admin password, not able to login in my own phpmyfaq !

[Remo]

Hello,

I have a password problem for the admin account. I cannot login anymore. It started after getting a new ip address. After reverting to the old ip address, the problem persist.

My first question is, is it posible to set the password to a unhased text string ? I really don't need all this security measures, which on the end only protect the system agains myself. If the password can be set with a root user on the system itself, I think for my purpose it is secure enough.


Show password has not changed.
1: Finding salt

Code: Select all

      # Sqlite3 pinnbook
      sqlite> select * from faqconfig ;
      ...
      ...
      ...
      security.salt|ea83136405f42cf966a08ddcee3c4caa

2: Create phpscript with name Hash_password.php:

Code: Select all

      <?php
      $user = "admin";
      $password = "password";
      $salt = "ea83136405f42cf966a08ddcee3c4caa";
      $pass = hash('sha256', $password . $salt . $user);
      echo $pass;
      echo “\n” 

;

3: show password hash

Code: Select all

      # php  ./Hash_password.php
      c4ff20305b1913920c64a28bee75348200bd879087b1b81cb38bbba570ff754a
      #

4: Check if password hash is the same in database.

Code: Select all

      # sqlite3 pinnbook
      sqlite> select * from faquserlogin  ;
      admin|c4ff20305b1913920c64a28bee75348200bd879087b1b81cb38bbba570ff754a
      anonymous|2cfa63574bc8f73786a6bf7db1cefc952a77ef61354e5dbb19ec7a628b8772a8
      nimda|160f2abec9de0bf7316e806d5a5438c7bab463283ec08d6eeea2f9a5e9c1317d
      sqlite>

I don't see a difference, so I guess the password has not been changed, and still is 'password'
I cannot login.


What I did to try to reset the password:
1: Finding salt

Code: Select all

      # Sqlite 3 pinnbook
      sqlite> select * from faqconfig ;
      ...
      ...
      ...
      security.salt|ea83136405f42cf966a08ddcee3c4caa

2: Create phpscript with name Hash_test.php:

Code: Select all

      <?php
      $user = "admin";
      $password = "test";
      $salt = "ea83136405f42cf966a08ddcee3c4caa";
      $pass = hash('sha256', $password . $salt . $user);
      echo $pass;
      echo “\n” ;

3: Create new password hash

Code: Select all

      # php  ./Hash_test.php
      0865cdd85e83921094b046deab85f05ab949512f04e96e8e2c5dba09aab595fb
      #

4: Set password in database:

Code: Select all

      # Sqlite3 pinnbook
      sqlite>  update faquserlogin set pass = "0865cdd85e83921094b046deab85f05ab949512f04e96e8e2c5dba09aab595fb" where login = 'admin' ;
      #

I guess the password for admin should be "test" now, but no luck loging in.

No errors in message file !

[Remo]

Now saved the faq directory and moved it.
untarred the same version clean, and installed this one.

The salt is exactly the same, and the password hash is also exactly the same.
It really looks like it is not an issue with the password.

What else can cause this error ?
Is there any way to diagnose this ?

Rene.

[Remo]

Now I finished to setup a new installation, and copyed over the database file and attachements etc.
This now seems to work again.

[Remo]

And now I had to change the ip address to the final address, and again, no login posible.

What is the correct way to change the ip address ?
And why is the ip address change causing not able to login anymore ?

I made a sql dump, replaced all old addresses with the new addresses, and restored the wole database.
all data seem to be there, and rest is working correct, only the password is not accepted anymore.

[Thorsten]

Hi,

you have to change the address in the table faqconfig the value for the key "main.referenceURL"

bye
Thorsten