Quoting Myria, from the post of Thu, 23 Jun:
steps I took to excise the fakes, but please keep in mind that A) I didn't write things down, so I might forget something, B) I know diddly about SQL, C)I know diddly about MediaWiki, D) It is never, ever, ever a good idea to follow my advice on anything. Oh, and make sure you back up your database before doing anything. Maybe back it up twice. Or maybe three times. Just in case.
- Using phpMyAdmin I went into the user table and deleted all of the fake
users (hit browse, check the ones you want gone, hit delete).
not a bad idea.
- Some users had signed up during and after the waves of bot created
phonies. I renumbered the user_ids of these users to make things consecutive again, being careful to make a list of 'before' and 'after' numbers.
I advise against that! It messes up the entries in other tables where "user #348 edited this page" points to a user that is no longer there or hasn't even subscribed yet. As you pointed in points 5 and 6.
It's not a major issue since users don't have special rights on their edits in the current mediawiki versions, but in general, renumbering a database table's key is a potetial source for a mess.
I changed the user_id auto_increment to new highest user_id number +1.
I went into the user_rights table and deleted all entries past the new
highest user_id number.
lucky all of them had the same rights I guess. otherwise you might have ended with the rights of the old user given to a new one after the renumbering...
- I went into the watchlist and checked to see if there were any entries
with a user_id that had been changed and updated those (id est, if I had changed user_id 428 to 250 in the user table, I changed it in watchlist if there was an entry for that user_id).
that's the mess I meant.
might as well have left the numbers and just deleted the bots from the list... so the users' table has gaps in it, who cares?
- Two of the users with a changed user_id number had done editing on the
wiki, so I went through and searched tables that seemed likely (ignoring
...which would have been a non-issue had you just left the users with their numbers.
last but not least, one of the dangers of changing a user's UID retroactively are persistant cookies. I'm not sure how sessions are saved in MW, but there is the chance that after you renumber users, one of them will surf to the site and discover that his cookie lets him in connected as someone else (the new owner of his old UID).
in short - do not renumber users...