Quentin100 Posted May 14, 2009 Posted May 14, 2009 I've been running a Site on rc1 for about 2 years now and was now doing a new site, but decided to get a template. After installing and adding several add-ons manually I've realised that the admin section is not secured by passowrd like RC1/RC2 is! Rather than going through the pain of re-installing the template and add-ons over RC2, is it possible to upgrade the Admin login files so it prompts me for the Username and Password and give me the Administrators section in Admin? Please help as I'm leaving my new fresh site out in the wild for nasty people to hack it! P.S If this is a repeat post, I'm sorry, I couldn't find it nicely listed anywhere else.
steve_s Posted May 14, 2009 Posted May 14, 2009 I've been running a Site on rc1 for about 2 years now and was now doing a new site, but decided to get a template. After installing and adding several add-ons manually I've realised that the admin section is not secured by passowrd like RC1/RC2 is! Rather than going through the pain of re-installing the template and add-ons over RC2, is it possible to upgrade the Admin login files so it prompts me for the Username and Password and give me the Administrators section in Admin? Please help as I'm leaving my new fresh site out in the wild for nasty people to hack it! P.S If this is a repeat post, I'm sorry, I couldn't find it nicely listed anywhere else. I cant say yes or no, best to test this on a localhost first, if on windows download easyphp
Quentin100 Posted May 14, 2009 Author Posted May 14, 2009 I cant say yes or no, best to test this on a localhost first, if on windows download easyphp I'll test it on a live server, no worries, I just need to know the files I need to upload and the code to put into my existing files to trigger it to prompt for a Username/Password rather than going stright to the Admin Control Panel. I know I need administrators.php and admin/login.php, but I need help beyond this point!
steve_s Posted May 14, 2009 Posted May 14, 2009 I'll test it on a live server, no worries, I just need to know the files I need to upload and the code to put into my existing files to trigger it to prompt for a Username/Password rather than going stright to the Admin Control Panel. I know I need administrators.php and admin/login.php, but I need help beyond this point! You will have to add the sql for administrators table from install.sql and see below INSERT INTO `administrators` (`id`, `user_name`, `user_password`) VALUES (2, 'admin', '72cc7bf841d77c02b3b91bb85561163d:ce'); you can now login admin on oscommerce with the following username admin password admin
Quentin100 Posted May 14, 2009 Author Posted May 14, 2009 You will have to add the sql for administrators table from install.sql and see thread about cant login admin as you will have to enter that sql in too http://www.oscommerce.com/forums/index.php?showtopic=336148 Is there a thread or guide on how to do this, eg. get the sql out of the RC2 install.sql (I'm guessing that's what you are referring to) as I can get access via myphpadmin to do this and also if I get locked out I will follow the thread you gave as well.
steve_s Posted May 14, 2009 Posted May 14, 2009 Is there a thread or guide on how to do this, eg. get the sql out of the RC2 install.sql (I'm guessing that's what you are referring to) as I can get access via myphpadmin to do this and also if I get locked out I will follow the thread you gave as well. Yes extract from catalog/install/oscommerce.sql file from RC2a
Quentin100 Posted May 14, 2009 Author Posted May 14, 2009 You will have to add the sql for administrators table from install.sql and see below INSERT INTO `administrators` (`id`, `user_name`, `user_password`) VALUES (2, 'admin', '72cc7bf841d77c02b3b91bb85561163d:ce'); you can now login admin on oscommerce with the following username admin password admin Ok, just to make it idiot proof: I insert the above sql, which IS the sql from the install.sql, or I have to insert the above AS WELL AS the install.sql. ..and that will be in addition to the administrator and login files? How do I get it to trigger admin/index.php to re-direct to login until I have entered a valid username/password? Baby steps for a novice here... Many thanks for you prompt replies!
steve_s Posted May 14, 2009 Posted May 14, 2009 Ok, just to make it idiot proof: I insert the above sql, which IS the sql from the install.sql, or I have to insert the above AS WELL AS the install.sql. ..and that will be in addition to the administrator and login files? How do I get it to trigger admin/index.php to re-direct to login until I have entered a valid username/password? Baby steps for a novice here... Many thanks for you prompt replies! run the following sql DROP TABLE IF EXISTS administrators; CREATE TABLE administrators ( id int NOT NULL auto_increment, user_name varchar(32) binary NOT NULL, user_password varchar(40) NOT NULL, PRIMARY KEY (id) ); INSERT INTO `administrators` (`id`, `user_name`, `user_password`) VALUES (2, 'admin', '72cc7bf841d77c02b3b91bb85561163d:ce'); you can now login admin on oscommerce with the following username admin password admin once you have uploaded new admin files minus admin/includes/configure.php of course
Quentin100 Posted May 14, 2009 Author Posted May 14, 2009 Ok, so am 90% there! Extracted the sql from file, but thanks for pasting it in for me as well! Inserted that and new admin password. Been messing around and got admin/login.php to work etc. but still haven't got it to re-direct from www.mysite.com/admin to www.mysite.com/admin/login.php. I think I'll get up early with a strong coffee and overwrite all my admine files (except configure of course ;) ) and manually adjust all the admin files I did today for my add-ons. Thanks for shining a light on where I needed to go, was stumbling around in making a big mess in the dark :lol: ! Cheers again!
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.