-
Notifications
You must be signed in to change notification settings - Fork 59
/
Copy pathreset_password.php
128 lines (116 loc) · 4.1 KB
/
reset_password.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
<?php
/**
* SUMMARY:
* This script will reset the password and email for a MODX user for websites running MODX Revolution
* (2.2.0 or greater). It was developed as a back-door utility for getting into sites where I had
* been inadvertently locked out. THIS SCRIPT IS INTENDED TO BE USED FOR PEACEFUL
* RESOPONSIBLE PURPOSES BUT IT CAN BE USED MALICIOUSLY!!! BEWARE!!!
*
* USAGE:
* 1. Upload this script to the Revo website where you need to reset the password, e.g. to the docroot.
* 2. Edit the configuration details, including the $username, $password, and $email. The username
* is what uniquely identifies the user (not the email). If you put this script somewhere other than
* alongside the MODX index.php file, you must also update the $path_to_docroot.
* 3. Run the script, e.g. by visiting it in a browser: http://yoursite.com/reset_password.php
* 4. After you verify that the new user has been created, delete this script from the site.
*
* USE THIS SCRIPT AT YOUR OWN RISK!!!
*
* See also:
* http://rtfm.modx.com/display/revolution20/Resetting+a+User+Password+Manually
*
* AUTHOR:
* Everett Griffiths (everett@craftsmancoding.com)
* http://craftsmancoding.com/
*/
//------------------------------------------------------------------------------
// CONFIGURATION
//------------------------------------------------------------------------------
// Reset the password and email of an existing user
// and ensure they are a member of the specified group
$username = '';
$password = '';
$email = '';
$user_group = 1; // 1 for Administrator
$user_role = 2; // 2 for Super User
// Leave blank if the script is placed inside the docroot
$path_to_docroot = '';
//------------------------------------------------------------------------------
// DO NOT EDIT BELOW THIS LINE
//------------------------------------------------------------------------------
if (empty($username) || empty($password) || empty($email)) {
print 'ERROR: Missing criteria.';
exit;
}
define('MODX_API_MODE', true);
// Full path to the MODX index.php file
require_once($path_to_docroot.'index.php');
if (empty($username) || empty($password) || empty($email)) {
print 'ERROR: Missing criteria.';
exit;
}
if (!class_exists('modX') || !defined('MODX_CORE_PATH')) {
print 'modX not found.';
exit;
}
$modx= new modX();
$modx->initialize('mgr');
if (!$modx) {
print 'MODX not initialized correctly.';
exit;
}
$query = $modx->newQuery('modUser');
$query->where( array('username'=>$username) );
$user = $modx->getObject('modUser', $query);
//$user = $modx->getObject('modUser', 6486);
if (!$user) {
print "ERROR: No user with username $username";
exit;
}
// Set user details.
$user->set('username',$username);
$user->set('active',1);
$user->set('password', $password);
// Sometimes the profile isn't available until we explicitly get it
$profile = $user->getOne('Profile');
if (!$profile) {
$profile = $modx->newObject('modUserProfile');
$user->addOne($profile);
}
$user->Profile->set('email', $email);
$user->Profile->set('blocked', 0);
$user->Profile->set('blockeduntil', 0);
$user->Profile->set('blockedafter', 0);
// Verify the user is a member of specified User Group
$is_member = false;
if (!empty($user->UserGroupMembers)) {
foreach ($user->UserGroupMembers as $UserGroupMembers) {
if ($UserGroupMembers->get('user_group') == $user_group) {
$is_member = true;
break;
}
}
}
// Add the User to the User Group if he is not a member
if (!$is_member) {
// Verify the user group exists
$UserGroup = $modx->getObject('modUserGroup', $user_group);
if (!$UserGroup) {
print "ERROR: User Group $user_group does not exist.";
exit;
}
$Member = $modx->newObject('modUserGroupMember');
$Member->set('user_group', $user_group);
$Member->set('member', $user->get('id'));
// Super User = role 2
$Member->set('role', $user_role);
$Member->set('rank', 0);
$user->addOne($Member,'UserGroupMembers');
}
/* save user */
if (!$user->save()) {
print 'ERROR: Could not save user.';
exit;
}
print "SUCCESS: User $username updated.";
/*EOF*/