Jump to content

Reset customer password on DB


guest*

Recommended Posts

Hi,

 

I have a problem. I migrated my DB to a 64bit platform and this has another encoding, so all customer password are not still working anymore. Unfortunatelly also the contact form "send new password" is broken.

 

Is there any possibility to empty all passwords on DB, so when customer log-in the first time again and type the password, it will be override in the DB ?

 

Can somebody please help me on this ?

 

THXS. in advance for quick replies.

Link to comment
Share on other sites

Is there any possibility to empty all passwords on DB, so when customer log-in the first time again and type the password, it will be override in the DB ?

If you empty the password column then the typed password will be compared against an empty string and the authentication will fail.

As long as you mysql-dump and then restore your DB on 64bit system (i.e. not moving binary files) everything should be OK because it is an architecture neutral format. Are you sure it is due to moving to a 64bit system. Did you by any chance re-installed or changed domain?

Link to comment
Share on other sites

Hi,

 

I did the following. My provider told me to reinstall presta 1.4.4. fresh on an empty DB on the 64bit platform and than load my data from the old DB into this DB. Now all is crashed. Mails are not working anymore - customer do not receive any copy of mail. Password reset is not possible- fatal error.

Customer cannot login anymore (also not as admin possible, I hacked myself into the ADMIN by SQL-query).

The problem what I have, is that the SQL dump is only saved as: Tables drop/create and not the Database as drop/create...

 

Also on my 32bit system I tried to restore it, by the same way. I have the same problems...

 

I have an older Dump saved on BO, so it should contain all neded. Also this does not work anymore.

 

I tried to delete sec_key and password, also this will not fix the problem.

 

So, I have two problems unsolved since 15th September and my shop blocked. If my provider did any other changes on the server I don't know. I'm so frustrated, because he also is not answering my questions anymore. Sign for me to: "please move, I don't want to have Prestashop anymore on my machine..."

Link to comment
Share on other sites

My provider told me to reinstall presta 1.4.4. fresh on an empty DB ...and than load my data from the old DB into this DB.

 

This is what is causing the problem.

 

During installation a new file, settings.inc.php, is created in /config directory with a value for _COOKIE_KEY_ which is unique for each install.

 

When a customer, (or an employee) registers, the password is appended to this value and then MD5 hash of the concatenated string is taken and stored in the DB. When you make a new install, you have a different value for the _COOKIE_KEY_ so the old passwords will not work for customers or employees.

 

If you have a copy/backup of the old installation and iff there are no new registrations since you reinstalled (otherwise you will have the same problem with those new registrations) you could replace the _COOKIE_KEY_ in settings.inc.php and the password should again work.

 

Mails are not working anymore - customer do not receive any copy of mail. Password reset is not possible- fatal error.

Make sure you have all the email templates in place in /mail directory in new installation.

 

Customer cannot login anymore (also not as admin possible, I hacked myself into the ADMIN by SQL-query).

The problem what I have, is that the SQL dump is only saved as: Tables drop/create and not the Database as drop/create...Also on my 32bit system I tried to restore it, by the same way. I have the same problems...

Nothing to do with the way dump was created or machine's architecture. This is due to restoring backup from old install to a new install, see above.

 

I have an older Dump saved on BO, so it should contain all neded.

Yeah, in theory...A full database backup itself is not good if you reinstall your shop, which is ironic because that is exactly when you would need a full backup.

Link to comment
Share on other sites

Hi,

 

I know that when you make a fresh install settings will be override. I had the old one backuped and restored it, but it does not work too. So I need to refresh or delete this cookies and keys to get it work. Isn't there any way to do this ?

 

concerning mails. Yes I have the mail folder there in the right place. SMTP is not working anymore, PHP works, but also customer are not receiving any copy of the order mails...

 

Any other idea, what I can do to restore my old project without any loose ?

Link to comment
Share on other sites

I know that when you make a fresh install settings will be override. I had the old one backuped and restored it, but it does not work too. So I need to refresh or delete this cookies and keys to get it work. Isn't there any way to do this ?

 

concerning mails. Yes I have the mail folder there in the right place. SMTP is not working anymore, PHP works, but also customer are not receiving any copy of the order mails...

 

Any other idea, what I can do to restore my old project without any loose ?

 

I cannot think of an easy work-around for not working passwords. I am not even sure what is the nature of the problem both passwords and emails failing. This is after all a fresh install.

 

You could run it under debug and step through the code to see exactly what is going wrong where, then try to work out a solution.

 

Here is what I would do.

1- Install xdebug to your server

2- Install and IDE, Netbeans or VS

3- Load the site in the IDE

4- Start debug and step through the code until it fails.

 

This will at least tell you what exactly is the problem. Then once you know that you can formulate a solution.

Link to comment
Share on other sites

Oh, is this complicated.... At the moment I cannot install nothing on server. I'm looking for another provider, becasue mine is so stupid and really don't know to manage the IIS. I don't want to work with IIS anymore. Each day other problem... The tipp to macke a fresh install and than load the DB was from him. All was working, now nothing is working and also he do not answer to any of my mails. I'm so angry with this situation and I'm loosing money. This fact does not move my provider at any way.. I'm looking for another provider here in the ECC. This is not a way to work with..

 

After moving to another provider I will see what I can do...

Debug from presta I've activated. There are no errors, only these fronted when customer is sending a mail. But this errors are not specifing nothing: fatal error or mail cannot be processed...

 

I took a look to netbeans, I'm not shure to know how to use this. I'm not a developer, not a coder, only a merchant...

 

Nevertheless thxs. for your help

Link to comment
Share on other sites

Should I have luck when I export all my 300 customers, delete them from DB and than re-import with the same ID, but without any password ? When I imported the customers from my old project, I imported them with the encrypted password, but without any key. They worked all on presta after importing them...

Link to comment
Share on other sites

Also by droping all data from ps_customers and re-importing them on BO does not work. The table seems to be blocked. Although it is empty, it is saying me when importing Data: Duplicate entry '1-1' for key 'PRIMARY'

 

What the hell is Presta doing ? When I delete a line on ps_orders than by magic it is still available, although this line is not part from Version 1.4.4. I don't understand. Is this a issue from my server or what ?

Link to comment
Share on other sites

SMTP is solved, I moved my project for Tests to an Apache. It really seems that my provider don't want me anymore. He has blocked SMTP.... On the Apache I can send mails without any problems...

So customer should send them a new passwords to log-in, because I'm unable to repair the lost md5 hash with the stupid action to reinstall a fresh version and than lod the DB into the fresh empty DB. This is a good way to clean projects, but it is not suitable for Prestashop. Not by this way and not taking care of the dependence of cookie_key, hash and paswords encrypt.

Link to comment
Share on other sites

SMTP is solved, I moved my project for Tests to an Apache. It really seems that my provider don't want me anymore. He has blocked SMTP.... On the Apache I can send mails without any problems...

One down, one to go then :)

So customer should send them a new passwords to log-in, because I'm unable to repair the lost md5 hash with the stupid action to reinstall a fresh version and than lod the DB into the fresh empty DB. This is a good way to clean projects, but it is not suitable for Prestashop. Not by this way and not taking care of the dependence of cookie_key, hash and paswords encrypt.

You are right. I consider using a per install value to hash the passwords as a bug. This value should be same across re-installs so a DB restore works whether there was a reinstall or not.

Do you have a backup of old installation files? If you have the old settings.inc.php, all you need to do is to replace _COOKIE_KEY_ value and passwords should work again.

Link to comment
Share on other sites

Do you have a backup of old installation files? If you have the old settings.inc.php, all you need to do is to replace _COOKIE_KEY_ value and passwords should work again.

Yes I have, but I think on this case it was over written by the new one, because it is not working anymore. Now I'm moving to another provider and all well be good after 2 weeks hard work trying to fix this security lack from Prestashop...

Link to comment
Share on other sites

  • 9 years later...

Hi, to avoid having to modify the DB directly, do you think there is a way to send a link to my customers allowing them to directly change their password (by clicking on the link I would send) ? Or is it possible to make them set a new password when they login the first time ?

Link to comment
Share on other sites

  • 2 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...