Drupal 8 password reset on GoDaddy without ssh


New day new challenge :) If you have a site on GoDaddy's shared hosting you get cPanel and phpMyAdmin but no ssh which is sad but that's shared hosting. Resetting the password on Drupal 8 is possible but not easy.

Use the php script on this page that you need to upload to your root of the site. I copied the script here as well.

Create a file name with hard to guess name like "mypassword.php" :)

  1. <?php
  2. use Drupal\Core\DrupalKernel;
  3. use Symfony\Component\HttpFoundation\Request;
  4.  
  5. if (pathinfo(__FILE__, PATHINFO_FILENAME) == 'admin-pass-reset') {
  6.   die('Please change your file name to a random string to continue');
  7. }
  8.  
  9. // Boot Drupal.
  10. $autoloader = require __DIR__ . '/autoload.php';
  11.  
  12. $request = Request::createFromGlobals();
  13. $kernel = DrupalKernel::createFromRequest($request, $autoloader, 'prod', FALSE);
  14. $kernel->boot();
  15.  
  16. // Get password hasher service.
  17. $password_hasher = $kernel->getContainer()->get('password');
  18.  
  19. // Hash password.
  20. if (isset($_GET['pass']) && !empty($_GET['pass'])) {
  21.  $newhash =  $password_hasher->hash($_GET['pass']);
  22. }
  23. else {
  24.   die('Retry with ?pass=PASSWORD set in the URL');
  25. }
  26.  
  27. // Update user password.
  28. $updatepass = Drupal::database()->update('users_field_data')
  29.   ->fields(array(
  30.     'pass' => $newhash,
  31. //  'name' => 'admin',
  32. //      'mail' => '<a href="mailto:yourmail@example.com">yourmail@example.com</a>'
  33.   ))
  34.   ->condition('uid', '1', '=')
  35.   ->execute();
  36.  
  37. // Clean user 1 cache.
  38. Drupal::cache('entity')->delete('values:user:1');
  39.  
  40. print "Done. Please delete this file as soon as possible";  

Then go to this url to reset the password.
www.example.com/mypassword.php?pass=newpassword

This will set the password of user 1 to "newpassword" or whatever argument you pass. Don't forget to delete the file as well from the server.

Enjoy and use it at your own risk.

Syndications

Webmentions

Similar posts

Ravi Sagar Newsletter

Honestly I hardly send out mails but I guess there is no harm in at least having a newsletter. I will only send newsletter when I have something important to share or an update. People are busy and no one has time to read emails these days. If you really like my content then I guess you will remember my site and come back for more.

Want to contact me?