Joomla! 1.5 create new admin user via MySQL and phpMyAdmin

If you need to gain administrator access to a Joomla! 1.5 website where the admin password is not known (forgotten or the original admin is no longer available) you can resolve the situation by adding a new administrator user through MySQL.

For this, obviously, you need to now the database credentials. This is how you do it using MySQL and phpMyAdmin. Click on the images below to see them enlarged.

  1. Log in to phpMyAdmin using the credentials for the Joomla! database
  2. Go to the table jos_users and go to the last record. If your last user id is less than 1000 you can use the values in this example. Otherwise you have to adapt it to a user id larger than your last user id (if you have less than 1000 users in your Joomla! database user id 1000 will be fine).
  3. Insert a new record into the jos_users table:
    Joomla! 1.5 create new admin user via MySQL and phpMyAdmin step 1

    Joomla! 1.5 create new admin user via MySQL and phpMyAdmin step 1

    id = 1000
    name = A new administrator
    username = admin2
    email = admin2@example.com (or perhaps your own email address ;))
    password = d2064d358136996bd22421584a7cb33e:trd7TvKHx6dMeoMmBVxYmg0vuXEA4199
    usertype = Super Administrator
    block = 0
    sendEmail = 1
    gid = 25

    Then click on Run to save the entry

  4. Go to the table jos_core_acl_aro and insert a new record:
    Joomla! 1.5 create new admin user via MySQL and phpMyAdmin step 2

    Joomla! 1.5 create new admin user via MySQL and phpMyAdmin step 2

    id = 1000
    section_value = users
    value = 1000
    order_value = 0
    name = Administrator
    hidden = 0

    Then click on Run to save the entry

  5. Go to the table jos_core_acl_groups_aro_map and insert a new record:
    Joomla! 1.5 create new admin user via MySQL and phpMyAdmin step 3

    Joomla! 1.5 create new admin user via MySQL and phpMyAdmin step 3

    group_id = 25
    section_value = (empty)
    aro_id = 1000

    Then click on Run to save the entry

  6. Now go to the backend of your site (i.e /administrator) and log in with the username “admin2” and the password “secret” (whithout “”)
  7. Go to the user section and immediately change the password of admin2 user since “secret” is a very insecure password

Joomla! Component skeleton or framework

I was going to develop a Joomla! Component for a client and started to read the documentation on how to build a Joomla! Component. I searched online for a skeleton or framework so I didn’t have to program that from scratch. Googeling it didn’t show up any really good results.

Until I realized there are actually services for this. Component Creator is one of them. Through a web interface you can specify the details for your component and you can download a ZIP-file which is installable for Joomla! to start bulding upon.

However, documentation is something not really existing for Component Creator. Instead there are community forums and some video tutorials. I was searching the forums for a specific matter and it turned out that the same question had been asked several times by other users. The reply from the Component Creator staff was that you will get the answer to that question by buying the Premium service. So instead of documenting an answer to a common question they want each client to contact the support team to get the answer, probably in order to sell more Premium subscriptions. A bit odd to me. The free service is so limited anyway so without the Premium subscription you quickly run into it’s limitations, so they will sell them anyway.

You should also be aware that Jensen Technologies who is behind Component Creator also is a consulting business offering development of Joomla! components. So your supplier will also be kind of your competitor. I am not saying they will go and steal your business or clients but it is not always a healthy thing when your supplier is also your competitor. Their in house developers will naturally always have the best support compared to their clients.  If it was me, I would have split it into two different companies.

Anyway, the Component Creator is a powerful and helpful tool when starting a new component project for Joomla!.

The video tutorials can be found here:

There is also a webinar recorded on Youtube here:

Below is a demonstration of building a component in 30 minutes using Component Creator by Søren Beck Jensen (2015).

How to keep WordPress widgets when switching themes

When you switch from one theme to another in WordPress you will discover that all widgets you had is gone. Is there a way to keep the widgets when switching themes?

Short answer is – no. The widgets are set specifically for the theme.

But it is often quite simple to resolve the situation. After you switch theme, go to Appearance -> Widgets and scroll down to the bottom of the page.

Here you will find Inactive widgets. You can simply pull them back into your new theme’s widget position and get them back where you want them.

WordPress widgets

WordPress widgets

However, if the widgets you were using was part of the theme you switched from, they will not be available when using the new theme so in that case you need to find an alternative plugin or widget.

Meltdown and Spectre vulnerabilities – what to do?

Meltdown and Spectre are two vulnerabilities present in hardware making it potentially possible for programs to steal information, like passwords etc.

Meltdown affects only Intel processors while Spectre, which is more complex, also partly affects AMD and ARM based processors.

It is not yet known if these vulnerabilities has been exploited by anone. It can affect personal computers, servers, tablets and mobile phones, i.e. more or less any device containing a processor.

More information on: https://spectreattack.com/

What can you do?

  • Check your operating system for updates the upcoming weeks (this is normal good security practice, but make sure you do it frequently)
  • Install and update your virus protection. Even if the antivirus program can’t protect you from the attack it might be able to inform you that your device has got malicious code onboard

You can find security bulletins, security advisorys, faq:s etc for your operating system here: https://meltdownattack.com/#faq-advisory