Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Lost Admin Password


tonygillham

Recommended Posts

I have seen many issues with lost admin p/w solved by simply using PHPMyAdmin to wipe admin data from the adminstrators in the DB, then creating a new log-in.

 

I have seen the use of a PHP file which basically has the same effect.

 

I have also seen the use of an MD5 hash for the password '123456' to solve the problem by inserting that into the DB.

 

Unfortunately all these approaches just get me the same result.... the message:

 

 Error: Invalid administrator login attempt.

 

I am at my wit's end here.

 

Are there any other approaches (short of complete re-install)?

Link to comment
Share on other sites

I have seen many issues with lost admin p/w solved by simply using PHPMyAdmin to wipe admin data from the adminstrators in the DB, then creating a new log-in.

 

I have seen the use of a PHP file which basically has the same effect.

 

I have also seen the use of an MD5 hash for the password '123456' to solve the problem by inserting that into the DB.

 

Unfortunately all these approaches just get me the same result.... the message:

 

 Error: Invalid administrator login attempt.

 

I am at my wit's end here.

 

Are there any other approaches (short of complete re-install)?

 

There is an addon for Rc2a stores.

http://addons.oscommerce.com/info/5857

Reset Admin Password

 

Tim

Link to comment
Share on other sites

There is an addon for Rc2a stores.

http://addons.oscommerce.com/info/5857

Reset Admin Password

 

Tim

 

Yes, that was the second option I mentioned -it does not work either, unfortunately. It cleans out the DB nicley but I enter a new admin name and password and get the same error when i try to log on with it.

 

Like another user mentioned, when I actually look at the newly created administrator in PHPMyAdmin the username field is empty and manually adding the username in there does not help.

 

Thanks for you response though.

Link to comment
Share on other sites

Yes, that was the second option I mentioned -it does not work either, unfortunately. It cleans out the DB nicley but I enter a new admin name and password and get the same error when i try to log on with it.

 

Like another user mentioned, when I actually look at the newly created administrator in PHPMyAdmin the username field is empty and manually adding the username in there does not help.

 

Thanks for you response though.

It sounds like the database is working. Is it possible there is a problem with the login page? Somehow it is submitting the login and password incorrectly?

 

Tim

Link to comment
Share on other sites

Well the failure of the 'create new administrator' to actually produce a username in the database suggests something is amiss there. If the MD5 hash is created by using the username as a key when hashing the password, that might also explain why this could affect the password, even after the username is manually added. But i doubt it, I seem to remember that the MD5 hash deals only with the password.

 

I am wondering if it is something server-related.

 

I am using v2.2RC2 on a fedora VPS with PHP v5

Link to comment
Share on other sites

What have you changed lately? Anything in either configure.php file? Anything to do with ssl? Anything to do with rewrite rules?

 

The config.php is kind of funky tbh as I am using a Flash front-end and just using the OSC for the backend. the site is https://www.yourmemorial.co.uk/ymdesigner

 

I will post a copy of the config when I have 'sanitised' it to get rid of passwords etc. There was an .htaccess which made sure that only https pages were accessed (to re-assure clients) but I have disabled that for now.

Link to comment
Share on other sites

There was an .htaccess which made sure that only https pages were accessed (to re-assure clients) but I have disabled that for now.

Wherein likely lies your problem. Change it back and see it that is the cause.

Community Bootstrap Edition, Edge

 

Avoid the most asked question. See How to Secure My Site and How do I...?

Link to comment
Share on other sites

Wherein likely lies your problem. Change it back and see it that is the cause.

 

I mean I changed it back after the problem started occurring. There is now no .htaccess - the one I had which may have caused the problem was this...

 

 

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteCond %{REQUEST_URI} ymdesigner 
RewriteRule ^(.*)$ https://www.yourmemorial.co.uk/ymdesigner/$1 [R,L]

 

Unfortunately I do not have a record of the rewrite rule I was using prior to this, when all was working as it should have been.

 

FYI, the includes -> configure.php is

 

<?php
 define('HTTP_SERVER', 'http://www.yourmemorial.co.uk');
 define('HTTPS_SERVER', 'https://www.yourmemorial.co.uk');
 define('ENABLE_SSL', 'true');
 define('HTTP_COOKIE_DOMAIN', 'www.yourmemorial.co.uk');
 define('HTTPS_COOKIE_DOMAIN', 'www.yourmemorial.co.uk');
 define('HTTP_COOKIE_PATH', '/ymdesigner/');
 define('HTTPS_COOKIE_PATH', '/ymdesigner/');
 define('DIR_WS_HTTP_CATALOG', '/ymdesigner/');
 define('DIR_WS_HTTPS_CATALOG', '/ymdesigner/');
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');

 define('DIR_WS_DOWNLOAD_PUBLIC', 'pub/');
 define('DIR_FS_CATALOG', '/home/yourmemo/public_html/ymdesigner/');
 define('DIR_FS_DOWNLOAD', DIR_FS_CATALOG . 'download/');
 define('DIR_FS_DOWNLOAD_PUBLIC', DIR_FS_CATALOG . 'pub/');

 define('DB_SERVER', 'localhost');
 define('DB_SERVER_USERNAME', '************');
 define('DB_SERVER_PASSWORD', '******');
 define('DB_DATABASE', '***********');
 define('USE_PCONNECT', 'false');
 define('STORE_SESSIONS', 'mysql');
?>  

 

and the admin -> includes -> configure.php is this...

 

<?php
 define('HTTP_SERVER', 'http://www.yourmemorial.co.uk');
 define('HTTP_CATALOG_SERVER', 'http://www.yourmemorial.co.uk/ymdesigner');
 define('HTTPS_CATALOG_SERVER', 'https://www.yourmemorial.co.uk/ymdesigner');
 define('ENABLE_SSL_CATALOG', 'true');
 define('DIR_FS_DOCUMENT_ROOT', '/home/yourmemo/public_html/ymdesigner/');
 define('DIR_WS_ADMIN', '/ymdesigner/admin/');
 define('DIR_FS_ADMIN', '/home/yourmemo/public_html/ymdesigner/admin/');
 define('DIR_WS_CATALOG', '/ymdesigner/');
 define('DIR_FS_CATALOG', '/home/yourmemo/public_html/ymdesigner/');
 define('DIR_WS_IMAGES', 'images/');
 define('DIR_WS_ICONS', DIR_WS_IMAGES . 'icons/');
 define('DIR_WS_CATALOG_IMAGES', DIR_WS_CATALOG . 'images/');
 define('DIR_WS_INCLUDES', 'includes/');
 define('DIR_WS_BOXES', DIR_WS_INCLUDES . 'boxes/');
 define('DIR_WS_FUNCTIONS', DIR_WS_INCLUDES . 'functions/');
 define('DIR_WS_CLASSES', DIR_WS_INCLUDES . 'classes/');
 define('DIR_WS_MODULES', DIR_WS_INCLUDES . 'modules/');
 define('DIR_WS_LANGUAGES', DIR_WS_INCLUDES . 'languages/');
 define('DIR_WS_CATALOG_LANGUAGES', DIR_WS_CATALOG . 'includes/languages/');
 define('DIR_FS_CATALOG_LANGUAGES', DIR_FS_CATALOG . 'includes/languages/');
 define('DIR_FS_CATALOG_IMAGES', DIR_FS_CATALOG . 'images/');
 define('DIR_FS_CATALOG_MODULES', DIR_FS_CATALOG . 'includes/modules/');
 define('DIR_FS_BACKUP', DIR_FS_ADMIN . 'backups/');

 define('DB_SERVER', 'localhost');
 define('DB_SERVER_USERNAME', '888888888888888');
 define('DB_SERVER_PASSWORD', '8888888888888');
 define('DB_DATABASE', '8888888888888');
 define('USE_PCONNECT', 'false');
 define('STORE_SESSIONS', 'mysql');
?>

 

I understand that my messing with the htaccess rewrites may have caused this all to happen and I guess now the question is how to get out of it. I do appreciate your help, by the way - thanks. :)

Link to comment
Share on other sites

First try removing all the https from the admin configure.php

 

 define('HTTP_SERVER', 'http://www.yourmemorial.co.uk');
 define('HTTP_CATALOG_SERVER', 'http://www.yourmemorial.co.uk/ymdesigner');
 define('HTTPS_CATALOG_SERVER', 'http://www.yourmemorial.co.uk/ymdesigner');
 define('ENABLE_SSL_CATALOG', 'false');
 define('DIR_FS_DOCUMENT_ROOT', '/home/yourmemo/public_html/ymdesigner/');

Community Bootstrap Edition, Edge

 

Avoid the most asked question. See How to Secure My Site and How do I...?

Link to comment
Share on other sites

  • 2 weeks later...

I have seen many issues with lost admin p/w solved by simply using PHPMyAdmin to wipe admin data from the adminstrators in the DB, then creating a new log-in.

 

I have seen the use of a PHP file which basically has the same effect.

 

I have also seen the use of an MD5 hash for the password '123456' to solve the problem by inserting that into the DB.

 

Unfortunately all these approaches just get me the same result.... the message:

 

 Error: Invalid administrator login attempt.

 

I am at my wit's end here.

 

Are there any other approaches (short of complete re-install)?

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...