The other day I was contacted by someone asking me to take a look at their blog. The blog itself was fine, it was the backend that was a problem; the user had no way of adding plugins or changing settings. That alone tipped me off as to what the problem probably was, and I agreed to help them out.
I logged into the administrative side of their blog with the info he gave me, and sure enough, the side panels for sections such as “Themes”, “Users”, “Plugins” and “Settings” were all nonexistent. The problem was just what I thought it would be; his user account was set to something less than an administrator account. His user role was actually set to “Editor”.
I contacted this person and told him that he should talk to the person who set this blog up for him and have him upgrade his permissions and all his problems would be solved. As it turned out, this would be impossible. The original developer was out of the country for the foreseeable future so any user upgrades would have to be handled without him.
Since I was provided with the access info to the blog, the hosting account and the FTP info, upgrading his user account from “Editor” to “Administrator” wouldn’t be too terribly difficult. I would just have to modify some entries in the database and it would be done. That’s easy enough for a developer with basic to moderate skill levels, but what about those who are uncomfortable tinkering with MySQL?
Fortunately, there is a really simple way to adding or upgrading users to a WordPress database without having a user account with administrative privileges.
To do this, you will need three things:
- The password to the WordPress database
- FTP access to the WordPress site
- Yoast’s emergency.php file
The genius over at Yoast has an incredibly useful script for adding or upgrading user accounts in WordPress without requiring elevated privileges to do so. In my case, upgrading the one Editor account to an Administrator account went as follows.
First, I uploaded the emergency.php file to the root domain of the WordPress site. Since I had FTP access, I was able to view the wp-config.php file to get the password to the database in use.
Second, I pointed my browser to http://thiswebsite.com/emergency.php (obviously your URL will vary) and I was presented with a screen that would allow me to either create a new user or change the permissions for an existing user. In order to make any of these changes, I would need to enter the database password for security reasons.
After choosing the user I wanted to modify and entering the database password, I was brought to a second screen that contained most of the account information. From here I was able to change the user’s role to Administrator and everything became well in the universe again.
When you are done adding or changing users with this file, delete it from your site. Leaving it where others may find it is a security risk you don’t need!