Page 1 of 1

Changing a password possible issue - not sure

Posted: Sat Feb 17, 2018 11:27 pm
by BlakesHeaven
Hi, One of our site contributors needed their password changing as they could not remember theirs. They thought they knew it and I must say it contained the character, "&"...

Yep I saw the post https://github.com/bludit/bludit/issues/606
For example "&" cannot be used for passwords.
History on this site - installed with the version prior to 2.2.1; this user was set up then. Then the site was upgraded to 2.2.1 (Pepper). All was fine until the user cleared their cookies and lost their "remember me"...

So I tried changing their password to ... well, lots of things, including a simple password; got the "saved" conformation, but kept seeing something flash pash at the top... and could not log in to test the user's account with any of the new passwords.

I eventually captured the flashing message as:
Undefined variable: hash in / *************bl-kernel/dbusers.class.php on line 153
Not sure if this a bug or to do with the user a/c being set up before 2.2.1 and now changing it on 2.2.1;

How I resolved: I resolved it by deleting the user a/c and recreating it with the same username and a password it liked. I tested it ok to log on now.

BTW - Is there an "I've forgotten my password" thing - I'm sure I saw one before so a user can reset their own password, but I can't for the life of me see it now - maybe I'm thinking of another app...

Re: Changing a password possible issue - not sure

Posted: Sun Feb 18, 2018 10:46 am
by diego
Hi,
here is a tool to recovery the password of the admin username.

https://github.com/bludit/password-recovery-tool