Delete Multiple Entries At A Time

[perseph]

Title:
Delete Multiple Entries At A Time

Area:
Entries

Summary:
The ability to checkbox and delete a batch of entries at once.

Description:
I know that this suggestion has been put forward and once rejected, but I would like to suggest it again, if I may, and address the two areas of concern I saw:

1) Security: i.e. Someone hacks and mass-deletes the entries in your journal.

My suggestion would be that when, say 5 or more entries are checked for deletion, clicking Delete will generate an email to the owner of that account, who will then have to go into their email and click a link from there to verify deletion--as with verifying an email account when initially setting up a DW account.

2) Cost: i.e. Implementing mass-anything is very expensive, therefore a mass-deletion tool would have to be a paid feature.

That is a choice I think a lot of us would gladly be faced with. :)

MY ARGUMENT FOR: The reality of the need for a mass-deletion tool is pressing. With so many blogs and journaling sites now across the web (even as compared to two years ago when this feature was originally suggested) and with mass importation becoming indispensable, and thankfully being made easier, the only hiccup is ending up with hundreds of entries you don't need/want/imported by accident, but with which you're stuck if on DW.

A workaround is to set all unwanted entries to Private, but hundreds of unwanted entries can get in the way when you later have to work journal-wide.

Thanks.

Poll #6572 Delete Multiple Entries At A Time

Open to: Registered Users, detailed results viewable to: All, participants: 69

View Respondents

This suggestion:

View Answers

Should be implemented as-is.
27 (39.1%)

Should be implemented with changes. (please comment)
20 (29.0%)

Shouldn't be implemented.
5 (7.2%)

(I have no opinion)
17 (24.6%)

(Other: please comment)
0 (0.0%)

Comments

[denise]

I reeaaaaaaalllllly don't think an email confirmation would be enough to prevent malicious entry deletion, since about 90% of the time, someone who breaks into your account will also change the email address to one they control (so that you have to jump through more hoops to reset your password, and so that you won't notice the email notifications from people commenting with "omg, someone's doing horrible things to your account!")

Email confirmation + a requirement that the email address must have been the confirmed email address on record for the account for at least six months, or the only confirmed email address on the account if the account is younger than six months old, would be okay with me though!

[snakeling]

+1

[stormy]

Email confirmation + a requirement that the email address must have been the confirmed email address on record for the account for at least six months, or the only confirmed email address on the account if the account is younger than six months old, would be okay with me though!

That sounds extremely reasonable. That brings me to a question, too. There's the confirmed email address. On Livejournal, another email address can be added, and after a certain amount of time, I know it can kick the original address off the list. I took a look at the account settings and it looks like Dreamwidth allows only a single address which might have fixed that. True?

I'd only vote for deletion because of the importer. Sometimes there's an error or you realize - hey, I didn't want to bring all my baggage - and then have to use an external client or manual entry by entry delete to fix that. I'd consider it useful, also, if Dreamwidth ever intended to allow a DW journal to DW journal import.

[ninetydegrees]

I took a look at the account settings and it looks like Dreamwidth allows only a single address which might have fixed that.

I think it works exactly like on LJ. I'm pretty sure I had a different address when I signed up, changed it then waited six months to be able to remove it from my list of confirmed addresses. I may even have asked about it at Support but I don't have any means to find my request again so... I definitely have several listed addresses on some of my accounts.

[stormy]

Ahh, okay. I know I've been bumped off a Livejournal account before on an account I used for roleplay and an archive because I didn't often check it. Someone got their email on there, waited, and bumped mine off. Livejournal claimed I never owned it and couldn't give it back to me. That would be my only concern. That someone might see an archive of theirs, that they don't log into often, compromised.

[ninetydegrees]

Now when I change email addresses I note the date when I can move it off the list in a private entry, which I tag with something significant to me. It'd be nice to have a six-month reminder notification, though.

[stormy]

That would be handy.

[sofiaviolet]

+1

[delladea]

Email confirmation + a requirement that the email address must have been the confirmed email address on record for the account for at least six months, or the only confirmed email address on the account if the account is younger than six months old, would be okay with me though!

That is a totally reasonable compromise. This is my "yes with changes".

I somehow ended up with some duplicate entries when I first imported everything from my LJ account over a year ago. I've since gone in and deleted the duplicates one by one as I found them, but this would have been AWESOME to have.

[turlough]

+1

[stasha2g]

+1

[kyrielle]

+1.

[syderia]

This.

[instantramen]

+1

[azurelunatic]

On the one hand, this doesn't address the "oh fuck apparently the babysitter has started surfing my journal from my logged-in-to-everything computer" scenario; but on the other hand, if you do leave your computer logged in to everything and unguarded, you have more problems than disappearing journal entries; on the third hand, you don't always realize that there's a problem trusting someone who you'd trust to guard your computer with everything logged in until the problem occurs; on the gripping hand, I want an undelete option for everything with a timeout long enough so that either you meant it or you couldn't have done anything.

[matgb]

See, I know it's just an example, but even my little laptop has multiple user accounts including a "guest" account setup, the idea of using someone else's browser profile is just weird, I wouldn't ever want to do it exept to check something quickly or help them out with something.

I know that many many people don't even know about user profiles, or find them annoying, but given they exist on all flavours of Linux I've used, Mac and Windows, solving a problem caused by user daftness is something I'd rather avoid--teach people how to use profiles is better I'd have thought.

(there is an advert in the UK at the moment about cleaning products, and it includes the line "the only thing men ever clean is their internet history"; I will never, ever, be buying that product as a) it's promoting stupidity and b) I do most of the cleaning in this house. Oh, and it's setup to be horribly horribly stereotype driven sexist)

[azurelunatic]

The example was taken from true life. I didn't realize that it was not safe to leave my logged-in laptop where the babysitter (an ex) could see that I was logged in to my journal until I found out otherwise.

(He saw I was logged in to my journal. He saw that I had a chat log posted privately; the chat log was with another ex-girlfriend of his. His ethics failed its saving roll. He then proceeded to read the chat log, use my journal's access to her journal to read her filtered entries, and from there cracked into her journal to add himself to her filter, for the purpose of commenting on the filtered entries. I was irate when I found out about it, but I'd never before suspected that I would have to do anything other than allow him to switch over to the guest account.)

[matgb]

Ow, that's nasty.

And yeah--Jennie and I share a mcahine but both can log into it as the other, I trust her on that without a problem but I can see how "someone you thought you could trust" sometimes isn't.

I am broadly in favour of the proposal BTW, but do think there would need to be safeguards. I think I've deleted maybe three entries in the 7 years I've been on LJ/DW (I could go count but...), but I can see the need for safeguards.

A friend of mine had a dodgy import (when we were in closed beta) and had her entire journal imported twice--I know that the importer is now mostly fixed, but I still don't use it to import comments from LJ, even though I always mean to, because if it double imports entries I'll be really annoyed and the lack of a mass delete would put me off.

[exor674]

This could also be fixed ( and probably should anyway ) by requiring reentry of the password before mass-delete

[azurelunatic]

If I were evil, and presented with someone's wide-open computer and the need for a password, I might see about using the local lost-password feature.

Though it's been said before that anyone with access to the email account owns the account ... but that's how people lose their entire journals.

[ariestess]

+1

[rho]

I'd still be wary even in those circumstances, because of the possibility of people getting their email account broken into. I think there needs to be either a grace period where undeletion is possible, or a time lag between deletion being requested and it being carried out. Something like one email when it's requested, then another a week later.

[azurelunatic]

Indeed. The only thing that should be immediate or as fast as possible should be the hiding from public view.

[susanreads]

I agree that just an email confirmation isn't secure enough; I'll take the experts' word for it on the six month thing.

[perseph]

Email confirmation + a requirement that the email address must have been the confirmed email address on record for the account for at least six months, or the only confirmed email address on the account if the account is younger than six months old

+1 :)

[pauamma]

Not unless and until there's a working undelete feature.

[cesy]

+1

[poulpette]

My with change is for pauamma's suggestion in addition to denise's. At the very least a grace period like rho suggested.

And I think i'd be better that the email be sent each time the mass deletion tool is used, regardless of the amount of entries to be deleted. Otherwise it would be easy to go around the warning system.

[jeeps]

+1 re: denise's and pauamma's additions.

[ochibashigure]

I like the suggestions above:

Email confirmation + a requirement that the email address must have been the confirmed email address on record for the account for at least six months, or the only confirmed email address on the account if the account is younger than six months old, would be okay with me though!

An undelete feature/grace period to change your mind/lag between request and execution.

[matgb]

I approve the idea of a mass delete tool, and of the idea that it must be secure using validated passwords and similar.

However, I'm thinking that the need for a 6 month validated email address would be impossible for a new account that's just done an import.

And if the mass delete/edit tool is good enough, many people will want to import their journal from elsewhere, then go through and edit or delete stuff.

Which they wouldn't be able to do if they've just created the account and we've put a 6 month limit.

So perhaps allow a mass edit within X days/weeks of an import? Given some people will want to go through, look at tags, etc, I'd say at least a week.

[denise]

Hence my alternate provision of "or, if the account is less than six months old, account must still have had the same email address the whole time it has existed" (paraphrase). I promise you it is there :)

[matgb]

This is what I get for not rereading carefully at 2.30am...