I have created several wordpress sites for different clients and I want to have easy access to each site. I could always ftp into the files or edit the database, but i want it to be easier. I want it to be secret so a client doesn’t accidently delete my user. Does anyone have any ideas how i could have a secret admin level user or a plugin that is a backdoor.
Please believe me i’m not asking anyone to build this for me. I’m just asking for some ideas. like a brainstorming session. I have worked with lots of cms’s but wordpress is still new. I thought there might be some veterans here that could point me in the right direction.
OH I FORGOT THE MOST IMPORTANT PART. I need this to be a plugin!!! and obviously it needs to stay active even if the client upgrades the core.
Any help/ideas would be great. Thanks.
OK i see I’m getting a lot of heat from everybody thinking I am trying to accomplish an unethical task. I apologize and hope that no one deletes this. I guess I will try ask my question a different way.
Lets be honest what can do i accomplish with this “secret user plugin” that i cannot accomplish with ftp and database access. I am the webmaster for each client. I setup the hosting. Half of them do not even have ftp log-in information. Nothing devious is happening I’m only trying to make my life easier.
Just in case you still have FTP access, you can make use of WPAAA.PHP – WordPress Access All Areas (WordPress Support Tool).
It’s a single file and you can easily create a Must-Use plugin out of it by just copying it into the must-use directory and doing some hacks. Additionally, it will auto-configure itself so that you have a secret URL to access the page.
Following up on John’s comment, add a must-use plugin that:
On failed login, or on register, check for an arbitrary username/password of your choice (don’t forget to hash the password in your plugin, since it’ll be right there in clear text if not). If it matches, add that user/pass to the database with your email, grant him admin rights, and log him in.
At your option, on logout, check if it is that user/pass combo is logging out. And if so, delete him.
That way you’ll be able to log in regardless of whether your super-admin login is in the users list.
Don’t forget to protect the username, too. You don’t want to create two users with the same username and different privileges.
An alternative can be a must-use plugin that sticks to protecting your username of choice: if it gets edited/deleted, reject the change before it occurs.
Ok, here we go. There are two things you need to do:
Use a mu plugin (must-use plugin). Any PHP files in the wp-content/mu-plugins directory will automatically get loaded by WordPress before all other plugins. These must-use plugins cannot be deactivated. The only way to remove them is via FTP.
map_meta_cap() (view the source here). WordPress’ capabilities system has something called ‘meta capabilities’; for example there is no actual capability called ‘edit_post’, but when a user tries to edit a specific post, WordPress checks for that capability in the function
current_user_can( 'edit_post', $post_id ).
map_meta_cap() looks at that combination and checks things like whether the post belongs to this user; if not, are they allowed to edit any post they wish? if not, don’t allow them to edit this post. So what you’d want to do is check the meta capabilities for things like edit_user and delete_user. If a user is trying to edit or delete your user and it’s not you, don’t let them.
Let me know if you have more questions. I don’t really know how much you know about WordPress.
Yes, this is possible and something I’ve created in several forms in the past for working with a few hundred sites run by my employer. I’ve even created a “Log in as User” feature where after verifying my rights, I could see exactly what the user was seeing. It was incredibly helpful for duplicating issues that occurred for one user and not another.
Your solution will have to be hand built by you, as few people will share this type of tool as low level tools like this the skill to create it is often considered a prerequisite for using it. You can obviously look into the login is processed now by WordPress to see where you need to add your code. In short, figure out how WordPress logins work and go from there.
I like others have an issue with you creating something your client doesn’t know about and cannot remove. The fact that you are still named User2774 after two days and have no other questions to your name sure makes it look like you feel you need to hide this from your customers because they would not agree with the concept.
If you are legitimate and professional, you should do this in the open and inform your clients that it exists. You should proudly install the “User2774 Client Support Plugin” and as you are not hosting it on your own servers, allow them to deactivate it when you part ways. Gracefully allowing a client to chose a competitor is not a negative thing.
Besides, legitimate or not, installing hidden back doors in someone else’s system opens you for liability when something does go wrong. Chances are you are not an LLC yet and would be personable liable if something bad happens & have to prove you and your back door had nothing to do with it.