Elxis CMS Forum

Support => Security => Topic started by: kdw on November 08, 2006, 12:54:09

Title: [solved]admin password lost
Post by: kdw on November 08, 2006, 12:54:09

hi,
for any reason (don't know) the admin account was blocked. Ok, I removed the flag in the SQL Table.
But what can I do if I forget the password ? How is the encrypted password in the table calculated ?

Title: Re: admin password lost
Post by: datahell on November 08, 2006, 12:58:34

It is the MD5 sum of your real password. ( md5('password') )

Title: Recover a password
Post by: kdw on November 08, 2006, 14:54:38

I did this (linux)

Code: [Select]

# > echo 'test123' >test123
# > md5sum test123
4a251a2ef9bbf4ccc35f97aba2c9cbda  test123

then I copied the md5sum to the SQL password cell

UPDATE `elx_users` SET `password` = '4a251a2ef9bbf4ccc35f97aba2c9cbda', WHERE 'id' = 62 ........
but I can't login afterwards. Did I forget anything ?

Could you verify the checksum, please ?

Title: Re: admin password lost
Post by: datahell on November 08, 2006, 15:08:13

md5('test123') = cc03e747a6afbbcbf8be7668acfebee5

Title: Re: admin password lost
Post by: kdw on November 08, 2006, 15:24:22

Hi
thanks. unix md5sum calculates an other chksum.

this is the screenshot of mysqladmin
table is elx_users


62     Administrator     admin     mymail@address.de     cc03e747a6afbbcbf8be7668acfebee5     Super Administrator     0     1     25     2006-10-27 05:58:17     2006-11-02 11:44:50     NULL     NULL     NULL


I can not login with admin and password test123

Title: Re: admin password lost
Post by: eliasan on November 08, 2006, 15:38:59

An online usefull tool for converting simple string to md5 encoded values, can be found here:
http://ds.nfshost.com/MD5calc/

That also returns, cc03e747a6afbbcbf8be7668acfebee5

Title: Re: admin password lost
Post by: kdw on November 08, 2006, 17:03:31

admin access lost,

really nice effect:
user admin exists
I md5 the password, result is ok.
md5 code is copied to sql db. No chance to login. What had happend ?

I suppose this has to do with the prevously installed shop VirtueMart. So be warned !!
Does anybody have an idea how to reset the user db. Worst case is to reinstall the entire cms.

PS: I need a password reminder  for adminarea !

Title: Re: admin password lost
Post by: eliasan on November 08, 2006, 19:26:03

Hi kdw,

For your reference, I tried to simulate your situation.

- Installed new Elxis
- Installed VirtueMart
- Created a new user account for virtuemart
- Registered with this user account
- Placed some orders

Then I moved recreating the admin password with http://ds.nfshost.com/MD5calc/
- Converted the password string to MD5 value
- Opened phpMyAdmin
- Opened table elx_users
- Edited the Administrator entry and pasted the MD5 value as the new password
- Saved changes

Tried the new password and it works fine!

P.S. Virtuemart, is not working correctly with Elxis.

Title: Re: admin password lost
Post by: datahell on November 08, 2006, 20:24:05

I told you that the user groups in Elxis and in Mambo/Joomla are diferrent...

Problably you have break the groups hierarchy tree or the groups permissions.
Check if you can make them as it was when you installed Elxis. Note: modified manually groups ierarchy tree is a difficult procedure.

Related db tables:
#__users
#__core_acl_aro
#__core_acl_aro_groups
#__core_acl_groups_aro_map
#__core_acl_access_lists

You must restore the values in the tables above. If your db has no users except super administrator the procedure is simple. Just add the rows/values that you had when you installed elxis.

You can see these values in /installation/schema/elxis.xml

The values for the super administrator are here:
/installation/install4.php
lines 384-393.

Title: Re: admin password lost
Post by: kdw on November 08, 2006, 21:23:39

Thanks a lot. Exactly that was the problem. After restoring my db I can access.