View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0002011 | Composr alpha bug reports | [All Projects] General / Uncategorised | public | 2015-07-29 10:36 | 2015-08-02 11:00 |
| Reporter | gemini | Assigned To | Chris Graham | ||
| Severity | Major-bug | ||||
| Status | resolved | Resolution | fixed | ||
| Summary | 0002011: Saving admin credentials | ||||
| Description | Uploaded beta version to a Arvixe server to run live tests on API and after setup i went to enter the admin to finish the setup and my admin credentials were not saved. This occured three different times. | ||||
| Steps To Reproduce | Install new and try to sign into admin area. | ||||
| Tags | No tags attached. | ||||
| Sponsorship open | |||||
|
|
Think this is also happening to kingbast, as he has a ticket open. Can you help me out and tell me what PHP version they currently run, and also if the openssl PHP extension is installed on there? phpinfo should tell you. |
|
|
One of our customer's is on an Arvixe server running 5.3.28, with openssl extension. That's older than I realised, but regardless we should support it. Probably the issue is we have tested on both a very old, and a very new PHP version, yet we made some password encoding changes and PHP compatibility with password systems has always been an issue. |
|
|
I can't reproduce any problem when I tested on Arvixe's newt and hedgehog servers. I did a full install on newt, and a full test of the password API on hedgehog, all seemed fine. I also tested on both my local PHP installations. If you can tell us what the m_password_hashed field is in the f_members table, for the admin user, that may help give a clue. Also try signing in with the password 'admin' in case the password field got lost somehow ('admin' is the default password). Also confirm you installed with our default forum Conversr, and not another forum driver. |
|
|
Confirmed the php version in a support ticket (it is the same site I am reporting about, gemini's). Going to try again now, and will let you know the details of those fields. Yeah, all installs have been with the default forum. |
|
|
Fresh install, same result. admin/admin combo doesn't work, cannot check the m_password field as it doesn't exist. No tables at all in the database according to phpMyAdmin, which probably explains the issue. |
|
|
If there were no tables it wouldn't get past a critical error screen, so they'll be somewhere. However I meant to say the 'm_pass_hash_salted' field. Can I get access to take a look? It may be some complex issue with the authentication only affecting some servers. The authentication is 100% rewritten in v10 to use something called a cryptographic ratchet, using different algorithms. |
|
|
My php version is 5.2.17 OpenSSL is installed OpenSSL 1.0.1e-fips 11 Feb 2013 |
|
|
Well the v9 database shows up in phpMyAdmin, but nothing for v10 although it installed without error. It's gemini's server, I will let him give you the credentials. |
|
|
Hi, I'm working on this. On this particular server Blowfish encryption seems to not be working. It's there, just not working. I'm investigating why. |
|
|
We will now only do the new crypt scheme on PHP 5.3.7 or later, due to a couple of PHP legacy problems. One is a change they did in PHP 5.3.7 that I now see would make it difficult for people upgrading from before that version to after it. The other is that prior to PHP 5.3 it relied on the operating system to supply the blowfish encryption requested, and many Linux kernels even do not have it (PHP manual really lacking here...). Users should actually only be on PHP 5.4 or later, as PHP 5.3 is EOL for quite some time. Arvixe let you select your PHP version. |
|
|
I looked in the dropdown for php versions actually, was going to select the latest available and the dropdown was empty. Maybe cos they moved the site from mongoose as you discovered. Glad you discovered something additional with the blowfish issue. |
|
|
I can contact arvixe as well to see why it is not working. Will report back. |
|
|
Did upgrade to php 5.5 and all went well. Now onto live testing. Look out API's here i come lol. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2023-02-26 18:29 | Chris Graham | Category | General => General / Uncategorised |
