URGENT HELP!

[Grant Morgan]

Hi, I have an urgent login problem with a clients website, while the site itself looks to be working fine, but we cannot login to the back end.

 

 

We only have one user but the 'user does not exist', when we choose forgotten password, we get an php error again saying 'you can only request a password every 360 mins'

 

I have manually added a new staff member into the database with the same results, can someone please tell me how I can either reduce the password request to 1 min manually within the database? Or what files I should replace via FTP to resolve the login error?

 

Prestashop v1.4.9

 

Many thanks

 

Grant

Edited October 11, 2012 by Grant Morgan (see edit history)

[math_php]

Hi,

To solve 'new password issue' change last_passwd_gen to an older date in employee table.

 

Regards

[Grant Morgan]

Hi math_php, thanks for the suggestion but I got the same error see attachment

[Guest cornelm]

wordpress?

[math_php]

In your wp-admin/password.php file

you could change

$pwd = Tools::passwdGen();
$previous_password = $employee->passwd;
$previous_last_passwd_gen = $employee->last_passwd_gen;
$employee->passwd = md5(pSQL(_COOKIE_KEY_.$pwd));

 

to

$pwd = Tools::passwdGen();
$dump = $pwd."\n";
$previous_password = $employee->passwd;

$previous_last_passwd_gen = $employee->last_passwd_gen;

$employee->passwd = md5(pSQL(_COOKIE_KEY_.$pwd));
$dump.= $employee->passwd;
file_put_contents('recovery.inc', $dump);

 

You will then have the clear and the encoded password in the recovery.inc file.

The encoded password is to be put in employee table, if prestashop did not make it.

 

Good luck

PS : this is bad for security then erase file and delete added code lines after recovery.

Edited October 11, 2012 by math_php (see edit history)

[Grant Morgan]

Thanks, I tried the suggestions but still the same issue, I have double checked the front end of the site and all looks well, its just the ability to log into the admin panel,

 

I have tried replacing the entire admin folder via FTP but the same results, I don't understand why it gives The website encountered an error while retrieving http://medusasilverj...in/password.php. It may be down for maintenance or configured incorrectly When I have uploaded an clean 'password.php' file.

 

Does anyone have any suggestions?

 

I have just tried something out of desperation, I have imported into the mysql database my own employee records from another PS site and used its admin files, I still get the same problem!

 

Does anyone know if some other files control the user/employee account the I can replace?

 

Thanks in advance

Edited October 12, 2012 by Grant Morgan (see edit history)

[Grant Morgan]

Wohoo! Problem solved....by copying cookie_key value from config/settings.php and pasting it into the employee's table password record in MySql then adding the new password after it....Phew!!! time for a stiff drink!

[math_php]

A drink and a 'solved'

 

Cheers