Hello
I am new to using Piwigo and I just installed a theme, wanted to go back to the administration page and Piwigo keeps telling me that my password is invalid and I get "Check your email for the confirmation link" which does not work when I try to change my password. What can I do, please help.
Piwigo version:
PHP version:
MySQL version:
Piwigo URL: http://www.travelnfarmboy.com
Offline
Hi :-)
You can update in database.
chose md5 function
Offline
I have the same problem. 'Installed latest version today. For some reason did not write down the admin password. So I tried to change the password in the piwiq_users section of the database.
I access the user database and change the password for user admin using MD5 hash generated here: http://www.miraclesalad.com/webtools/md5.php
However, when I try to logon it just returns to the login screen.
Offline
I figured out my problem.
I didn't the MD5 Hash generator. phpMyAdmin generated the hash. I just selected MD5 and then typed in the password that I want to use and click Go.
So simple.
Last edited by tomscot2 (2017-05-20 02:24:20)
Offline
as an aside, if you're pretty comfortable with the command line, you can also use shell tools to get the same - the key point to remember is in generating the hash, you need to make sure to not include a \n in the string sent to md5sum.
e.g. you want 'echo -n "this is the password I will use" | md5sum'
instead of 'echo "this will never work" | md5sum'
I assume it has something to do with an attack vector based on knowing what the last char has to be/won't be and/or with the way the string is processed in php.
I mostly mention this because while it's handy, phpmyadmin is a super common thing for attackers to probe for when they poke at a site, and if they want it, I wanna make sure I don't have it or it's locked down tight. it took me a little while to figure out, thought it could be useful for someone else.
thanks for the software. hopefully I added this info in a reasonable manner.
Offline