[Solved, thanks asmecher]OJS sign in fatal error/ 2.4.7-1 password reset not working

Hi people:

I’ve just upgrade from 2.4.6 to latest version 2.4.7-1, after a successful upgrade, we now having problem to sign in, the error message is:

Fatal error: require_once(): Failed opening required ‘/usr/home/xxxx/xxxx/xxxx/lib/password_compat/lib/password.php’ (include_path=’.:/usr/home/xxx/classes:/usr/home/xxx/pages:/usr/home/xxx/lib/pkp:/usr/home/xxx/lib/pkp/classes:/usr/home/xxx/lib/pkp/pages:/usr/home/xxx/lib/pkp/lib/adodb:/usr/home/xxx/lib/pkp/lib/phputf8:/usr/home/xxx/lib/pkp/lib/pqp/classes:/usr/home/xxx/lib/pkp/lib/smarty:.:/usr/local/lib/php’) in /usr/home/xxx/classes/security/Hashing.inc.php on line 100

I have temporary solved this by editing classes/security/Hashing.inc.php

line 97 to 104:

if ($init === null) {
	// password_compat uses namespaces, so ensure PHP version supports this
	//if (version_compare(phpversion(), '5.3.0', '>=')) {
	//	$init = require_once(BASE_SYS_DIR . '/lib/password_compat/lib/password.php');
	//}
	//else {
		$init = false;
	//}
}

i have met another problem that maybe related to what i changed here on the hashing page:

My user always get this message whenever they trying to reset their password:

Sorry, the link you clicked on has expired or is not valid. Please try resetting your password again.
Reset Password

I have temporary solved this by editing classes/security/Hashing.inc.php

line 97 to 104:

	if ($init === null) {
		// password_compat uses namespaces, so ensure PHP version supports this
		//if (version_compare(phpversion(), '5.3.0', '>=')) {
		//	$init = require_once(BASE_SYS_DIR . '/lib/password_compat/lib/password.php');
		//}
		//else {
			$init = false;
		//}
	}

so it skips $init = require_once(BASE_SYS_DIR . ‘/lib/password_compat/lib/password.php’);

it seems like a php file missing but i am working on a shared server.

Hi @anzewill,

Are you hosting from a git checkout? That code exists as a submodule.

Regards,
Alec Smecher
Public Knowledge Project Team

Sorry for the late reply

I am hosting on pair networks shared server.

i have met another problem that maybe related to what i changed here on the hashing page:

My user always get this message whenever they trying to reset their password:

Sorry, the link you clicked on has expired or is not valid. Please try resetting your password again.
Reset Password

Hi @anzewill,

Have you tried running through the password reset process yourself?

Regards,
Alec Smecher
Public Knowledge Project Team

Yes @asmecher asmecher.

i actually found this by myself.

The error message display immediately after i clicked on the reset link in my E-mail.

Hi @anzewill,

I think this is probably related to your earlier modification.

Did you verify whether lib/password_compat/lib/password.php exists in your OJS installation?

Regards,
Alec Smecher
Public Knowledge Project Team

Hi @asmecher

I can not find this file anywhere, how can i fix this problem?

I have download a new 2.4.7-1 zip file and copied the whole password_compat folder into /lib/ with no luck.

Hi @anzewill,

The file lib/password_compat/lib/password.php definitely exists in the OJS 2.4.7-1 archive. If it’s not there, I suspect something happened when you unpacked the archive.

Regards,
Alec Smecher
Public Knowledge Project Team

Hi @asmecher,

I have placed the entire password_compat folder into lib/ dir.

now password.php is right under where it should be.

but the password reset function is still not working properly, please advise.

Hi @anzewill,

Have you reverted the modifications you described making earlier in this thread?

Regards,
Alec Smecher
Public Knowledge Project Team

Hi @asmecher,

Yes i have reverted the modification, at the moment i am not able to login nor the password reset.

error message:

Invalid username or password. Please try again.

and

Sorry, the link you clicked on has expired or is not valid. Please try resetting your password again.

I have also tried to clean cache, doing php tools/upgrade.php upgrade still no luck

Hi @anzewill,

Can you post the results for the following query (assuming you’re using MySQL)?

DESCRIBE users;

Regards,
Alec Smecher
Public Knowledge Project Team

hi @asmecher

Here is the result from phpmyadmin:
(Sorry about the format)

user_id
bigint(20)
NO
PRI
NULL
auto_increment

username
varchar(32)
NO
UNI
NULL

password
varchar(40)
NO
NULL

salutation
varchar(40)
YES
NULL

first_name
varchar(40)
NO
NULL

middle_name
varchar(40)
YES
NULL

last_name
varchar(90)
NO
NULL

suffix
varchar(40)
YES
NULL

gender
varchar(1)
YES
NULL

initials
varchar(5)
YES
NULL

email
varchar(90)
NO
UNI
NULL

url
varchar(255)
YES
NULL

phone
varchar(24)
YES
NULL

fax
varchar(24)
YES
NULL

mailing_address
varchar(255)
YES
NULL

billing_address
varchar(255)
YES
NULL

Edit Edit
Copy Copy
Delete Delete
country
varchar(90)
YES
NULL

locales
varchar(255)
YES
NULL

date_last_email
datetime
YES
NULL

date_registered
datetime
NO
NULL

date_validated
datetime
YES
NULL

date_last_login
datetime
NO
NULL

must_change_password
tinyint(4)
YES
NULL

auth_id
bigint(20)
YES
NULL

auth_str
varchar(255)
YES
NULL

disabled
tinyint(4)
NO
0

disabled_reason
text
YES
NULL

inline_help
tinyint(4)
YES
NULL

Hi @anzewill,

That shows your “password” column as 40 characters long. The upgrade process should have extended it to 255. Are you sure the upgrade process completed successfully?

Regards,
Alec Smecher
Public Knowledge Project Team

Hi @asmecher

This looks like a successful upgrade, but it must be something wrong, how can i upgrade the password column?

%php tools/upgrade.php upgrade
[pre-install]
[load: upgrade.xml]
[version: 2.4.7.1]
[schema: lib/pkp/xml/schema/signoff.xml]
[schema: lib/pkp/xml/schema/common.xml]
[schema: lib/pkp/xml/schema/groups.xml]
[schema: lib/pkp/xml/schema/log.xml]
[schema: lib/pkp/xml/schema/announcements.xml]
[schema: lib/pkp/xml/schema/scheduledTasks.xml]
[schema: lib/pkp/xml/schema/temporaryFiles.xml]
[schema: lib/pkp/xml/schema/metadata.xml]
[schema: lib/pkp/xml/schema/reviews.xml]
[schema: lib/pkp/xml/schema/reviewForms.xml]
[schema: lib/pkp/xml/schema/controlledVocab.xml]
[schema: lib/pkp/xml/schema/submissions.xml]
[schema: lib/pkp/xml/schema/comments.xml]
[schema: lib/pkp/xml/schema/notes.xml]
[schema: lib/pkp/xml/schema/gifts.xml]
[schema: lib/pkp/xml/schema/mutex.xml]
[schema: lib/pkp/xml/schema/tombstone.xml]
[schema: lib/pkp/xml/schema/metrics.xml]
[schema: dbscripts/xml/ojs_schema.xml]
[data: dbscripts/xml/indexes.xml]

[code: Installer Installer::addPluginVersions]
[post-install]
Successfully upgraded to version 2.4.7.1

Hi @anzewill,

Check lib/pkp/xml/schema/common.xml. In the users table, what password length is specified? It should look like…

<field name="password" type="C2" size="255">
    <NOTNULL/>
</field>

Regards,
Alec Smecher
Public Knowledge Project Team

Hi @asmecher
it is
field name=“password” type=“C2” size=“40”

should i download a new version of this file and run upgrade?

Hi @anzewill,

Hmm, between the missing password.php file and the incorrect common.xml file, it seems like you’ve somehow mixed the code for your new and old versions. I’d suggest starting the upgrade again, using the “full package” process described in the upgrade documentation. It’s likely that more than just these two issues are going to crop up.

Regards,
Alec Smecher
Public Knowledge Project Team

Hi @asmecher

Thanks for all your kind help, i was upgrade directly from 2.4.5 to 2.4.7-1 using the patch file on the official website and the entire upgrade was smooth and successful.

We had modified a lots of thing so it might be hard for us to doing a full package upgrade.