Add wordpress email/password to new table - wordpress

Wordpress user data (email, password , ...) stores in wp_users table.
I want to create a new table in my wordpress database and insert users email and password in my new table.
How can I do that?

this is the wrong solution and you will have issues with WordPress database updates in future. I think you can make rest API for authenticating forum users from main Wordpress site.

Related

Wordpress login issue with Administrator

I have lose administrator password, due to multiple try the email got blocked. I have added new Administrator to the Database using SQL Queries and I am able to login but I am unable to see the dashboard.
See here
WordPress didn't show the option to visit dashboard, it show the username and logout option nothing else.
You can change password of your old admin. Go to wp_user table in database and change admin password there.

How to Create a new Admin User for A WordPress Site via MySQL (PHPMyAdmin)?

My WordPress site got hacked and the WP Admin user account password was changed by the hacker. This essentially locked the user out of his admin dashboard. It is best (for situations like this) to just create a new admin user account to gain access to WP admin dashboard and fix things as needed.
Is it possible to create a new WordPress admin user account via MySQL database (without having access to your WordPress admin dashboard).
N.B: I am site owner and I have access to cPanel/Control Panel of my server.
Run below Query from msql :
INSERT INTO `wp_users` (`user_login`, `user_pass`, `user_nicename`, `user_email`, `user_status`) VALUES ('your username', MD5('your password'), 'your firstname & your lastname', 'your email', '0');
take created user id from table after successfully run query insert below queries:
INSERT INTO `wp_usermeta` (`umeta_id`, `user_id`, `meta_key`, `meta_value`) VALUES (NULL, (Select max(id) FROM wp_users), 'wp_capabilities', 'a:1:{s:13:"administrator";s:1:"1";}');
INSERT INTO `wp_usermeta` (`umeta_id`, `user_id`, `meta_key`, `meta_value`) VALUES (NULL, (Select max(id) FROM wp_users), 'wp_user_level', '10');
First of all, even if the password has been changed you should be able to reset your password using the default "Forgot My Password" process of the WordPress.
If the hacker changed your e-mail address too, then you have also to update your e-mail address.
In any way the solution is to open the PREFIX_users table ( where PREFIX_ usually is wp_ bat can be anything else ), and update the current password with a new MD5 hash of your password. Also check the column user_email if it contains the correct e-mail address.
If you like to execute a single SQL query run this:
UPDATE wp_users SET user_pass='MD5HASH', user_email='your-email-address' WHERE user_login = 'your_user_name'
The MD5HASH is the string you get when you enter here ( http://www.miraclesalad.com/webtools/md5.php ) in the text area. The MD5 hash looks like this :e10adc3949ba59abbe56e057f20f883e
The your-email-address should be equal to your e-mail address
The your_user_name should be equal to the user name you use to login the WordPress.
Finaly note, if you have prefix other than wp_ then update the wp_users with your prefix + users
By following this method, the next time you will login the WordPress Dashboard, the WordPress will replace the MD5 HASH with a new HASH that even more secure.
If you are looking to create a new user it is more complicated, because you should register also meta options with all the rules, etc.
Start by trying to replace the password and the e-mail and I think you will gain again your access.
Just checked the wordpress structure.
So, the password is a md5 one. Go to http://www.miraclesalad.com/webtools/md5.php and enter the desired password. You will need it.
If you have access to phpMyAdmin using cPanel, just go to the table wp_users or something related where users are stored, and locate the username that you want to edit. Just look for the username that matches your admin name. Click edit and paste the previously generated md5 password in the password field. Save it and you should be ready to go :)
Otherwise, using a SQL command it'd be like:
Retrieve the user ID that you want to change:
SELECT ID, user_login, user_pass FROM wp_users;
Change it's password:
UPDATE wp_users SET user_pass="****" WHERE ID = ****;
Replace the '****' for the password that you generated in the site, and the id for the ID that you retrieved in 1.
This tool lets you generate the SQL code automatically via a user interface to create a new Wordpress admin user, just modify the database name, user and and password you want, and copy/paste the code into phpMyAdmin: http://cssshowcase.co.uk/wordpress-sql-create-new-admin-user-phpmyadmin/
That's what I'm using everytime I don't know the client's admin password, and I don't want to reset their password directly. I hope it helps ;)

How to customise wordpress user authentication

I have a old website, which allow people to register and do staff. Say it is www.example.com.
Now I added a subdomain, reviews.example.com and want my users to write reviews.
The reviews.example.com is done in wordpress which works perfectly.
However, as my users already registered with the old site, ideally I want my user to use their old username and password to login to the review website. Also I would like new users to continue register in the old site and I could just write another query to insert the new user's username and password into wordpress's user table.
To custom login process for wordpress, can I apply a callback somewhere, so when wordpress login failed, I will run my custom query and create and return a wp_User object?
Or it is better to change the login code in wordpress directly? I searched wordpress code and saw the code where I could hack to put my own login logic.
Then one solution can be done
i.e
I am assuming that you made the username field and the password field
of registering and the password is visible for you.
Now once you make the wordpress install at your blog.website.com and then you need to copy the sql query which have import for your previous_users and paste in your SQL query of phpmyadmin after that you just need to add the same feild in your database as the wp-users feilds are containing then after that make your users password as MD5 crypt for that you just need to change the password type feild to MD5 crypt and your all users will be able to sign-in there.
I hope i Am clear to you.
Any Doubt you can Comment.

Export ExpressionEngine members to WordPress

I need to export all members from an ExpressionEngine site over to WordPress. How would I go about this? It seems like a daunting task to move them all over, including all their password etc. Any ideas on how to get started? It's fine if the users have to reset their password on logging into the new WordPress site if that's the case. I just can't get my head around it all...
Here's a query that will give you results which use the column names and formats that you need for your wp_users table. Since the password schemes aren't compatible, you're correct in assuming that users will have to reset their passwords.
SELECT
username as user_login,
username as user_nicename,
email as user_email,
url as user_url,
screen_name as display_name,
FROM_UNIXTIME(join_date) AS user_registered
FROM exp_members
Run that query on your EE database, export the results (via phpMyAdmin or what-have-you), then import that into your Wordpress database.

How does wordpress check admin username and password

I am creating a site admin panel and wp blog and I want to login by using same username and password as that for WP blog like admin *admin* I searched wp folder, how does it encrypt the password and how does it check if the user is admin or not..
I just got that WP used some sort of hash and md5 for encryption but do not success to create copy of that function to use it for my new panel
It is in the wp_usermeta table > metakey column > wp_user_level
If wp_user_level for a user id is 10 then he is an admin
For the password, search for the function wp_password_hash
The function is wp_hash_password and it could be overridden as per your request (it is pluggable and some plugins change the encryption mechanism for security reasons).

Resources