Wordpress admin - wordpress

Need to reset my admin details on wordpress, I have no idea what my admin username or password is; furthermore I don't have access to phpmyadmin either as I wasn't the one to set it up. would love some feedback!

You can log in if you have access to the FTP where the site is hosted. If you have access, create a new php-file in the root directory (autologin.php for example), paste the following code and then visit your new file through the browser (link.com/autologin.php for example).
<?php
require_once('wp-load.php');
auto_login("admin"); //Change this to your username.
function auto_login($username) {
$user = get_userdatabylogin($username);
$user_id = $user->ID;
wp_set_current_user($user_id, $user_login);
wp_set_auth_cookie($user_id);
do_action('wp_login', $user_login);
wp_redirect(admin_url());
}
?>

Do you have access to the wordpress ftp?
If yes, you need to download the WP config file and now you have access to DB

You can goto phpMyAdmin
Under tables goto wp_users
Then for whichever user you want to edit details click edit
replace password and change category to MD5

Related

Change admin password in drupal 7

I am using built in Drupal 7 user module, fore user registration, forgot-your-password-emails and all that stuff.
I have forgotten my admin password. I have access to my website which is hosted on 1and1.com and also have access to mysql?
Is it possible to change password or email address through SQL so that I can access the admin page?
If it possible how? Can you somebody help me with this?
Thanks!
If you have Drush installed, you just have to enter the following command in the terminal from anywhere inside the site root.
drush upwd admin --password=mynewpassword
Here, admin is the user name; who's password will be changed to mynewpassword.
After several research I tried the following code stored it as a php file in the root directory
saved it as password-reset-admin.php
<?php
define('DRUPAL_ROOT', getcwd());
require_once DRUPAL_ROOT . '/includes/bootstrap.inc';
drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);
require_once DRUPAL_ROOT . '/includes/password.inc';
if (isset($_GET['pass']) && !empty($_GET['pass'])) {
$newhash = user_hash_password($_GET['pass']);
}
else {
die('Retry with ?pass=PASSWORD set in the URL');
}
$updatepass = db_update('users')
->fields(array(
'pass' => $newhash,
// 'name' => 'admin',
// 'mail' => 'yourmail#domain.com';
))
->condition('uid', '1', '=')
->execute();
print "Done. Please delete this file immediately!";
drupal_exit();
?>
And after that access the php file through the following:
https://yoursite.com/password-reset-admin.php?pass=newpassword
It just worked..:) Hope it helps others.
Please make sure you delete the file.
To change the password, you need to have shell access to your website. If not, download a copy of drupal 7 on your local machine.
Then, open your terminal and navigate to your Drupal 7 root folder. Then type the following command:
./scripts/password-hash.sh NEW_PASSWORD
Replace NEW_PASSWORD with the new password you need.
This will output a new password hash, copy this password and go to your database manager (phpMyAdmin or similar) and change the admin password to newly generated text.
I don't know of other way to do that, because Drupal is not using MD5 anymore and use a hashing algorithm instead.
Change directory to your Drupal's root.
Then generate the new hash.
In case of Drupal 7:
$ php scripts/password-hash.sh 'your-new-pass-here'
Then execute SQL query to update the administrator's password:
UPDATE users_field_data SET pass='$S$Do7UQjqtEELNccdi92eCXcVJ2KnwUeHrSbK3YhFm8oR3lRJQbMB2' WHERE uid = 1;
In case of Drupal 8 path to script will be:
$ php core/scripts/password-hash.sh 'your-new-pass-here'
Update DB:
UPDATE users_field_data SET pass='$S$Do7UQjqtEELNccdi92eCXcVJ2KnwUeHrSbK3YhFm8oR3lRJQbMB2' WHERE uid = 1;
Clean the cache:
DELETE FROM cache_entity WHERE cid = 'values:user:1';
If you have access to database, then...
Go to the users table in your database and change the admin's email to an email that you have access to.
Afterward, head over to yoursite.com/user/password and enter the email that just changed.
Go to your email and click on the reset link to go into your site and reset your password.
Done!
Tested and it works!
With the access to the table "users" in your Database via PhpMyAdmin for example (i.e. this table can have a prefix that you have already mentionned during the Drupal installation part, so yourPrefix_ can be your project's name as mywebsitename_, and in this case you'll have mywebsitename_users).
You should alter the "pass" column associated with the "uid" column with the value 1 (i.e 1 for the admin user account).
As the encrypted value for the password: Admin_12345 is =>
$S$DifCVXg9tNtHadziyyQJQVLAaZzW5EgS6OjR56D.mk8MpNQs1II2
You can accede to your admin account after replacing the old hashed password value stored in your database that you have totally forgotten.
Don't forget to change the password: Admin_12345 after you accede to your account with an other one.
You can generate query here and run the query in database.

How to create encrypted hash passwords for drupal 7

After searching over internet I came to know that With drupal 7, password are no more encrypted through md5.
What are possible ways to get passwords encrypted in Drupal 7??
With drupal 7, password are no more encrypted through md5.
There are several way to get/set a password in drupal7.
Using drush (for your information, not used in your case):
drush upwd admin --password="newpassword"
Without drush, if you have a cli access to the server : (for your information, not used in your case)
cd <drupal root directory>
php scripts/password-hash.sh 'myPassword'
Now copy the resultant hash and paste it into the query:
update users set name='admin', pass='pasted_big_hash_from_above' where uid=1;
Thanks Malik.
After search I found different solutions. Following solution also works
If you are working on a remote environment on which you cannot connect, you can put this specified code in a file such as password.php such as this one:
<?php
if (isset($_GET['p'])) {
require_once dirname(__FILE__) . '/includes/bootstrap.inc';
require_once dirname(__FILE__) . '/includes/password.inc';
print _password_crypt('sha512', $_GET['p'], _password_generate_salt(DRUPAL_HASH_COUNT));
exit();
}
print "No password to hash.";
And then hit your site using: http://domain.tld/password.php?p='MyPassword'. The hash will appear on your browser's tab.
Don't forget to remove it once you done it.
So, if you want to use some password function generation, have a look on _password_crypt() and _password_generate_salt()
The user_hash_password() function can be used to hash password, if you want to use it outside from outside Drupal, you need to bootstrap Drupal configuration.
chdir("/path/to/drupal");
require_once './includes/bootstrap.inc';
drupal_bootstrap(DRUPAL_BOOTSTRAP_CONFIGURATION);
user_hash_password($password);

Wordpress Delete User after Success

I have a form we want users to access only once, anonymously. We hand out randomly generated usernames and passwords to allow anonymity. I would like to delete user, log off and redirect after successful submission.
I am able to delete the user with wp_delete_user($thisId); but alwyas have a "Cannot modify header information - headers already sent" error. I'm not sure how to approach this one.
I am processing in header.php
If you process in header.php it's too late because the server is already sending the page.
Try hooking your "delete_user" function in a previous action such as init or wp like this (in functions.php):
add_action('init', 'my_delete_user_process');
function my_delete_user_process(){
// Do your stuff
$user_id = get_current_user_id()
wp_delete_user($user_id);
// Do your stuff
}

How to check user status when login into wordpress

Could you please advice me how to check user status upon login?
I have added a new field named user_flag in wp_users table to control user status. user_flag has value of active or deactivate.
I want to check this field's value when user logs in.
if value is active, then user can proceed login,
but if value is deactivate, then user can not login, and a message will be displayed to notify user that his account is deactivated and he need to contact admin to re-activate account for him to be able to login.
I looked at wp-login.php file but had no idea where to write code to check above logic, could you please advice me where to check user_flag at login time?
Thank you so much.
Stop trying to modify core code and learn to use the pluggable architecture. Also stop modifying the core database tables. You can store additional fields for users in the usermeta table with add_user_meta and retrieve them with get_user_meta. If you start modifying core code and database tables, you will never be able to upgrade wordpress.
To answer your question, use something like the following in functions.php
add_filter('wp_authenticate_user', function($user) {
if (get_user_meta($user->ID, 'user_flag', true) == 'active') {
return $user;
}
return new WP_Error('Account Not Active...');
}, 10, 2);
See https://codex.wordpress.org/Plugin_API/Filter_Reference/wp_authenticate_user

Wordpress database connection

I'm creating a wordpress business to let user register into your website. I know that wp-config.php file is used to connect to the db. But in my themes folder do I need to connect to the database again as in the code below.
connect.php
mysql_connect('localhost','xxxxx','xxxxxx');
mysql_select_db('xxxxxx');
init.php
require 'connect.php';
registration.php
include 'init.php';
I have used $connect_error = "Database error!"; in my connect.php file and key in a a wrong host and username, but it doesn't prompt me with error message. I think it doesn't connected to my database.
It is possible to connect to wordpress database from your own theme
so that whenever user will visit site they can see form which can be validate
Process is as follows :
1.To let user register into website there is need to create form on frontend
2.Create your own theme http://www.siteground.com/tutorials/wordpress/wordpress_create_theme.htm
3.Add Subscribe table to your user database with columns as name, username, password, email_id
4.In index.php file add following code to that file to connect database
$myrows = $wpdb->get_results( "INSERT INTO Subscribe(name, username, password, email_id)VALUES('$name', '$uname', '$pswd', '$email')" );
The $wpdb object is not limited to the default tables created by WordPress.
It can be used to read data from any table in the WordPress database such as custom plugin table

Resources