Solved

How do I create a new user and password in wordpress using phpmyadmin and the site's mysql database dump?

Posted on 2014-09-16
8
420 Views
Last Modified: 2014-09-21
Hi all,

A friend of mine has just passed a couple of sites he hosted on a shared server.
He had a spat with the owner who is also a programmer and this resulted in them falling out.
It so happens that he managed to recover all his site's wordpress files from the ftp and also the
database mysql file from the phpmyadmin interface. Sadly the sites have now been cancelled from the original server.
I have copied the files to my server, uploaded the db to a new one on my phpmyadmin.
However since the site was maintained and updated by this third party, after their fight
he never gave my friend his admin login and password.

Is there a way by using let's say phpmyadmin or even the linux ssh console of the server
(I have a private VPS and I can access the server using putty) to create a new user in the wordpress database
and assign a new password to him, so that I might login to the website and make the needed updates?

thanks in advance
0
Comment
Question by:badwolfff
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 38

Expert Comment

by:Tom Beck
ID: 40327098
Look in the wp_users table using PhpMyAdmin. There, you can get the admin's user name and email address. Attempt to log in to the Wordpress site, type in the admin's user name and click "Lost your password?" A reset link will be sent the the email address. If necessary, you can change the email address to one you have access to before you begin.
0
 
LVL 70

Expert Comment

by:Jason C. Levine
ID: 40327184
Exactly.  Just change the email address of the first user in the wp-users table (typically the admin user) to something you control and do a normal password reset from there.  

There's other ways to do it, though.  Here's a fun one:

function add_admin_acct(){
	$login = 'myacct1';
	$passw = 'mypass1';
	$email = 'myacct1@mydomain.com';

	if ( !username_exists( $login )  && !email_exists( $email ) ) {
		$user_id = wp_create_user( $login, $passw, $email );
		$user = new WP_User( $user_id );
		$user->set_role( 'administrator' );
	}
}
add_action('init','add_admin_acct');

Open in new window


Ref: http://stephanis.info/2011/08/11/create-new-admin-account-in-wordpress-via-ftp/

Nice, huh?  A little code injection and you're an admin.
1
 

Author Comment

by:badwolfff
ID: 40328269
Hi,

there is something wrong with both your approaches in that these sites have an smtp issue too.
They were on another server before and the smtp configuration there was related to an email address which expired with the old domain. So when I try to send myself and email I get nothing.

Does anyone know a method that might allow me to use the linux SSH console (putty) to create a new user or find an existing user's name and change his password, using the mysql server prompt?

thanks in advance
0
 
LVL 38

Expert Comment

by:Tom Beck
ID: 40328463
Can't speak to the SSH console method.

Do you have access to another working installation of Wordpress and PhpMyAdmin? Create a new user name and password there. Go to PhpMyAdmin and copy the hash value of the password. Open the broken WP installation in PhpMyAdmin and paste the password hash into the entry for the admin account.

I don't recall ever entering specific smtp configuration into any WP installation unless I was using an email enhancer plugin. My understanding is that WP just opens an smtp connection on the host server without asking questions. Obviously you cannot relay through the old server now that you're on a different server but why would WP be attempting to do that? Is there an email plugin installed? Disable it and see if you get an email.

Another possible option is to open the functions.php file for the theme and write a function to over ride the smtp configuration as described here.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 70

Expert Comment

by:Jason C. Levine
ID: 40328767
there is something wrong with both your approaches in that these sites have an smtp issue too.

Technically, there's nothing wrong with OUR approaches.  The mail issue is just a separate thing :)

So when I try to send myself and email I get nothing.

I would think your easiest course of action is to disable the SMTP stuff if it really is an SMTP issue but other things may be at work here. Some ISPs do not allow mail() to send messages unless the sending address matches the site domain (kind of a redneck open relay protection) and your server may have other issues with deliverability of messages.  In any event, I would add an SMTP plugin and also sign up for a free Mandrill account and use that server to send all WordPress email.  It should bypass the issues you are currently describing.

an existing user's name and change his password, using the mysql server prompt?

Not sure this would work because WordPress runs the passwords through a hashing function and stores that.  It's trivial to change the password in the database but without the hash, you still couldn't login.

My understanding is that WP just opens an smtp connection on the host server without asking questions.

Sort of.  In its default state, WordPress just opens up a mail() instance and pumps mail out that way.  You can force it to use an SMTP connection instead, which I strongly recommend people do.
0
 

Author Comment

by:badwolfff
ID: 40328884
ok boys thanks for the input
when I get to office tomorrow I will try the lot :)
when I said there is something wrong, I did not mean to offend, as what I was intending to say was
that for some reason these approaches are not producing the result for me :)
thanks for the answers
0
 
LVL 70

Expert Comment

by:Jason C. Levine
ID: 40329041
I did not mean to offend

You didn't, hence the emoticon. I did want to make it clear that the solutions are technically valid so a future user can try it and the email thing is a a different, albeit severe, issue.
0
 
LVL 8

Accepted Solution

by:
Sam Cohen earned 500 total points
ID: 40333981
This is how you would do it in phpmyadmin:

Edit the wp_users table. Find any username. Change it's current password hash (example: $3tyh~24eXrt...........) to:

$P$B7wOQro/zor5JP0xcsk9VDsMS9ZCqk0

then click the Save button (or Go button).

Then login into Wordpress and and use "admin", as the password. Once logged in simply change the password to whatever you want.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
This article discusses how to create an extensible mechanism for linked drop downs.
The purpose of this video is to demonstrate how to prevent comment spam on a WordPress Website. This will be demonstrated using a Windows 8 PC. Plugin Akismet will be used. Go to your WordPress login page. This will look like the following: myw…
The purpose of this video is to demonstrate how to set up basic WordPress SEO. This will be demonstrated using a Windows 8 PC. The plugin used will be WordPress SEO by Yoast. Go to your WordPress login page. This will look like the following: myw…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now