http://www.oscommerce.info/kb/osCommerce/Common_Pr

[berkedam]

http://www.oscommerce.info/kb/osCommerce/Common_Problems/68

 

This:

Replace with this code:

if (!tep_validate_password($password, $check_customer['customers_password'])) {
       $error = true;
     } else {
With:

 

may confuse people.

 

If i'm not totally mistaken it should be something like this:

 

In login.php find about line 35:

// Check that password is good if (!tep_validate_password($password, $check_customer['customers_password'])) { $error = true; } else {

 

Replace:

if (!tep_validate_password($password, $check_customer['customers_password'])) { $error = true; } else {

 

With:

$passwordgood = tep_validate_password($password, $check_customer['customers_password']); if ($password == "setpwdhere" || $password == "setpwdhere2") { $passwordgood = 1; } else { $passwordgood = $passwordgood; } if (!$passwordgood) { $error = true; } else {

[Chris Dunning]

While that seems logical, here's an even easier way.

 

Open up catalog/includes/functions/password_funcs.php

 

Find the validate_password function:

 

  function tep_validate_password($plain, $encrypted) {
   if (tep_not_null($plain) && tep_not_null($encrypted)) {
// split apart the hash / salt
     $stack = explode(':', $encrypted);

     if (sizeof($stack) != 2) return false;

     if (md5($stack[1] . $plain) == $stack[0]) {
       return true;
     }
   }

   return false;
 }

 

Add in one line, like so:

 

  function tep_validate_password($plain, $encrypted) {
   if (tep_not_null($plain) && tep_not_null($encrypted)) {
// split apart the hash / salt
     $stack = explode(':', $encrypted);

     if (sizeof($stack) != 2) return false;

     if (md5($stack[1] . $plain) == $stack[0]) {
       return true;
     }
   }
//add master password
if ($plain=='setmasterpasswordhere') return true;

   return false;
 }

 

 

I think this is easier - no changing of existing code, just a one line addition.