How many times you forgot the password or login to the website you managing. I forgot a lot of times, mostly because I didn’t save the password in the Password manager. Or I don’t get the credentials from my client. Luckily, there’s an easy way to login to the WordPress admin panel, having only the file access.
The short answer is: use the wp_set_auth_cookie()
function! It will save a session cookie for the provided user ID. Session cookie means you are logged in.
Here’s the snippet I’ve been using for a long time if I don’t know the user ID (plot twist – it’s not always 1
).
add_action( 'send_headers', function() {
if ( ! isset( $_GET['secure-hash-295g785j46v-change-this'] ) || is_user_logged_in() ) {
return;
}
$admins = get_users( [
'role' => 'administrator',
] );
$remember = true;
wp_set_auth_cookie( $admins[0]->ID, $remember );
// Refresh the page.
header( 'Refresh: 0' );
} );
If I do know the user ID, I’m using this shorter version.
add_action( 'send_headers', function() {
if ( ! isset( $_GET['secure-hash-295g785j46v-change-this'] ) || is_user_logged_in() ) {
return;
}
$user_id = 123;
$remember = true;
wp_set_auth_cookie( $user_id, $remember );
// Refresh the page.
header( 'Refresh: 0' );
} );
After placing this snippet into any plugin or in theme’s function.php
file, simply go to the address: https://your.website/?secure-hash-295g785j46v-change-this
Voila, you are logged in 🎉
Don’t forget to remove the snippet immediately!
PS. For your convenience, I’ve created Gist with the above snippets.
Awesome
It will be very useful for development phase
Thanks for sharing this amazing article.