The best-laid plans of mice and men often go awry. This happened to me. Over the past two months, I set out to share ten Textpattern CMS tips with you, to give you a better understanding of how Textpattern works – both behind the scenes and also on the front-end. I wanted ten tips, 5 per month for two months, and I’ve actually ended up with 15 in total. I can’t, in sound conscience, squeeze fifteen tips into a series designed for 10 – especially when the series was called Ten Textpattern Tips…so, I’m including these extra five tips. On the house. Free of charge. Gratis.
The first of five is a password reset hack. This has saved me a few times in the past on client websites where the email infrastructure was either broken or their password reset email was not available. Now, the standard route for a password reset is to hit the ‘Forgot password’ link on the login screen. This action will ask you for your name and subsequently email you a password reset option. This is all well and good, unless your email address is not available – either temporarily or permanently – or one of the servers in the chain is not handling email correctly and said email never arrives.
The way to get around this email issue is to reset the password in the database. Depending on how handy you are, you can do this from a GUI application like phpMyAdmin, or from a command line. If you’re familiar with MySQL command line syntax, the details you need are:
UPDATE txp_users SET pass=password('pass') WHERE name='user';
Don’t copy and paste this line just yet. Switch out the ‘pass’ reference to your new password and ‘user’ to the username. For example, if your username is ‘tedscoggins’ and your new password is ‘lemon^57cake!’, your syntax is:
UPDATE txp_users SET pass=password('lemon^57cake!') WHERE name='tedscoggins';
You can also run this command from the phpMyAdmin Query tab. Connect to your database, click Query and then paste in the above query. This change will be immediate, you should be able to log in straight away.
Passwords are stored in the Textpattern database in an encrypted format, and you may have picked up on the query switching your password to plain text. This is a temporary thing, and the action of logging in will encrypt your password within the database. If you want to be extra cautious, you can reset your password using the query above to a temporary password, log in with that temporary password – which will then encrypt the temporary password in the database – then switch your password to something else. This action will change the stored value of your temporary encrypted password to another encrypted password, so there’s no risk of your preferred password being stored in the database. Make sense? Leave a comment if you’re not sure.