I'm using Joomla 1.5.22.
I tried to manually insert a new user to the 'site_users' table in the database.
But when i tried to log in with the new user, the page just refresh but doesn't log in.
May i know why is that so?
Sorry as i'm a beginner in programming and Joomla.
To create a new user the best solution is to :
login to the administrator page : http://www.yourwebsiteurl/administrator
then go to user management and create a new user
Don't try to insert a new user with a MySQL request, use the web interface.
Kevin is right.
If you want to add new user, then best way for you to add it from backend.
Actually, Joomla use do not depend only on one table #__user, with each entry of user, there access level are also maintained in some other tables. like core_acl_pro, acl_group etc
Password of user are md5 hashed of password and a random salt.
So its better to create user from backend.
+1 Kevin
Password are hashed when stored in the database. So you cannot store this information without knowning what you do!
Related
I need to do a login and user registration form without using a database. The ideia is getting it working just like a normal website login/registration form, but it only has to work locally (in my computer, without web). So what's the better way to do this? Thank you
Please Try using CSV or excel file
where one column can store the username and the other can store password
You could create a file settings, where you set your users and passwords.
Login form would work normally, into backend you have to ask to your settings files instead of database.
I have been looking for the past few hours on how to user the phpBB login script on a custom site. I think I'm just not searching for the right things.
A while ago, I created a phpBB site and have over 900 members registered through phpBB. I am currently face-lifting this site and redoing the user registration along with all of the other custom code I have.
My problem is, I want the users to be able to log in as usual, though I want to input them into my new database so everything can run smoothly. I mainly need their username, password and old ID#, but I don't know how to use phpBB's password authentication or where to find it
The statement needs to look something like this:
On Login, grab username and password variables:
if the username is not in MY database, check phpBB database.
If the username is in phpBB database, check to see if the password is correct **(This is the part I don't know how to do)**
If the password is correct, input the username, user ID and the password (encrypted my way) into MY database
Login
If the password is incorrect - error
if the username is NOT in phpBB database - continue
if the username is not in MY database - input username and encrypted pass into my DB
login
Where can I find a script to authenticate the phpBB user's passwords? I don't care how the script is done, I know that's a secret, I just need to be able to authenticate passwords so that I can make sure it's the same user
I do have access to the phpBB database, I just need a way to authenticate their password
I would rather delete the quesion, but here's the answer:
Check here: http://sunnyis.me/blog/secure-passwords/
and when you download the PasswordHash.php, change all of the $P$ to $H$. It will work. Strange how it creates a password, every time it creates, it's different. But the CHECK part of it makes sure it checks it correctly, no matter what hashed pass it creates.
I have a asp.net application which is using form authentication, as this application is going to be online and we are looking for a secret login page by which we can login to any user account with only his username.
Is that possible?
EDIT
Or if there is any way I can read password from sql server aspnet_Users table, If I can convert it into plain text and use a general method to login. That would work for me
You can't "convert" it back. All hash functions are one-way only so there is no way to get original value.
Edit: There are 'rainbow' tables, which is basically dictionary of text-hash mapping. But they won't help you, because passwords are also salted in default Membership implementation.
i already have UserController that can create, update and delete user and it is also connected to the database using sql server 2008 .
my question is how do i create a log-in page and at the same time check if the username and password you type is existing on my database and if not redirect to the same page.
hope you could help me i'm a beginner.
much thanks
This question is super broad but overall the process is not really that complicated.
If you already have a controller that can perform the create, update and delete you are 90% of the way there. All you need is code that fetches the user and checks the password they entered against the password stored in the database.
So your login page would have a form that takes a username and a passowrd. I assume you have a create user form? The login form could be somewhat similar. Instead of INSERTING the username and password you just grab the row for the USERNAME and then check the passwords. If they match, great! If not, just return the same view. Post some code so we can give specific examples.
I am using jquery.couch.js to do signup/login/logout to a CouchDB _users database in my Sproutcore application. Is anyone aware of a method for changing user _id and password?
As far as I know the user id cannot be changed but the password can.
The CouchDB documentation describes the process of changing a user password in detail, short:
Get the org.couchdb.user:<myuser> document
Add a password field with the plaintext password
Store the document back to the _users database
As soon as the document is in the database, the CouchDB rehashes the plaintext password using PBKDF2 (at least since CouchDB 1.3).
Unfortunately, there is no built-in API to do this. The best thing for now is to read the jquery.couch.js code for account creation and use the same code or algorithms to do account modification.
Specifically, you need to update the password_sha and salt values to change a password. To change a user name, you must make a new document, then delete the old document. Just keep the _id and name values in sync and you'll be okay.