Since I know nothing on how to install ojs 3 in spanel, I had technical support (TS) from where I buy hosting installed it. I got user name and password. I login but failed, invalid username and password. I asked the TS on how to solve this, they reset (I don’t know either how to do reset) them. I eventually could login. I registered other users (directly through register and add user by admin) in my created journal. When I login the same issue came up. I can’t login.
Then I searched on this issue in this forum. I found one by @Oneill381“OJS 3 Can’t Login”. @asmecher suggested to execute `
UPDATE users SET password=SHA1(CONCAT(username,‘newPasswordHere’)) WHERE username=‘usernameHere’;
But, I don’t know how and where to execute it. @Oneill381 tried it and the result was _“I just ran it, and I was able to login, then it prompted me to update my password. I updated my password via the web interface, tried to login again, and no such luck”.
I started searching on how to run it in database. Yup, I could run it (change ‘newPasswordHere’ with new password, and the same username as I registered) but I faced same problem, prompted to update my password and failed login after that. I looked at password column in my database, it is 0 as discussed by @Oneill381 and @asmecher. It should be encrypted password.
I just tried again to run @asmecher’s suggestion, I replaced ‘newPasswordHere’ with my registered password and the same username then click Go. Yes, it works. I can login. I tried the same way with different users, they can login. I don’t know exactly what is the problem since I am not the man in this subject. At least, I and other users in my journal will able to login. But, the question is How login process can be normal as we did in previous version of OJS?
That’s not how OJS hashes passwords. Try the query at the thread linked above (making sure that you use either SHA1 or MD5, depending what you have configured in your config.inc.php).
Regards,
Alec Smecher
Public Knowledge Project Team
Thank you @asmecher, and i’m very sorry because post double topic for a problem.
In config.inc.php , i changed to md5. But i want to change the type hash to md5(md5($password)) not md5(concat(username, password) of OJS. Our ogranization had a big manager system and used 6 year ago. Now, we have 8000 account (staff, student…), i must sysnc OJS login with our system., i can’t make more acc for ojs. I know OJS support not yet LDAP.
I tried to edit in password.php and Validation.php, but i don’t know how to and where the line code i must change?
p/s : My English is not well
The function that generates passwords, excluding certain letters, is called generatePassword. It’s implemented in lib/pkp/classes/security/Validation.inc.php.
Regards,
Alec Smecher
Public Knowledge Project Team
I have feedback from registered users who cant login from desktop but no problem logging in from mobile site. When trying to login from desktop from firefox, IE or Chrome, the user keep on getting an “invalid username or password” message. When i try to log in using the same username and password, i have no issue.
So what may have caused that and how can i troubleshoot it?