Drupal 7 Superuser Password Reset

As just coming back from two weeks in the Catalan Pyrenees (Pirineu Catala) and Barcelona, and having finished reading Evil By Design I decided to I would implement my evil by design e-commerce site (as a test and more later). I have three virtual LAMP servers (alpha, beta and omega … dev, test and live). As I attempted to login into the Drupal 7 alpaha installation none of the passwords I tried were accepted, once more with dread I turn to the internet to find a solution.

I found some instructions here or here … but were is the fun in that, where is the challenge … so here it is … first the blag … the health warning … the well you know …

This script is free … no money back is guarenteed
It contains no classified material whatsoever …
It has been rigoriously tested to the point of destruction ….
100% satififaction that it does what it says in the code …
Now in full technicolor …
More effecient and effective than some advertised remedies … (see here above)
Fast acting (if correctly used)
Verbose … so no hidden extras and understandable to non perl witchies/wizzies …

Hopefully WordPress won’t mangal the code … when it mistakes perl pipe definitions.

use DBI;
my $base =  $ARGV[0];

if(-e $base) {
	if(-d $base) { $site = "$base"."sites/default/settings.php"};
	  my %conf_args = {};
	  if((-f $site) && open (DATA, "< $site")) {
      my %conf_args = {};

      while( <DATA>) {
        chomp $_;
        # jump comment rows
        next if(m/^(( |\/)\*+|#|$|\>)/);
        $m2=m/^ *\'(database|username|password|prefix)\'\ *\=> *\'([\w]*)\',$/;
        if ($1 && $2) {
          print "captured: $1 $2\n";
          $conf_args{$1} = $2;
      close (DATA);
      print "\nEnter new password: ";
      my $passwd = <STDIN>;
      chomp $passwd;
      my $cmd="php ./scripts/password-hash.sh $passwd";
      chdir "$base";
      my $has=qx/$cmd/;

      if($has =~  /hash: (.+)/) {
        my $hash=$1;
        chomp $hash;
        print "$hash\n";

        my $dbh = DBI->connect("DBI:mysql:$conf_args{'database'}", $conf_args{'username'}, $conf_args{'password'}, {RaiseError=>1})
          or die "Couldn't connect to database: " . DBI->errstr;
        my $user_tbl = "$conf_args{'prefix'}users";
        my $sql="UPDATE $user_tbl SET pass=\'$hash\' WHERE uid = 1";

        my $qu = $dbh->prepare($sql)
          or die "Prepared failed: " . $dbh->errstr;

        $affected = $qu->execute or die 'Execute failed: ' . $dbh->errstr;
          die "$dbh->errstr" if (!affected); # trap errors
          die "No rows updated" if ($affected eq '0E0');

        print "Drupal superuser account password reset!\n";

        $qu -> finish();
    else {
      print "File $site not found.\n";
else {
	print "Directory $base not found.\n";

Simple cut’n’paste into your favourite linux directory, giving the file an appropraiate name and pl extension and with cli. Run the script from the commandline.

perl the_file_name_of_your_choise.pl the_base_dir_of_your_drupal_7_installation

press return

You should consult a qualified Perl consultant before use … failure to do so is at your risk

It is recommended that you read the instructions from the first to last letter and translate them into Finnish (as I have spent the time scritping this listerning to RadioPookie). Why, it makes me more effecient … now I can listern to some Mary Chain


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s