Auto Create Admin Account

  • Imagine the scenario:

    Someone asks you to set up a WP site. They have just bought https://www.mywpsiteisfab.com and want you to ‘do all the technical things’. Once done, hand them the admin username and password so they can get on with things.

    I have a script that sets up my chosen web server’s configuration for a virtual host, creates the required directories, pulls out WP using subversion and downloads a bunch of ‘standard’ plugins (SEO, Akismet key, Analytcs, whatever, e.t.c). Now I want it to create the admin account. The only way I can find is to make an HTTP post to trigger the install, parse the HTML and note the auto-generated password.

    However, this doesn’t work, because DNS hasn’t filtered through for the recently bought domain (either forget about fiddling with the hosts file, or imagine it on a scale of to make this impractical).

    My real aim would be to have a command line (PHP?) script that will trigger install just the same as visiting the domain will, and additionally for it to be able to specify the password.

    Is there such a thing? Anyone had these kind of problems? Is this cosidered ‘hacking’? Any ideas on where to go to make my own? Thoughts? Musings?

Viewing 3 replies - 1 through 3 (of 3 total)

  • Well….
    About triggering the http-call… I don’t know if it’s possible to do that with a script….

    About changing the Admin-password:
    I see some ways to do that.
    Either you find the place in the wordpress installation files where the password is generated and replace it with something YOU control….
    or… AFTER installation you write a bit of code that changes the Admin-Password on the database directly (which would be my approach because you wouldn’t have to fiddle with the original files and could use that code with any other version of wordpress).

    Let us know about your own musings ??

    Thread Starter miradev

    (@miradev)

    I did knock up something to make the http call. But, because I can’t rely on the DNS it is not reliable enough.

    I thought of making a plugin, but that has the problem of then having to store the password in plain text. It would have to be a Mission Impossible style self-destructing plugin.

    I was hoping to find any example (even just one!) of using the WP libraries from the command line, otherwise it will end up re-inventing the wheel. Otherwise I’m left with a hit and miss approach.

    Thread Starter miradev

    (@miradev)

    Have been off on other projects for a week.

    *WARNING – PLEASE READ BELOW *

    Found a way to jimmy in the setup from a *nix command line. You need to be in the /wp-admin directory and create a file (e.g. myinstall.php):

    <?
define('WP_INSTALLING', true);

require_once('../wp-load.php');
require_once('./includes/upgrade.php');

$blog_title = 'My Blog Title';
$user_name  = 'admin';
$user_email = '[email protected]';
$blog_url   = 'https://www.mysite.com';
$public     = 1;

if( is_blog_installed() ){
  print "Blog already installed!\n";
}
else {
  define('WP_SITEURL', $blog_url);
  $result = wp_install($blog_title, $user_name, $user_email, $public) ;
  /* uncomment this if you care what the auto-generated password is. But it gets changed below.
  extract($result, EXTR_SKIP);
  echo "PASSWORD: $password\n";
  */
}

define('WP_INSTALLING', false);
$my_users = array(
  'me'    => array( 'name' => 'myname', 'email' => '[email protected]',    'pass' => 'mysite' ),
  'admin' => array( 'name' => 'admin',  'email' => '[email protected]', 'pass' => 'password'),
  );

foreach( $my_users as $user ){
  $user_id = username_exists($user['name']);
  if( !$user_id ){
    $user_id = wp_create_user($user['name'], $user['pass'], $user['email']);
    $user = new WP_User($user_id);
    $user->set_role('administrator');
  } else {
    echo "User '".$user['name']."' already exists (forcing password)\n";
    $user['ID']        = $user_id;
    $user['user_pass'] = $user['pass'];
    wp_update_user($user);
    $user = new WP_User($user_id);
    $user->set_role('administrator');
  }
?>

    Then just run it with:

    php myinstall.php

    This will trigger the WP install functions (create table, options e.t.c), then update the admin user’s password to something of your choice and create your own personal administrator account.

    Possibly WP will consider this hacking, I don’t know. But it seems something fairly simple to add the code base.

    * WARNING *
    This is just the dev version (prototype, if you will) and has usernames and passwords hard coded in it. For a production environment you should not leave a script like this in a publically accessible place (web server can see it). If you do try it out, make sure you delete it afterwards. Better yet, make the user+pass based on arguments ??

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Auto Create Admin Account’ is closed to new replies.