
Joined: Wed May 14, 2014 9:10 am
Location: Swearing at the PC, UK
Name: James
Contact:

Re: [GDPR Violation] Deleting a user and its messages don't delete quotes

Post by HiFiKabin »

... but what are you going to do about the results that turn up in a Google Search?

The answer is of course nothing, which is where the pointlessness of this law is really shown up. For what its worth I have this as part of my GDPR agreement.
The only other information about you is that which you decide to post in the fora, whereupon it is considered to be “publicly available” as it will have been indexed by search engines as well as on-line archive sites.
User avatar
Lumpy Burgertushie
Registered User
Posts: 67786
Joined: Mon May 02, 2005 3:11 am
Contact:

Re: [GDPR Violation] Deleting a user and its messages don't delete quotes

Post by Lumpy Burgertushie »

sometimes I think there should be a great big red sign at the entrance ramp to the internet;

"REMEMBER, EVERYTHING YOU PUT ONLINE WILL BE THERE FOREVER, IF YOU DON'T WANT IT TO BE THERE FOR THE WORLD TO SEE, DON'T PUT IT ONLINE!!!"


robert
I'm baaaaaccckkkk. still doing work on donation basis. PM your needs.

Premium phpBB 3.3 Styles by PlanetStyles.net

If nobody is in the forest, does a tree really fall?
User avatar
david63
Registered User
Posts: 17801
Joined: Thu Dec 19, 2002 8:08 am
Location: Lancashire, UK
Contact:

Re: [GDPR Violation] Deleting a user and its messages don't delete quotes

Post by david63 »

Robert - I'm sure you have been told before to stop using common sense :roll: :roll:
David
Remember: You only know what you know and - you don't know what you don't know!
My CDB Contributions | How to install an extension
I will not be accepting translations for any of my extensions in Github - please post any translations in the appropriate topic.
No support requests via PM or email as they will be ignored
User avatar
Lumpy Burgertushie
Registered User
Posts: 67786
Joined: Mon May 02, 2005 3:11 am
Contact:

Re: [GDPR Violation] Deleting a user and its messages don't delete quotes

Post by Lumpy Burgertushie »

yeah, yeah, somtimes I just can't help myself.




robert
I'm baaaaaccckkkk. still doing work on donation basis. PM your needs.

Premium phpBB 3.3 Styles by PlanetStyles.net

If nobody is in the forest, does a tree really fall?
Paul
Infrastructure Team Leader
Infrastructure Team Leader
Posts: 26145
Joined: Sat Dec 04, 2004 3:44 pm
Location: The netherlands.
Name: Paul Sohier
Contact:

Re: [GDPR Violation] Deleting a user and its messages don't delete quotes

Post by Paul »

njs wrote:
Fri Jan 31, 2020 5:42 pm
stevemaury wrote:
Fri Jan 31, 2020 5:07 pm
There is no need to do this. Once a post is quoted, it is the quoter's post.
I understand your point, but the content of the quoter's post might not be his, and that's where things go weird in terms of legislation, because it's quoting an original content from another user.

It's a grey area and no one knows for sure what's right and what's not, not even the legislators :D
But the gpdr is about personal information, not just a public post. I don't think you are even required to delete his normal . post (except if there is personal info in there.), let alone the quotes.
Copyright laws and gpdr is something completely different.
Knock knock
Race condition
Who's there?

My BlogMy Photosmy phpBB Extensionscustom phpBB work & Development
njs
Registered User
Posts: 89
Joined: Mon Feb 18, 2008 10:59 pm
Location: Aveiro, Portugal

Re: [GDPR Violation] Deleting a user and its messages don't delete quotes

Post by njs »

Paul wrote:
Fri Jan 31, 2020 8:13 pm
njs wrote:
Fri Jan 31, 2020 5:42 pm
stevemaury wrote:
Fri Jan 31, 2020 5:07 pm
There is no need to do this. Once a post is quoted, it is the quoter's post.
I understand your point, but the content of the quoter's post might not be his, and that's where things go weird in terms of legislation, because it's quoting an original content from another user.

It's a grey area and no one knows for sure what's right and what's not, not even the legislators :D
But the gpdr is about personal information, not just a public post. I don't think you are even required to delete his normal . post (except if there is personal info in there.), let alone the quotes.
Copyright laws and gpdr is something completely different.
I may be confusing both, copyright and GDPR, however GDPR also grants you the ability to request access and removal of all the information/content you provided to an entity. That's why I think that quotes not being removed are still a GDPR violation, but I'm hopeful that I can be proven wrong :)
User avatar
david63
Registered User
Posts: 17801
Joined: Thu Dec 19, 2002 8:08 am
Location: Lancashire, UK
Contact:

Re: [GDPR Violation] Deleting a user and its messages don't delete quotes

Post by david63 »

njs wrote:
Fri Jan 31, 2020 9:04 pm
however GDPR also grants you the ability to request access and removal of all the information/content you provided to an entity.
That is not strictly true. You can request the removal of all personal data - the quoting of a post is not normally classified as personal.

Furthermore when GDPR came into effect you should have made all users of your board accept your Privacy Policy which set out what was/was not personal data. Anything that a user posts on a board voluntarily is not personal data and is not covered by GDPR.

This is not a phpBB issue anyway - phpBB only provide the software, how it is used and managed is a matter for site owners.
David
Remember: You only know what you know and - you don't know what you don't know!
My CDB Contributions | How to install an extension
I will not be accepting translations for any of my extensions in Github - please post any translations in the appropriate topic.
No support requests via PM or email as they will be ignored
Paul
Infrastructure Team Leader
Infrastructure Team Leader
Posts: 26145
Joined: Sat Dec 04, 2004 3:44 pm
Location: The netherlands.
Name: Paul Sohier
Contact:

Re: [GDPR Violation] Deleting a user and its messages don't delete quotes

Post by Paul »

Well, it might depend on the country, and also I am most definitely not a lawyer or a specialist about this. But, when I read this article (In Dutch, sorry) it appears that in specific cases the AVG law has an exempt specific cases like.public posts.
If you want to be sure about this, you should contact a lawyer who can actually answer you better as we can.
Knock knock
Race condition
Who's there?

My BlogMy Photosmy phpBB Extensionscustom phpBB work & Development
Post Reply

Return to “[3.2.x] Support Forum”