Many extra columns being generated with long string random names

I don’t know what is causing the extra columns. I’ve never seen that. I wonder if your form got spammed somehow.

If you can finally get those entries to display in the dashboard view, you can delete those form submissions which have values in those columns. When you do that, the columns will disappear.

Alternatively, you can try to delete the columns in the DB. You would have to know the column names. Then you execute a query like this to delete:

delete from wp_cf7dbplugin_submits
where field_name in ( 'abaaa923slgs911quptta13', 'bad_field2', 'bad_field3')

To get a list of column names, you might try doing a CVS export of the form. Open the .csv file and the first row should have all the column names.

Thanks for the response. The extra columns belong to legit submissions, so we can’t delete those entries. So they aren’t spam submissions. Just some weird random data generation?
We have a new form on the site (a wait list, as the event filled up) – will monitor that and see if it keeps happening…

I’m experiencing the same thing. Looking into cf7dbplugin_submits, I’m seeing field name ‘957ade62519e51a3648b5b05cd989d07’ with field_value ‘819689df9c7ad20927a31e87496c89bc’ as an example. These are legit submissions and field/value pair changes with a different 32char alphanumeric string. I’m almost suspecting some type of anti-spam plugin that might be doing this. I use WP-Spamshield and WPBruiser.

Thoughts?

Now that’s very interesting, I am also using WP-Spamshield on our site. You could be onto something.
I see that all 3 plugins have recent updates (cf7, cf7db, and wp-spamshield), hoping that fixes things.

I’m running the latest of all the plugins, and the problem is still happening. Might be a conflict.. could be sticky to fix. Do cf7/cf7db developers read this?

I don’t know what’s causing these fields, but I have a work-around that will prevent CFDB from saving them.

The assumption that I’m making is that all of these fields names are 32-letters long and are hexadecimal (i.e. letters are a-f or numbers)

1. Go to CFDB Options page in the dashboard
2. Find the option Do not save fields in DB named (comma-separated list, no spaces)
3. In it, you probably already have the value /.*wpcf7.*/,_wpnonce
4. Add on to that a regular express to match 32-letter-long hex field names. The value in that field become:
/.*wpcf7.*/,_wpnonce,/^[a-f0-9]{32}$/
5. Save
6. Test a form submission. Verify that you get all the form fields that you want, but no extra fields.

Hi Michael,
I’m having the same problem with the extra form fields (I’m running WP-Spamshield as well) and although I’ve put in the /^[a-f0-9]{32}$/ code it’s still giving me unnecessary fields with weird hex names.
Any suggestions?

Has anyone complained to the WP-Spamshield forum about this? Evidently its injecting all these fields.

Give me a couple examples of the field names.

Hi Michael,
Thanks so much for your quick response.
I have only just started using WP-Spamshield (since I was told it was a good alternative to Akismet) so I haven’t checked the forums.

Some field examples are:
bc1eff3a7538dba22de58c40226b0dfc
074ae74c4a92fcd33b1e768195228e74
c4d073e06890bb80ade890328050a5d0

I’ve just run a test using Contact Form 7 and WP-Spamshield.

When I do submissions, I get these extra columns:
8b0f5ef952d1ec9aa917165adaec3ed6
1be2cfef6555123a3e08bd37acdd8d1f
WP55T3S7XJS2
r3f5x9JS

Then I apply this setting as described above:
/.*wpcf7.*/,_wpnonce,/^[a-f0-9]{32}$/

when I submit new entries, It no longer saves values for the 2 fields with 32-letter length hex names.

I aways get the same column names form. So I could also stop them by listing them by name:
/.*wpcf7.*/,_wpnonce,8b0f5ef952d1ec9aa917165adaec3ed6,1be2cfef6555123a3e08bd37acdd8d1f,WP55T3S7XJS2,r3f5x9JS

Thanks for working on this!
I decided to ditch WP-SpamShield and use Anti-Spam by CleanTalk instead. Bought your CFDB Editor plugin so I could import cleaned-up data into new copies of my forms. No more extra columns now and my client is very happy with the editing ability. (we needed to do a bulk import anyway)

In the forms I cleaned up there were over 100 extra columns with unique 32-character names and field values. This was for 300 rows.

Some groups of up to 4 entries submitted within a few minutes of each other share the same value for one of those columns.

Also got those other 2 columns: WP55T3S7XJS2 (always the same value of 7H5W8K53HX) and r3f5x9JS (seems to be the referring URL).

Hi Michael,
I too ditched WP-Spamshield and installed Anti-Spam in order to see if things ended up differently.
I tried adding the exact names of the rows (as you demonstrated) in your post but this didn’t do anything.

If you have a look at: https://uploadpie.com/BiqEv you can see what I’m getting at!

Thanks

Hi Michael,

Just thought I’d let you know that your regex suggestion works beautifully for WP-SpamShield:
/.*wpcf7.*/,_wpnonce,/^[a-f0-9]{32}$/

It may be worth noting that on your FAQ page too. Not necessarily for WP-SpamShield specifically, but as a general suggestion for those encountering such an issue when using any anti-spam plugin.

Keep up the great work!