CMS Made Simple (CMSMS) stores admin users in a MySQL/MariaDB database and manages them through the admin panel at /admin/. CMSMS distinguishes between admin users (who access the backend) and frontend users (managed through the FrontEndUsers module). This guide covers both.
Adding Admin Users
Creating a User via the Admin Panel
- Log in to the CMSMS admin at
https://your-site.com/admin/ - Navigate to Users & Groups > Admin Users (or Extensions > Users & Groups in older versions)
- Click Add User
- Fill in the required fields:
- Username (alphanumeric, used for login)
- Password (and confirm)
- Email address
- First Name and Last Name
- Select a Group membership (determines permissions):
- Admin -- Full unrestricted access
- Editor -- Content editing with restricted settings access
- Designer -- Template and stylesheet management
- Custom groups (if configured)
- Set Active to Yes
- Click Submit
Understanding Admin Groups
Groups in CMSMS define what modules and actions a user can access. View and manage groups at Users & Groups > Groups:
| Default Group | Typical Access |
|---|---|
| Admin | All modules, all settings, user management |
| Editor | Content pages, news, file manager |
| Designer | Design Manager, templates, stylesheets, page layouts |
Each group has granular permission checkboxes for every installed module. To customize:
- Go to Users & Groups > Groups
- Click on a group name
- Check/uncheck permissions for each module
- Click Submit
Adding Users via the CMSMS API (PHP)
For programmatic user creation in modules or scripts:
<?php
// Create a new admin user programmatically
// Run within a CMSMS module or UDT (User Defined Tag)
$userops = cmsms()->GetUserOperations();
$user = new User();
$user->username = 'jsmith';
$user->password = md5('TempPassword123'); // CMSMS uses MD5 by default
$user->email = 'jsmith@example.com';
$user->firstname = 'John';
$user->lastname = 'Smith';
$user->active = 1;
$user->adminaccess = 1;
$result = $userops->InsertUser($user);
if ($result) {
// Add user to a group
$groupops = cmsms()->GetGroupOperations();
$group = $groupops->LoadGroupByName('Editor');
if ($group) {
$userops->AddMemberGroup($user->id, $group->id);
}
echo "User created: {$user->username}";
} else {
echo "Error creating user";
}
Database-Level User Creation
-- Direct SQL to add an admin user (use as last resort)
-- CMSMS password hashing: md5(password) by default, or password_hash in newer versions
INSERT INTO cms_users (username, password, email, first_name, last_name, active, admin_access)
VALUES ('jsmith', MD5('TempPassword123'), 'jsmith@example.com', 'John', 'Smith', 1, 1);
-- Get the new user's ID
SET @uid = LAST_INSERT_ID();
-- Add to the Editor group (group_id varies by installation)
INSERT INTO cms_user_groups (user_id, group_id, create_date, modified_date)
SELECT @uid, group_id, NOW(), NOW()
FROM cms_groups WHERE group_name = 'Editor';
Frontend User Management (FrontEndUsers Module)
CMSMS supports frontend (member) accounts through the FrontEndUsers (FEU) module:
# Install FrontEndUsers via the Module Manager in admin panel:
# Extensions > Module Manager > search "FrontEndUsers" > Install
# Or via CLI if available:
cd /var/www/cmsms
php -r "require 'include.php'; \$mm = cmsms()->GetModuleOperations(); echo \$mm->InstallModule('FrontEndUsers');"
Configure FEU at Extensions > FrontEndUsers > Settings. Frontend users are separate from admin users and have no backend access.
Removing and Deactivating Users
Deactivating an Admin User
- Go to Users & Groups > Admin Users
- Click the Edit icon next to the user
- Set Active to No
- Click Submit
Deactivated users cannot log in but their account and all content attribution are preserved.
Deleting an Admin User
- Go to Users & Groups > Admin Users
- Click the Delete icon (trash can) next to the user
- Confirm the deletion
What Happens to Their Content
When you delete a CMSMS admin user:
- Pages they created remain published -- content is not deleted
- The
page_ownerfield retains the user ID, but the name resolution may show "Unknown" in the admin - Content edited by the user keeps its current state; the edit history shows the deleted user's ID
- News articles authored by the user remain published
- Template and stylesheet changes are not attributed to specific users
- There is no automatic content reassignment
Reassigning Content Ownership
-- Reassign all pages from deleted user to another user
UPDATE cms_content
SET owner_id = (SELECT user_id FROM cms_users WHERE username = 'newadmin')
WHERE owner_id = (SELECT user_id FROM cms_users WHERE username = 'jsmith');
-- Reassign news articles
UPDATE cms_module_news
SET author_id = (SELECT user_id FROM cms_users WHERE username = 'newadmin')
WHERE author_id = (SELECT user_id FROM cms_users WHERE username = 'jsmith');
Bulk User Management
Export All Users
-- Export admin users to CSV
SELECT u.user_id, u.username, u.email, u.first_name, u.last_name,
u.active, GROUP_CONCAT(g.group_name) as groups
FROM cms_users u
LEFT JOIN cms_user_groups ug ON u.user_id = ug.user_id
LEFT JOIN cms_groups g ON ug.group_id = g.group_id
GROUP BY u.user_id
INTO OUTFILE '/tmp/cmsms_users.csv'
FIELDS TERMINATED BY ',' ENCLOSED BY '"'
LINES TERMINATED BY '\n';
Bulk Import Script
<?php
// bulk-import-users.php -- Import users from CSV
// Run from CMSMS root: php bulk-import-users.php
require_once 'include.php';
$userops = cmsms()->GetUserOperations();
$groupops = cmsms()->GetGroupOperations();
$csv = array_map('str_getcsv', file('users_import.csv'));
$header = array_shift($csv);
foreach ($csv as $row) {
$data = array_combine($header, $row);
$existing = $userops->LoadUserByUsername($data['username']);
if ($existing) {
echo "SKIP: {$data['username']} already exists\n";
continue;
}
$user = new User();
$user->username = $data['username'];
$user->password = md5($data['password']);
$user->email = $data['email'];
$user->firstname = $data['firstname'];
$user->lastname = $data['lastname'];
$user->active = 1;
$user->adminaccess = 1;
if ($userops->InsertUser($user)) {
$group = $groupops->LoadGroupByName($data['group']);
if ($group) {
$userops->AddMemberGroup($user->id, $group->id);
}
echo "ADDED: {$data['username']} ({$data['group']})\n";
} else {
echo "FAIL: {$data['username']}\n";
}
}
echo "Import complete.\n";
LDAP Integration
CMSMS supports LDAP authentication via the CMSMSLdap module (community-contributed):
// config.php -- LDAP configuration (add to CMSMS config)
$config['ldap_host'] = 'ldap://ldap.example.com';
$config['ldap_port'] = 389;
$config['ldap_base_dn'] = 'dc=example,dc=com';
$config['ldap_bind_dn'] = 'cn=admin,dc=example,dc=com';
$config['ldap_bind_password'] = getenv('LDAP_BIND_PASSWORD');
$config['ldap_user_filter'] = '(uid=%s)';
$config['ldap_group_filter'] = '(memberOf=cn=cmsms_editors,ou=groups,dc=example,dc=com)';
When LDAP is enabled, users authenticate against the directory server. Local CMSMS accounts are created automatically on first login with the role mapped from LDAP group membership.
Password and Security Settings
Configure password policies in config.php:
// config.php -- Security settings
$config['password_life'] = 90; // Force password change every 90 days
$config['password_min_length'] = 10; // Minimum password length
$config['max_login_attempts'] = 5; // Lock account after 5 failed attempts
$config['login_lockout_time'] = 900; // Lockout duration in seconds (15 min)
Offboarding Checklist
- Deactivate the account (preferred) or delete it
- Reassign page ownership using SQL if content attribution matters
- Check group-specific modules -- Some modules store per-user preferences
- Review FrontEndUsers -- If the departing user also had a frontend account, deactivate it separately
- Clear their session -- Delete from
tmp/cache/if sessions are file-based - Audit recent changes -- Check the admin log at Extensions > Admin Log for recent actions by the user
- Update LDAP/directory -- If using LDAP, disable the account at the directory level