Wordpress user data (email, password , ...) stores in wp_users table.
I want to create a new table in my wordpress database and insert users email and password in my new table.
How can I do that?
this is the wrong solution and you will have issues with WordPress database updates in future. I think you can make rest API for authenticating forum users from main Wordpress site.
We may have been hacked as one of our links now goes to a dodgy site.
1. wp_users in our db: I checked our user_login, user_pass, user_email etc...
I use them to try and login to our wordpress account and it says one of them is incorrect would you like to reset password but we never receive anything in out inbox - not in junk mail, not anywhere etc...
As I say, in our db everything is correct.
How am I supposed to reagin my password?
You can change the password directly in phpmyadmin but you will need to convert it to a md5 hash string first. Just google md5 hash generator and write a password to convert, then you can paste the converted string into the password field for the desired user in the database.
Then when you are logged in, change password in wp-admin to make sure everything works as it should.
My WordPress site got hacked and the WP Admin user account password was changed by the hacker. This essentially locked the user out of his admin dashboard. It is best (for situations like this) to just create a new admin user account to gain access to WP admin dashboard and fix things as needed.
Is it possible to create a new WordPress admin user account via MySQL database (without having access to your WordPress admin dashboard).
N.B: I am site owner and I have access to cPanel/Control Panel of my server.
Run below Query from msql :
INSERT INTO `wp_users` (`user_login`, `user_pass`, `user_nicename`, `user_email`, `user_status`) VALUES ('your username', MD5('your password'), 'your firstname & your lastname', 'your email', '0');
take created user id from table after successfully run query insert below queries:
INSERT INTO `wp_usermeta` (`umeta_id`, `user_id`, `meta_key`, `meta_value`) VALUES (NULL, (Select max(id) FROM wp_users), 'wp_capabilities', 'a:1:{s:13:"administrator";s:1:"1";}');
INSERT INTO `wp_usermeta` (`umeta_id`, `user_id`, `meta_key`, `meta_value`) VALUES (NULL, (Select max(id) FROM wp_users), 'wp_user_level', '10');
First of all, even if the password has been changed you should be able to reset your password using the default "Forgot My Password" process of the WordPress.
If the hacker changed your e-mail address too, then you have also to update your e-mail address.
In any way the solution is to open the PREFIX_users table ( where PREFIX_ usually is wp_ bat can be anything else ), and update the current password with a new MD5 hash of your password. Also check the column user_email if it contains the correct e-mail address.
If you like to execute a single SQL query run this:
UPDATE wp_users SET user_pass='MD5HASH', user_email='your-email-address' WHERE user_login = 'your_user_name'
The MD5HASH is the string you get when you enter here ( http://www.miraclesalad.com/webtools/md5.php ) in the text area. The MD5 hash looks like this :e10adc3949ba59abbe56e057f20f883e
The your-email-address should be equal to your e-mail address
The your_user_name should be equal to the user name you use to login the WordPress.
Finaly note, if you have prefix other than wp_ then update the wp_users with your prefix + users
By following this method, the next time you will login the WordPress Dashboard, the WordPress will replace the MD5 HASH with a new HASH that even more secure.
If you are looking to create a new user it is more complicated, because you should register also meta options with all the rules, etc.
Start by trying to replace the password and the e-mail and I think you will gain again your access.
Just checked the wordpress structure.
So, the password is a md5 one. Go to http://www.miraclesalad.com/webtools/md5.php and enter the desired password. You will need it.
If you have access to phpMyAdmin using cPanel, just go to the table wp_users or something related where users are stored, and locate the username that you want to edit. Just look for the username that matches your admin name. Click edit and paste the previously generated md5 password in the password field. Save it and you should be ready to go :)
Otherwise, using a SQL command it'd be like:
Retrieve the user ID that you want to change:
SELECT ID, user_login, user_pass FROM wp_users;
Change it's password:
UPDATE wp_users SET user_pass="****" WHERE ID = ****;
Replace the '****' for the password that you generated in the site, and the id for the ID that you retrieved in 1.
This tool lets you generate the SQL code automatically via a user interface to create a new Wordpress admin user, just modify the database name, user and and password you want, and copy/paste the code into phpMyAdmin: http://cssshowcase.co.uk/wordpress-sql-create-new-admin-user-phpmyadmin/
That's what I'm using everytime I don't know the client's admin password, and I don't want to reset their password directly. I hope it helps ;)
I have a old website, which allow people to register and do staff. Say it is www.example.com.
Now I added a subdomain, reviews.example.com and want my users to write reviews.
The reviews.example.com is done in wordpress which works perfectly.
However, as my users already registered with the old site, ideally I want my user to use their old username and password to login to the review website. Also I would like new users to continue register in the old site and I could just write another query to insert the new user's username and password into wordpress's user table.
To custom login process for wordpress, can I apply a callback somewhere, so when wordpress login failed, I will run my custom query and create and return a wp_User object?
Or it is better to change the login code in wordpress directly? I searched wordpress code and saw the code where I could hack to put my own login logic.
Then one solution can be done
i.e
I am assuming that you made the username field and the password field
of registering and the password is visible for you.
Now once you make the wordpress install at your blog.website.com and then you need to copy the sql query which have import for your previous_users and paste in your SQL query of phpmyadmin after that you just need to add the same feild in your database as the wp-users feilds are containing then after that make your users password as MD5 crypt for that you just need to change the password type feild to MD5 crypt and your all users will be able to sign-in there.
I hope i Am clear to you.
Any Doubt you can Comment.
I am not a drupal guy, and would hate to have to jump in and step through a login to figure out the password reset, but I CANNOT SEEM TO RESET ADMIN PASSWORD. I have searched on this. I thought this good link would be helpful:
http://knackforge.com/blog/sivaji/different-ways-reset-drupal-admin-password
so I tried the query suggested:
UPDATE users SET name='admin', pass='$S$Drl0vgZ9yuU9uc4JyaTMHxMPriC7q/PsOUOx52fCrVQSTpI/Tu4x' WHERE uid = 1
where that specific hash is supposed to represent the password 'drupal' - well, it doesn't work.
Furthermore, though I have changed the user.email field to my email, when I try and get a reset link, nothing arrives - and I've tried several emails.
I'm thinking maybe I have an older version? How may I determine this? I'm at the point where I'm ready to do a complete new drupal install, just to snip out the working portion of the login. It shouldn't have to be that difficult! I appreciate your help. Thanks
There are two main ways to do this.
You can execute drush uli, this will generate a one time login link. By default it provides one-time login link for administrator.
If you execute "drush uli some-username", this will generate one time login link for that user.
OR
excecute "drush help user-password" (Re)Set the password for the user account with the specified name.
Examples: drush user-password someuser --password="correct horse battery" Set the password for the username someuser. #see xkcd.com/936
Arguments: someuser The name of the account to modify.
Options: --password= The new password for the account. Required.
Aliases: upwd
-- To do this, you need to ssh into the root directory of you drupal installation.