Community Forums

ATutor Support

Cannot login after upgrade to 1.6.1


You must be signed-in to post.

AuthorSubject
 
Page: 1
joecarr
Subject: Cannot login after upgrade to 1.6.1Quote this post in your reply
After upgrading to 1.6.1, I cannot login with any account (admin or not). When I try to create a new account, I apparently have to have a pin (which I do not recall setting up in the past).

When I debug the code in the login.php script, I see the encrypted password changes and subsequently does not match the encrypted password stored in the database.

For example, I cleared out the admin password and encrypted a blank password with SHA1. When I look at the value for the password that is queried, it changes.

The following are all blank password values that were generated by the login.php script when I attempted to login:

ec531bd3a34201befa6a88e0e8c08e919fa1eb14

ef40834bbb8bcd36cffef61240491895fef557b2

530bf138e8512976ddacca1546b5cfa4c0c1829c

09464b367c345a53f056413398fa61eb1a765b83


This is an example of the SQL generated to check the admin table for my admin account with a blank password:

SELECT login, `privileges`, language FROM AT_admins WHERE login='admin' AND password='09464b367c345a53f056413398fa61eb1a765b83' AND `privileges`>0

How can I successfully login if the encrypted values of the password keep changing? Can I turn the encryption off?

Thanks in advance for your help!
Posted: 2008-08-22 17:35:51
joecarr
Subject: Re: Cannot login after upgrade to 1.6.1Quote this post in your reply
I was able to turn off the master list and email verification in the database.

I still have the same problem...with the new users that I have created, the encrypted password that is used to query the member table does not match what is there (yes...I am sure that I am typing the right password).

Thanks in advance for your help!

In reply to:
After upgrading to 1.6.1, I cannot login with any account (admin or not). When I try to create a new account, I apparently have to have a pin (which I do not recall setting up in the past).

When I...

Posted: 2008-08-22 17:56:05
cindy

Avatar for cindy
Subject: Re: Cannot login after upgrade to 1.6.1Quote this post in your reply
Hi,

Thanks for report.

A few questions:

1. which theme are you using? Is it ATutor default theme?
2. Is the SQL in your first thread generated from original 1.6.1 login.php? Or from your modified code?

The original 1.6.1 login.php should generate SQL like this for admin login:

SELECT login, `privileges`, language FROM AT_admins WHERE login='admin' AND SHA1(CONCAT(password, '9b263a9d3423285a8dd37388f99aea1e28ede99e'))='a5787d27f542659675251bdf2a377a3a850030d9' AND `privileges`>0;

Can you attach the listed files from your ATutor 1.6.1, (the paths are relative to ATutor_root):
login.php
sha-1factory.js
themes/default/login.tmpl.php (if you are using ATutor default theme, otherwise, path "default" should be the theme folder that's in use)

Thanks.
Posted: 2008-08-25 09:35:56
joecarr
atutor161diag.zip
Subject: Re: Cannot login after upgrade to 1.6.1Quote this post in your reply
I am usin the stock login.php (short of my debugging code to see what was going on). I am also using the default theme. I will attache the files.

I will also try doing a fresh install and copying the files you mention to the install in question. Thanks!

In reply to:
Hi,

Thanks for report.

A few questions:

1. which theme are you using? Is it ATutor default theme?
2. Is the SQL in your first thread generated from original 1.6.1 login.php? Or from your mod...

Posted: 2008-08-25 17:10:31
IndieRect

Avatar for IndieRect
Subject: Re: Cannot login after upgrade to 1.6.1Quote this post in your reply
Cindy, the SQL query you've written is not from the original 1.6.1 but from my patch 0007.

I guess the error might be caused by partially failed patching with 0007. Looks like the JavaScript part has been patched, but SQL hasn't.

Did you install patch 0007, Joe?
Posted: 2008-08-26 03:30:56
cindy

Avatar for cindy
Subject: Re: Cannot login after upgrade to 1.6.1Quote this post in your reply
Thanks for correcting me, Indie. You are right, I was looking at the login.php after patch instead of the original one.

Joe, the problem is in themes/default/login.tmpl.php, Line 10. This line in the 1.6.1 original one should be:

document.form.form_password_hidden.value = hex_sha1(document.form.form_password.value);

What you have is after installing patch 0007. This patch also updates login.php but somehow your login.php is not updated accordingly, still the 1.6.1 original one.

I wonder how this could happen even if you did install patch 0007. Patcher prevents you proceed with installation as long as there's files need to be updated but patcher doesn't have permission to write.
Posted: 2008-08-26 09:02:49
IndieRect

Avatar for IndieRect
Subject: Re: Cannot login after upgrade to 1.6.1Quote this post in your reply
I suspected that. The reason might be imperfect handling of any customization in relevant parts of the code, as per www.atutor.ca/atutor/mantis/view.php?id=3541 .
Posted: 2008-08-26 13:39:36
joecarr
Subject: Re: Cannot login after upgrade to 1.6.1Quote this post in your reply
Thanks for the info...I did not install patch 0007...how can I get it?
Posted: 2008-09-02 11:34:35
cindy

Avatar for cindy
Subject: Re: Cannot login after upgrade to 1.6.1Quote this post in your reply
Which 1.6.1 zip file you downloaded? ATutor-1.6.1_pl1.tar.gz?
Posted: 2008-09-02 11:40:28
joecarr
Subject: Re: Cannot login after upgrade to 1.6.1Quote this post in your reply
Yes...pl1
Posted: 2008-09-02 11:48:44
IndieRect

Avatar for IndieRect
Subject: Re: Cannot login after upgrade to 1.6.1Quote this post in your reply
Could you please log in as an admin and go to the Patcher tab. There you should see patch 0007. What does it Status read?

I didn't see the code of your login.php file but the SQL query you've posted looks like it must have something to do with that patch.
Posted: 2008-09-02 12:01:58
harris

Avatar for harris
Subject: Re: Cannot login after upgrade to 1.6.1Quote this post in your reply
Do you have any other admins in your system that might had run the patch?

Edited:
Also check under your themes/default/ folder and see if you can find any *.old files?
ie. login.tmpl.php.0007.old
Posted: 2008-09-02 12:12:00
 
Page: 1

You must be signed-in to post.

Related Articles