I try to change the password of the admin in the admin edit profil section and i got a page with
Error
Database query
error
and now when i try to login the password dont work anymore... this is not the first time this happen to me... but now i cant recover the password because even when i try to, i got this error again show in red.
and in my email i receive an email with: Database error in <SiteName> as title
and : Found error in the file '/home/admin/boyplace/inc/classes/BxDolSubscriptionQuery.php'
at line 272.
Called 'query' function with erroneous argument #0.
Debug backtrace:
Array
(
[1] => Array
(
[file] => /home/admin/boyplace/inc/classes/BxDolDb.php
[line] => 236
[function] => error
[class] => BxDolDb
[type] => ->
[args] => Array
(
[0] => Database query error
[1] =>
as part of the text
someone know how to recover my password or fix this???
thx
|
Hello!
First of all try to login as admin with new and old pwd. If both time u've got failure then.
1) Delete file in cache/user[admin user ID].php.
2) Got to ur DB and run this queries:
UPDATE `Profiles` SET `Salt` = CONV(FLOOR(RAND()*99999999999999), 10, 36); WHERE `ID`='admin user ID';
UPDATE `Profiles` SET `Password` = SHA1(CONCAT(md5('new admin password'), `Salt`)); WHERE `ID`='admin user ID';
Regard
|
Hello!
First of all try to login as admin with new and old pwd. If both time u've got failure then.
1) Delete file in cache/user[admin user ID].php.
2) Got to ur DB and run this queries:
UPDATE `Profiles` SET `Salt` = CONV(FLOOR(RAND()*99999999999999), 10, 36); WHERE `ID`='admin user ID';
UPDATE `Profiles` SET `Password` = SHA1(CONCAT(md5('new admin password'), `Salt`)); WHERE `ID`='admin user ID';
Regard
ok i thy it but i got an error:
Erreur
requête SQL:
WHERE `ID` = '1';
MySQL a répondu:
#1064 - You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use
near 'WHERE `ID`='1'' at line 1
i set 1 the user id because the admin is 1... but it dont work
i run this command
UPDATE `Profiles` SET `Salt` = CONV(FLOOR(RAND()*99999999999999), 10,
36); WHERE `ID`='1';
UPDATE `Profiles` SET `Password` = SHA1(CONCAT(md5('testtest'), `Salt`)); WHERE `ID`='1';
so where is my error? did i have to be in the main database or into the profiles table to run this command???
thx
|
Try this instead.
UPDATE `Profiles` SET `Salt` = CONV(FLOOR(RAND()*99999999999999), 10,
36) WHERE `ID`='1';
UPDATE `Profiles` SET `Password` = SHA1(CONCAT(md5('testtest'),
`Salt`)) WHERE `ID`='1';
Also when you change passwords via the database you need to delete the cache file for that member.
Delete user1.php from the cache folder on the server.
Edit: Oh. LeonidS already mentioned the cache file. Hmm. I must be blind.
https://www.deanbassett.com |
OHHH my god!!! im saved!!! it works
thx a lot :)
by the way i have another quetion... i write it into another post but i got no reply
where is the file that i need to edit for resizing the promo flash slideshow that is in the index page... i just want to set the height more small
thx
|
I saw your other topic. If i had a answer i would have.
https://www.deanbassett.com |
@Deano,
is this something you can implement on your Deano Tools Set?
Try this instead.
UPDATE `Profiles` SET `Salt` = CONV(FLOOR(RAND()*99999999999999), 10,
36) WHERE `ID`='1';
UPDATE `Profiles` SET `Password` = SHA1(CONCAT(md5('testtest'),
`Salt`)) WHERE `ID`='1';
Also when you change passwords via the database you need to delete the cache file for that member.
Delete user1.php from the cache folder on the server.
Edit: Oh. LeonidS already mentioned the cache file. Hmm. I must be blind.
When a GIG is not enough --> Terabyte Dolphin Technical Support - Server Management and Support |
@Deano,
is this something you can implement on your Deano Tools Set?
Try this instead.
UPDATE `Profiles` SET `Salt` = CONV(FLOOR(RAND()*99999999999999), 10,
36) WHERE `ID`='1';
UPDATE `Profiles` SET `Password` = SHA1(CONCAT(md5('testtest'),
`Salt`)) WHERE `ID`='1';
Also when you change passwords via the database you need to delete the cache file for that member.
Delete user1.php from the cache folder on the server.
Edit: Oh. LeonidS already mentioned the cache file. Hmm. I must be blind.
I could add a way to quickly change a members password in my tools. But it won't do any good for the admin if they can't get in to run the tools.
https://www.deanbassett.com |
@DosDawg - I noticed you posted this at Dolphin Techs.
You might want to edit that post to make it more clear as to what the password is changed to in that query.
Where testtest is in that query is where they should put the password they actually want to use.
More like. UPDATE `Profiles` SET `Password` = SHA1(CONCAT(md5('New Admin Password'),
`Salt`)) WHERE `ID`='1'; https://www.deanbassett.com |
I know this is off-topic but can someone explain "Salt" to me and what it means/represents? |
Salt is a dietary mineral composed primarily of sodium chloride that is essential for animal life, but can be toxic to many land plants. Salt flavor is one of the basic tastes, making salt one of the oldest, most ubiquitous food seasoning. Salting is an important method of food preservation.
ehehehe
From Wikipedia, the free encyclopedia
Jump to: navigation, search
In cryptography, a salt comprises random bits that are used as one of the inputs to a key derivation function. The other input is usually a password or passphrase.
The output of the key derivation function is stored as the encrypted
version of the password. A salt can also be used as a part of a key in a cipher or other cryptographic algorithm. The key derivation function typically uses a cryptographic hash function. Sometimes the initialization vector, a previously-generated value, is used as the salt.
Salt data complicates dictionary attacks that use pre-encryption of dictionary entries: each bit of salt used doubles the amount of storage and computation required.
For best security, the salt value is kept secret, separate from the
password database. This provides an advantage when a database is
stolen, but the salt is not. To determine a password from a stolen
hash, an attacker cannot simply try common passwords (such as English
language words or names). Rather, they must calculate the hashes of
random characters (at least for the portion of the input they know is
the salt), which is much slower.
In some protocols, the salt is transmitted as cleartext with the encrypted data, sometimes along with the number of iterations used in generating the key (for key strengthening). Cryptographic protocols that use salts include SSL and Ciphersaber.
Early Unix systems used a 12-bit salt, but modern implementations use larger values.
Salt is closely related to the concept of nonce.
The benefit provided by using a salted password is that a simple dictionary attack against the encrypted values becomes impractical if the salt is large enough. That is, an attacker would not be able to create a rainbow table,
a dictionary of encrypted values (password + salt), because it would
either take too much time, or too much space. This would force the
attacker to use the provided authentication mechanism (which "knows"
the correct salt value).
|
RE: Salt is a dietary mineral composed primarily of sodium chloride that is essential for animal life,
Actually, salt is what you get when an acid reacts with a base. NaCl is only one example, and it is the result of a chemical reaction between Sodium Hydroxide and Hydrochloric acid where Na(OH) + HCl --> NaCl + H20
My opinions expressed on this site, in no way represent those of Boonex or Boonex employees. |
Salt is a dietary mineral composed primarily of sodium chloride that is essential for animal life, but can be toxic to many land plants. Salt flavor is one of the basic tastes, making salt one of the oldest, most ubiquitous food seasoning. Salting is an important method of food preservation.
ehehehe
From Wikipedia, the free encyclopedia
Jump to: navigation, search
In cryptography, a salt comprises random bits that are used as one of the inputs to a key derivation function. The other input is usually a password or passphrase.
The output of the key derivation function is stored as the encrypted
version of the password. A salt can also be used as a part of a key in a cipher or other cryptographic algorithm. The key derivation function typically uses a cryptographic hash function. Sometimes the initialization vector, a previously-generated value, is used as the salt.
Salt data complicates dictionary attacks that use pre-encryption of dictionary entries: each bit of salt used doubles the amount of storage and computation required.
For best security, the salt value is kept secret, separate from the
password database. This provides an advantage when a database is
stolen, but the salt is not. To determine a password from a stolen
hash, an attacker cannot simply try common passwords (such as English
language words or names). Rather, they must calculate the hashes of
random characters (at least for the portion of the input they know is
the salt), which is much slower.
In some protocols, the salt is transmitted as cleartext with the encrypted data, sometimes along with the number of iterations used in generating the key (for key strengthening). Cryptographic protocols that use salts include SSL and Ciphersaber.
Early Unix systems used a 12-bit salt, but modern implementations use larger values.
Salt is closely related to the concept of nonce.
The benefit provided by using a salted password is that a simple dictionary attack against the encrypted values becomes impractical if the salt is large enough. That is, an attacker would not be able to create a rainbow table,
a dictionary of encrypted values (password + salt), because it would
either take too much time, or too much space. This would force the
attacker to use the provided authentication mechanism (which "knows"
the correct salt value).
Thanks, I didn't know if it was a madeup acronym for boonex or something real.
|
