Note: this script works on Magento Open Source 220.127.116.11 and 1.4.0.* but does not work in the Magento Commerce Edition
As a Magento development company, we have a number of designers, developers, and project managers that need admin access to the sites that we build. As opposed to using one global admin account for our entire team, we believe it to be a much better practice to assign individual admin accounts to each team member who is going to be working on a project.
One of our developers, Matt Johnson, has developed a script to allow us to easily add an admin user to a Magento installation. Each member of our team that needs Magento admin access has a sql file that adds their admin account to Magento. When we start a new project, we run the sql script for the members of our team that is going to need access to the server. I hope you’ll find this snippet useful.
/* This is an example SQL script.
You should replace all the UPPERCASED variables.
The <USERNAME> variable can only be alphanumeric characters, and probably underscores (haven't tested)
You can either generate a password hash using the PHP code below,
or you can grab a password hash from the admin_user table from an
existing Magento install for which you know the admin password.
/* Use the following PHP script to generate a salted password hash. You can also use a straight md5 hash, but it's much more easily brute-forced
<?php $password = 'PASSWORD'; $salt = 'GF'; echo $hash = md5($salt.$password).':'.$salt; ?>
insert into admin_user
(select max(user_id) + 1 from admin_user) user_id,
'FIRST NAME' first_name,
'LAST NAME' last_name,
'HASH EXAMPLE: 178f29c8e4c6c801db90cd171e3b2b53:in' password, /* You can replace this value with an md5 hash */
(select max(extra) from admin_user where extra is not null) extra;
insert into admin_role
(select max(role_id) + 1 from admin_role) role_id,
(select role_id from admin_role where role_name = 'Administrators') parent_id,
(select user_id from admin_user where username = 'USERNAME') user_id,