I’ve seen many articles detailing how to add an administrative user to the WordPress database using PHPMyAdmin. While this is great (and perhaps the most likely scenario), we recently had a client encounter a situation where they needed to manually inject a Subscriber into their WordPress website database. While the process is very similar, two important key-value pairs in the
wp_usermeta table will need to be entered differently — otherwise your new users will have administrative privileges!
Though this may be a niche topic, I think detailing it will help as I couldn’t turn up any Google searches on pages 1 or 2 that had anything other than tutorials on how to add Administrative users.
A company recently came to us after their pre-built WordPress theme had stopped allowing for the creation of new users via the WordPress Dashboard. It turns out the website theme they were using had become abandonware (the developers stopped maintaining/updating it) and something in the theme had broken the Add User screen. The rest of the site worked fine so, while waiting to build a new website, they still needed to get new Users entered into the system to avoid lost sales or excessive frustration from their client base.
You’ll need two things: 1) access to the PHPMyAdmin tool through your hosting provider, and 2) the confidence to learn about how to work directly with your WordPress database. Fair warning: the database is where virtually everything that WordPress considers “important” is stored, so it’s not to be taken lightly. HOWEVER, you’re also not likely to break anything if you simply follow instructions. In fact, you may learn something!
Although it may seem like everything lives “on the WordPress site”, in truth practically everything that shows up on your website is actually stored in a database created during the WordPress installation process. WordPress provides a framework of HTML (and PHP, CSS, and JS) to display this data to you and other end users. WordPress queries the database for page content, post content, user information, site settings, and much more, then simply presents that to the end user in the form of a web page. The database is where most of your WordPress site’s important stuff is stored.
Once you’ve logged in to PHPMyAdmin and opened the database that is listed in your wp-config.php file, you will want to find two tables:
wp_usermeta. Note that, depending on your host setup, the
wp prefix may be different or may have additional prefixes after it, so the main thing to look for are the two tables ending in
_users table, you can look at some existing users to see what is required to manually create a user. We’ll want to add data for:
To do this, look for the “Insert” tab near the top of PHPMyAdmin when in the correct database table. It probably defaults to “Browse”. The Insert tab will give us some handy fields for typing in info to add to the database so that we don’t have to write an actual SQL database query ourselves.
In the Insert screen, you’ll see the field names above and each should have a blank textbox beside it for us to enter data. If there are other fields besides the ones listed above, just ignore them for now. They aren’t (at the time of writing, at least) required to create a new user.
ID is a unique number that identifies each user. I prefer to look at the last user added in the table and simply choose the next number. For example, if the last user in your table has ID of 74, then create your next user using 75.
user_login is used for — you guessed it — the value that people should enter when on the WordPress login screen. This might be an email, or it may be more of a username like ‘jdoe’.
user_pass is the password for the new user and it is very important to use the MD5 function when typing in a password in this field. You can use this function by clicking on the dropdown list under “Functions” and finding MD5 in the list. This will hash (encrypt) the password you enter which is vital because WordPress does not store plain-text passwords – every password stored in the database is hashed using MD5 and, if yours is not, authentication will fail when you or your users try to login. (When you click “Login” on the dashboard login screen, WordPress will be trying to compare a hashed version of what you enter as your password to what’s in the database. If you insert a non-hashed version because you didn’t use the MD5 function then those two values will not be the same and the login will fail).
user_nicename is the nickname for the user.
user_email should be self-explanatory.
user_registered is a date and time that they signed up. If you’d like, use the icon to open the date picker and choose today’s date. Don’t worry about the exact time (which is what the 00:00:00 will represent).
user_status should be set to 0.
display_name is the pretty first name + last name combo, so enter something like “Jane Doe” here (you should insert your users real name here).
In the _usermeta table, we’ll want to link these meta fields back to our user ID from the _users table, then add some information describing the user and her permission(s).
user_id must match the ID we entered in the _users table.
meta_key must have the string:
wp_capabilities (UNLESS your default table prefix has been changed — again, looking at an existing user for their meta_key values will help).
meta_value should be:
Next, you can either click Go and then click on the “Insert” tab again, OR you can continue scrolling down and enter a second set of meta values on the same entry screen as the above.
Again, user_id must match the ID from the _users table
meta_key should be
wp_user_level (again, assuming the table prefix is set to default otherwise change the prefix accordingly)
meta_value for a basic Subscriber might be: 0 (so that your Subscriber has no additional capabilities) though it’s important to note that these values were deprecated years ago. Only certain legacy plugins or very old installations of WordPress (versions 2.0 and below) will require the wp_user_level value.
I’ve added a brief explanation in each section in order to help demystify the process. Hopefully, this will provide you with what you need in order to manually inject a Subscriber user into your WordPress database using PHPMyAdmin.