KaisarCode

Scripting 4 freeDOM



PrestaShop 1.6 - Add User From Database

by KaisarCode

So, you've cloned a prestashop site. You have the access to the database. But, they forgot to give you an user, and FOR SOME REASON you can't ask them to create a new user for you. (Maybe they gave you a dump of the DB, you installed everything, and it's quicker to do a crappy insert than wait for the bureaucracy to happen).

Well, it's quite easy to add a new user from the database. I'll explain it by using the phpMyAdmin interface:

How?

  • Frist we need a piece of data. Go to the PrestaShop's root, and look for the "config" directory. (yes, enter)
  • Look for the file "settings.inc.php". (yes, open it)
  • Then you'll see that there's a define called _COOKIE_KEY_. (copy the value, we'll use it later)
  • Great, now go to phpMyAdmin, and in the table ps_employee
  • Insert a new row. Insert an id_profile, an id_lang, lastname, firstname, email, we'll generate the password next, and set the field active as 1. (don't save yet)
  • Ok, the password is encoded in MD5, and it's composed by the _COOKIE_KEY_, followed by your password.
  • So, no we can go to any MD5 encrypt tool online, such MD5 online, and generate your password pasting the cookie_key, followed by your password (without spaces)
  • Take the encrypted string, go back to phpMyAdmin, and now yes, and paste it in the password field (Now you can save)
  • Back in the PS Admin, login with the new email and the password (without the COOKIE_KEY), and Presta!... err, sorry, Presto! You're in, and you can proceed to screw everything up.

Why?

Why we encrypted the password outside, instead of in the database, using a MD5 function? because the field is only 32 characters long, you could modify it to accept longer inputs and then back it to normal (it's another way to do it), but, I didn't want to.


Use it wisely, and, as always, Enjoy.