WordPress Using phpMyAdmin to add a New User

Wishing to add a new administrator user to a WordPress website. How could I do this if I don’t have access to an existing user account?

Fortunately I had access to the hosting control panel giving me the option to use phpMyAdmin.

The equivalent actions can be created by the use of a custom php file, which is saved on the website and run once. There can be something comforting about interacting with forms rather than composing a piece of script. Potentially less chance of making an error with the forms. A script can be harder to view for malicious intent, or simply an error in copying and customising to the particular circumstance, can be catastrophic. Having said that it can be easy to click on the wrong button, a delete rather than insert, as the page is rendering.

A new user can be added to a WordPress website using phpMyAdmin, available through the hosting control panel.

Take care there are steps involved in this article which seriously affect your website.

Using phpMyAdmin we’ll add a new administrator user.

Login to your control panel and open phpMyAdmin. This is likely to be found on a page with a number of other icons. Finding this page will depend upon the layout of your hosting provider.

Once opened shown on the left are the databases associated with the account. If it’s not clear which one is used by the website this will need to be discovered.

To check which database is in use by the website return to the website control panel and click on the icon for the file manager. This will show a directory and file view. You may need to navigate into a folder called public_html. Look for and open a file called wp-config.php.

Using phpMyAdmin add user wp-config

Here we are looking for the entry define(‘DB_NAME’, ‘wordpress’); In this example the database is wordpress. Note this value, it is the database which we wish to select within phpMyAdmin.

Back to the control panel view of icons. Select phpMyAdmin once more. In the left view of the phpMyAdmin page there’s the list of databases. Select the one found previously.

Using phpMyAdmin add user table overview

WordPress uses a default table prefix of wp_ however It’s possible that the prefix of your tables may be otherwise. For ease I’m using the default in my references.

The tables which we are interested in are wp_users and wp_usermeta.

I have found that clicking on a table in the left menu list of tables allows me to see the entries and to edit these but I can’t add (insert) a new row. To do this it’s back to the list of tables in the main window with the edit options along side to the right in the row. Here I select insert.

Insert new user in table wp_users

Click on insert to open a clean entry form to add our new user details.

Using phpMyAdmin add user wp_users insert entry

In this view the fields are completed as follows:

  • ID: leave this entry
  • user_login: the login username, take care to avoid obvious entries, such as the person’s name. But, including a part of the users name will help in identification. Mix it with some additional random characters.
  • user_pass: a password for the user. Select md5 from the dropdownlist to the left and enter the password. Take care to ensure suitable complexity.
  • user_nicename: the name by which the user will be known.
  • user_email: the email address for the user
  • user_url: the website for the user, its possible that its the same as the website.
  • user_registered: select the date when the user was registered. Unless you are obsessive regards the date/time select yesterday’s date – its probably close enough.
  • user_activation_key: leave this entry
  • user_status: leave this entry
  • display_name: the name shown

Add user role abilities in table wp_usermeta

If we leave our newly created user as is we’ll be able to login but not a lot else.

Our aim is to create a new user with administrator privileges. To do this we set the capabilities of the user

If you didn’t note the id for the newly created user revisit the wp_users table to make a note of it.

Back to the home screen view of the database with the tables listed click on insert on the row for wp_usermeta.

Using phpMyAdmin add user wp_usermeta wp_capabilities

Fill in the I’d for the user, plus the fields

  • umeta_id: leave this entry
  • user_id: enter the user id value
  • meta_key: wp_capabilities
  • meta_value: a:1:{s:13:”administrator”;s:1:”1″;}

If you have changed your database prefix from wp_ don’t forget that wp_capabilies will also need to change accordingly.

There’s another entry in the wp_usermeta table to add

Using phpMyAdmin add user wp_usermeta wp_user_level

The values for this one are:

  • umeta_id: leave this entry
  • user_id: enter the user id value
  • meta_key: wp_user_level
  • meta_value: 10

A review of the list of entries, looking at the last page:

Using phpMyAdmin add user wp_usermeta list

That leaves trying to login with your newly added user and seeing whether you have administrator rights over the website.

A few simple steps, along with access to phpMyAdmin via the website hosting control panel, can be used to add an administrator user to an existing WordPress website.

Force Browser to Reload Cache From the Website

After updating a website, visitors see it as broken because their browser continues to reference the older JavaScript, JQuery and CSS files.

How to force the browsers of website visitors to make use of the newer updated support files?

Testing a website yourself its possible to refresh the browsers cache.

But for the visitor to your website this approach isn’t possible. What’s needed is for the website to tell the browser to forget the files which it has previously cached.

If its one or two files in the header or footer its possible to add an extension. But this is good for a one-off change, or at the end of a series of work, perhaps a major site update.

For example

<script type=’text/javascript’src’/jquery.js?ver=1.9.3’></script>

Note the added version number.

Changing the version number will cause the browser to get the revised file.

I’ve used this technique on images before where the image amendment, a rotation wasn’t being shown. On this occasion I added a parameter based on the edit time and date of the image.

For a website, such as WordPress, it may not be so easy to modify a file like this. If we have a child thime in use, is it worth copying the header file just to make this change?

Apache .htaccess file

For this method we’ll make use of mod_expires.

In the htaccess file make use of modexpires add the following to your .htaccess file located in the root of your website files.

<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault "access plus 60 seconds"
ExpiresByType text/html "access plus 60 seconds"
ExpiresByType image/x-icon "access plus 60 seconds"
ExpiresByType image/gif "access plus 60 seconds"
ExpiresByType image/jpeg "access plus 60 seconds"
ExpiresByType image/png "access plus 60 seconds"
ExpiresByType text/css "access plus 60 seconds"
ExpiresByType text/javascript "access plus 60 seconds"
ExpiresByType application/x-javascript "access plus 60 seconds"
</IfModule>

Include as many entries as you deem necessary, and change the time out as appropriate. I used the above rather short value so my client’s browser would reload the files, having been used heavily viewing recent changes.

The time option is given as a number plus the type, which can be:

  • seconds
  • minutes
  • hours
  • days
  • weeks
  • months
  • years

Page Header Meta Entries

Also there are entries for the top of the page header.

These can be added to the <head> section of the website file.

<meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate" />
<meta http-equiv="Pragma" content="no-cache" />
<meta http-equiv="Expires" content="0" />

For a WordPress website I added them via the functions.php file. I didn’t want to go modifying the header.php file of the theme. The child theme didn’t have a copy, so why add one purely for this and also the theme had a header builder.

function vntweb_header_metadata() {
// Post object if needed
// global $post;
// Page conditional if needed
// if( is_page() ){}
?>
<meta http-equiv="Cache-Control" content="no-cache, no-store, must-revalidate" />
<meta http-equiv="Pragma" content="no-cache" />
<meta http-equiv="Expires" content="0" />
<?php
}
add_action( 'wp_head', 'vntweb_header_metadata' );

One advantage with the use of the functions.php file is that a date test could be added. After, for example a week the addition of the meta entries could be removed.

It’s also possible to create a functions.php file to be added to each website development ,with a number of functions, enabling those which are required on a given website.

Other Options

Another approach is to use regular expressions to amend files. But this may presuppose that extensions do already exist. also looking for a simple modificatin, which isn’t prone to misinterpretatin. can be easily copied and used without the risk of doing damage I prefer the two solutions given above.

References

Inmotion hosting – apache mod expires

Stackoverflow – control web page caching

Mozilla – headers cache cotnrol

How to add Target Blank to WordPress Menu Custom Link

The WordPress menu allows the addition of custom links.

It’s a great way to supplement your menu pages with specific additional references. The links may be to social media, business or trade organisations, agents, or other related websites.

I had added custom links to the WordPress menu of a website.

A simple task, but after the links were in place reviewing the menu showed that clicking on one of these links took the visitor to the clicked link. Potential taking the visitor away from the website.

Adding the custom links to a menu I was concerned that the visitor was able to navigate away from the website.

The usual way to correct this is the addition of a target=”_blank” parameter. The links opens in a new tab or window.

Viewing the options on the custom link dialogue there were only the two text box options to complete: title and link url.

Whilst looking at one of the WordPress admin pages if you think that an option is missing it can be a good idea to expand the screen options.

I clicked on the Screen options tab at the top of the page

Together with the other options presented it included a row of checkboxes including:

  • Link Target
  • Title Attribute

Tick the checkbox for Link Target and close the screen options area.

Now revisit the custom link and the option Open link in new tab will be shown. Tick this option and save your menu.

Your added custom menu link with its custom URL and text will now open in a new browser window, rather than taking your website visitor to the new page, leaving the page which they were on.

Changing Login Text Username or Email Address

Having disabled email addresses for WordPress login I wanted to change the text, which was shown.

On the login dialogue it was showing

Username or Email Address

above the first textbox.

The mention of Email Address was now wrong and misleading.

To do this I added the following to the functions.php file

add_filter( 'gettext', 'vntweb_user_login' );
add_filter( 'ngettext', 'vntweb_user_login' );
function vntweb_user_login( $translated ) {
  $translated = str_ireplace( 'Username or Email Address', 'Username', $translated );
  return $translated;
}

Add Social Media Feeds to your WordPress Website with Feed Them Social Plugin

Feed them Social is a WordPress plugin which enables social media feeds to be displayed on your WordPress website.

Developed by SlickRemix the plugin supports feeds for:

  • Facebook
  • Twitter
  • Pinterest
  • YouTube
  • Instagram

Feeds are added by selecting the social media option from the menu and creating a shortcode for addition to the website.

As would be expecting the layout for each of the social media options is similar with a dialogue for the fetching of the token at the top. Below there are the settings particular to the feed which is being configured.

Having accepted to provide SlickRemix access to your social media its possible at a later date to revoke this permission. the method of doing this is specific to each of the social media websites.

WordPress shortcodes can be included either within the body text of a post or page, or by incorporation within the theme’s php files.

Adding Social media links

Details on adding each of the supported social media sites.

Facebook

From the left menu click on the Facebook Options link

At the top of the page click on the button “Login and get my Access Token.

This will take you to Facebook, I found an initial popup window stating that SlickRemix will receive your name and profile picture.

The next page is an option to allow SlickRemix to manage my pages. If you chose to disallow this then an access token won’t be generated.

Finally there’s a message that the access token is being received and back to the website.

Back on the website the page previously selected is shown together with its ID reference.

Click on this page reference to transfer the details into the PageId and Access token boxes above.

From the options below make your choices and click on the Save all button at the bottom.

Follow the link to the settings page to generate your shortcode.

Instagram

The Instagram layout is similar to Facebook, described above.

Click on the button to proceed.

On the Instagram website a screen is shown which confirms that Feed Them Social by SlickRemix is requesting to do the following:

  • Access your basic information: your media & profile info
  • Access public content: media & profile info of public users

Buttons are present below to either cancel or Authorise. Click on Authorise.

Note below the box there is confirmation that the apps access can be revoked at any time by clicking on revoke in the access section.

Back at the WordPress website the Instagram ID and Access token Required fields are now populated.

Make your choices from the Follow Button Options and click on Save all Changes.

Visit the Settings Page to collect your shortcode for use.

Incorporation the Shortcode

Shortcodes are used to render the feed. Its a way to tell WordPress what plugin code to incorporate, together with a number of options.

Generating Shortcode

The shortcode for each of the feeds, which have had a reference generated, is made on the settings page.

At the top of this page there is a dropdown list of the different supported feeds. Select the one which you wish to generate the shortcode for from the list.

The displayed content changes to reflect the options available.

Note if you haven’t configured the selected feed yet a link is included to its options page.

Work your way through the options and click on the button Generate shortcode at the bottom.

Using the Shortcode

Shortcodes can simply be pasted within the body text of pages and posts.

You may find having a private test page is a good way to experiment with your feed settings.

Once you are happy with the options then add the feed into the page, widget or use it within the php code used for your theme.


PHP Fatal error: include_path=’.:/usr/share/php:/usr/share/pear’

A fresh install and an installation of WordPress via the Debian apt package management gave the error

PHP Fatal error: include_path='.:/usr/share/php:/usr/share/pear'

On a development computer I chose to install WordPress via the package manager as opposed to creating Apache site directories.

With MySQL and Apache installed WordPress is added by executing, at the command prompt

apt-get install wordpress.

However, when I first navigated to the website at localhost/wordress/ rather than seeing the start of the me WordPress website creation sequence I had a blank white screen, the so called white screen of death!

Debug reporting can be enabled within the file wp-config.php, located in the root of the website. Here’s the 3 debug options, as disabled:

define('WP_DEBUG', false);
define('WP_DEBUG_LOG', false);
define('WP_DEBUG_DISPLAY', false);

The packaged Debian version relocates this to the directory

/etc/wordpress

Editing the file config-localhost.php I enabled debug logging setting my chosen options to true.

Still with a blank screen shown I chose to look at the Apache error log.

/var/log/apache2/error.log

using

tail -f /var/log/apache2/error.log

The last few lines of the log file are:

PHP Warning: require_once(/etc/wordpress/config-localhost.php): failed to open stream: Permission denied in /usr/share/wordpress/wp-config.php on line 19
PHP Fatal error: require_once(): Failed opening required '/etc/wordpress/config-localhost.php' (include_path='.:/usr/share/php:/usr/share/pear') in /usr/share/wordpress/wp-config.php on line 19
PHP Warning: require_once(/etc/wordpress/config-localhost.php): failed to open stream: Permission denied in /usr/share/wordpress/wp-config.php on line 19
PHP Fatal error: require_once(): Failed opening required '/etc/wordpress/config-localhost.php' (include_path='.:/usr/share/php:/usr/share/pear') in /usr/share/wordpress/wp-config.php on line 19

The error suggested that Pear was not installed.

To check to see if pear was installed at command prompt I typed pear

neil@abc:/home/neil# pear
bash: pear: command not found

I then installed pear using

apt-get install php-pear

Giving the following:

Suggested packages:
  php5-dev
The following NEW packages will be installed:
  php-pear
0 upgraded, 1 newly installed, 0 to remove and 107 not upgraded.
Need to get 264 kB of archives.
After this operation, 2,108 kB of additional disk space will be used.
Get:1 http://mirror.ox.ac.uk/debian testing/main amd64 php-pear all 5.6.16+dfsg-2 [264 kB]
Fetched 264 kB in 0s (625 kB/s)  
Selecting previously unselected package php-pear.
(Reading database ... 218176 files and directories currently installed.)
Preparing to unpack .../php-pear_5.6.16+dfsg-2_all.deb ...
Unpacking php-pear (5.6.16+dfsg-2) ...
Setting up php-pear (5.6.16+dfsg-2) ..

A restart of Apache

service apache2 reload

To my disappointment – no effect it still showed the error

Tue Dec 22 13:57:38.596887 2015] [:error] [pid 24889] [client ::1:41744] PHP Fatal error: require_once(): Failed opening required '/etc/wordpress/config-localhost.php' (include_path='.:/usr/share/php:/usr/share/pear') in /usr/share/wordpress/wp-config.php on line 19

I considered the permissions of the file in the directory /etc/wordpress, assigning to it the apache permissions

chown www-data:www-data /etc/wordpress/config-localhost.php

Once more I revisited the website at /localhost/wordpress

Success! I was now getting the WordPress installation.

Hide Admin Messages from Subscribers

Do you want all your WordPress logged in users to see your system messages?

Messages declaring pending plugin updates, a WordPress core update, or a notification from a plugin, all visible to any logged in user.

Lets keep the info given to registered users of your website to a minimum. We don’t wish to tell them about the status of the website.

There are a couple of areas to target:

  • Admin notifications
  • The notification bar

WordPress provides hooks to actions covering both of these areas.

By checking the capabilities of the user we can determine whether we wish to show the info.

The restriction uses actions and filters added to the file functions.php in the theme.

Admin Notifications

Perhaps the most important.

Checking to see whether the user is able to update the core first, this function determines whether to show admin notifications.

function show_update_notice_admin_only()
{
    if (!current_user_can('update_core')) {
        remove_action( 'admin_notices', 'update_nag', 3 );
    }
}
add_action( 'admin_head', 'show_update_notice_admin_only', 1 );

Notification Bar

At the top of the page there is the notification bar. Lots of content on this bar we don’t want non-admin users viewing.

So can we hide it ? – Yes, using filters.

This time we are testing to see if the user is unable to perform a couple of actions.

The first test is the management of options.  If the user is unable to do so then hide the admin notification bar.

Similarly the second test checks whether the user can update posts. If this isn’t possible then again the admin notification bar is hidden.

// show admin bar only for admins
if (!current_user_can('manage_options')) {
	add_filter('show_admin_bar', '__return_false');
}
// show admin bar only for admins and editors
if (!current_user_can('edit_posts')) {
	add_filter('show_admin_bar', '__return_false');
}

WooCommerce Cross-Sell and Upsell Products

Upsell and Cross-sell products are used in WooCommerce to increase product sales.

When do these two lists of products get shown?

Let’s begin by adding some products of each type to a product.

On the Product data section there are a number of tabs running vertically at the left with the associated configuration options in the remainder of the page.

WooCommerce Cross Sell and Upsell products: linked products

Click on the tab linked products to show the upsell and cross sell options.

Linked products are added by typing a few letters from the product name and making a selection from the resulting list.

WooCommerce Cross Sell and Upsell products: adding upsell product

In the screenshot above the upsell product of Chantenay Carrots is being added.

Upsell

Upsell products are shown when viewing a single product’s detail, its description, images, price and attributes

WooCommerce Cross Sell and Upsell products: view product

In this view we are seeing an individual product with below two sets of products, the upsell products and the related products, based on what we have seen before.

The upsell products are premium versions of the product selected to view. In this instance I’m showing the higher priced purple spouting and kalettes.

Cross-Sell

The list of cross sell products appears when viewing your basket of items.

Having made our product purchases. Click to view the basket.

WooCommerce Cross Sell and Upsell products: view basket

In this view we are seeing the configured cross sell products of carrots and potatoes.

With a cross-sell product we wish to encourage the shop visit to buy something relevant to the items in the basket. I’ve chosen to show more vegetables but a steamer/saucepan to cook the vegetables would also be appropriate.

Reset WordPress Metabox Positions

Viewing a WordPress page, post or custom entry

Having moved the sections around how do I reset.

Reset WordPress metabox positions: view post

The idea is how to restore the edit view of

Whilst developing a recent plugin I had moved the meta box sections around. But, of course, I wanted to see the default. As per a fresh installation.

So how do I reset the layout of the displayed WordPress displayed content area sections?

For this approach you’ll need access to phpMyAdmin via your hosting control panel.

The relevant saved options in the database table wp_usermeta are to be deleted.

Login to phpMyAdmin to begin.

Reset WordPress metabox positions: phpMyAdmin

In the left hand database & table menu click on the database for the WordPress website of interest.

From the top row of tab options click on SQL.

Reset WordPress metabox positions: phpMyAdmin SQL

The content entry box can be used to enter the SQL which will be used to show the specific entries in the wp_usermeta table.

wanted to reset the metabox positions after moving them round

In you PhpMyAdmin query for: (if you have a different database prefix, change that in the query, also change the user_id to yours)

SELECT * 
FROM  wp_usermeta
WHERE  user_id =1
AND  meta_key LIKE 'meta-box%'

Click on Go in the bottom right corner.

Reset WordPress metabox positions: phpMyAdmin SQL usermeta

Look at the meta_key column to determine which plugin, theme, post or whatever the entry is associated with.

Delete those values which are associated with the item which you are looking to reset, and you will get the original order back.

Easy –  I simply deleted the relevant one.

And the user id> Well its a development website on a development computer with the initial user as my admin login. So no problems there with knowing the value.

But this is cumbersome. You need to know the relevant user id. It would be better to use the user name.

This is easier to find and has less chance of making changes to the wrong account.

For this we’ll modify the SQL using a join to combine the two tables of usermeta and users.

SELECT *
FROM wp_usermeta
JOIN wp_users ON wp_usermeta.user_id = wp_users.id
WHERE wp_users.user_nicename ='neil'

As previously change the relevant parts.

In this example we’ll show all items in the usermeta table, as before. The third row shows the join with the users table. With the linkage by the associated user id.

The last line is the restrictive clause, this time using the displayed name of the user.

With a little SQL and the use of phpMyAdmin we are able to delete entries in a WordPress table, resetting the order of the metaboxes from a plugin, page or post.

WordPress Redirect to https

Your WordPress website was running as a traditional unsecured site.

Now to meet the search engine guidelines you have added a certificate and encrypted the website.

But the old unencrypted website address is still accessible.

This isn’t good for SEO with effectively two websites with the same content.

How to redirect the unencrypted traffic to the encrypted website address.

We’ll add the redirect to the .htaccess file found in the root of the website.

Shown below is the default entry in the .htacces file

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

The additional redirect rule to be added is:

RewriteCond %{ENV:HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]

And here it is the updated version, with the additional redirect rule added.

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{ENV:HTTPS} !=on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

The content of the .htaccess file may be amended via the hosting control panel or via FTP.

You may wish to take this amendment as a prompt to take a backup of your website files.