I want to create a new user for joomla as Admin in phpmyadmin . How can I create it and grant all privileges to it?
Thanks in advance
You can adjust the values in phpmyadmin with the following query. Please adjust table prefix from jos_ to whatever yours is.
INSERT INTO `jos_users`
(`name`, `username`, `password`, `params`, `registerDate`, `lastvisitDate`, `lastResetTime`)
VALUES ('Administrator2', 'admin2',
'd2064d358136996bd22421584a7cb33e:trd7TvKHx6dMeoMmBVxYmg0vuXEA4199', '', NOW(), NOW(), NOW());
INSERT INTO `jos_user_usergroup_map` (`user_id`,`group_id`)
VALUES (LAST_INSERT_ID(),'8'); <br/>
At this point, you should be able to log into the back end of Joomla! with the username of "admin2" and password of "secret". After logging in, go to the User Manager and change the password to a new secure value and add a valid e-mail address to the account. https://docs.joomla.org/How_do_you_recover_or_reset_your_admin_password
INSERT INTO `yourprefix_users` (`name`, `username`, `password`, `params`)
yourprefix - In configuration.php in Joomla root folder, you can find prefix for your database. In this case it will be public $dbprefix = 'explain_';
VALUES ('Administrator2', 'admin2', 'd2064d358136996bd22421584a7cb33e:trd7TvKHx6dMeoMmBVxYmg0vuXEA4199', '');
Administrator2 - This is name for your new user account.
admin2 - This is nickname / login name for new user.
d2064d358136996bd22421584a7cb33e:trd7TvKHx6dMeoMmBVxYmg0vuXEA4199 -
This is MD5 hash password. Password is: secret
INSERT INTO `yourprefix_user_usergroup_map` (`user_id`,`group_id`)
VALUES (LAST_INSERT_ID(),'8');
Make sure you match your db table prefix!
Here is some hash password if you want to change
- password = "this is the MD5 and salted hashed password"
------------------------------------------------------
- admin = 433903e0a9d6a712e00251e44d29bf87:UJ0b9J5fufL3FKfCc0TLsYJBh2PFULvT
- secret = d2064d358136996bd22421584a7cb33e:trd7TvKHx6dMeoMmBVxYmg0vuXEA4199
- OU812 = 5e3128b27a2c1f8eb53689f511c4ca9e:J584KAEv9d8VKwRGhb8ve7GdKoG7isMm
Warning: The password values shown on this page are public knowledge
and are only for recovery. Your site may be hacked if you do not
change the password to a secure value after logging in. Be sure you
change the password to a secure value after logging in.
Full code for explain is here:
INSERT INTO `yourprefix_users`
(`name`, `username`, `password`, `params`)
VALUES ('Administrator2', 'admin2',
'd2064d358136996bd22421584a7cb33e:trd7TvKHx6dMeoMmBVxYmg0vuXEA4199', '');
INSERT INTO `yourprefix_user_usergroup_map` (`user_id`,`group_id`)
VALUES (LAST_INSERT_ID(),'8');
Related
I used Laravel 5 version with Sentinel package for authentication. I followed this instruction
Registration works fine. but login not return anything.
$credentials = [
"email" => 'test#gmail.com',
"password" => 'password'
];
$user = Sentinel::authenticate($credentials);
print_r($user);
exit;
$user returns empty even I given correct email & password.
(eg: Data)
Users table has the following data
Email Password
test#gmail.com $2y$10$Wu2dY8zQNJPBR
Anyone direct me, how do I debug this issue to fix it? or any useful ideas. Thanks in advance.
I finally fix this issue. Sometime we can not find the small problem :)
The problem is password length which was changed by me 20 characters. But sentinel encrypting the password before storing to db table. this encrypted length is more than 20 characters.
Partial password only stored in the DB. that's why Login was not working.
I changed the following line in migration
$table->string('password', 20);
to
$table->string('password');
So now the password length should be 255 character which is VARCHAR default length.
On my users table I have a 128 char 'hashed_password' field. In my User_model I have functions to encrypt and decrypt the password. When encrypting I randomly generate a salt and it gets stored in the first 64 chars of hashed_password field. The hashed pw result gets stored in the last 64 chars. When decrypting I do the reverse.
As I guess is almost universal, there is never a plaintext password to display.
So, when my users (through grocery_CRUD) are adding/editing a user I thought it was possible to include fake fields: "password" and "passconf" to the add & edit forms with the following:
$crud->fields('username', ... <other fields> ... 'password', 'passconf');
Just to be crystal clear - the "password" and "passconf" fields DO NOT exist on my users table. I just want my users to input the new password there then deal with it in my own way.
But it doesn't work. By that I mean the add/edit form renders with the two fake fields correctly (validation below works correctly) but if I try to update any other user information then 'Update Changes', that action fails with "Loading" graphic spinning briefly but not updating the database.
I have tried replicating this on a VERY simply grocery_CRUD form with no other complexity and get the same behaviour: the form renders correctly but will not update the db.
Is it even possible to use fake fields? Am I missing something?
Is grocery_CRUD trying to do something with these fields behind the scenes that is causing the db update to fail?
I had then hoped to do the following:
$crud->set_rules('password', 'Password', 'callback_valid_password');
$crud->set_rules('passconf', 'Password Confirmation', 'matches[password]');
$crud->callback_before_insert(array($this,'encrypt_password_callback'));
$crud->callback_before_update(array($this,'encrypt_password_callback'));
function encrypt_password_callback($post_array, $primary_key = null){
if ($post_array['password'] <> '') {
$this->User_model->set_password($post_array['username'], $post_array['password']);
}
}
function valid_password($str) {
//do some pw validation
return TRUE;
}
I have solved this problem using insert and update callbacks then encrypting the password then unset(ing) the offending 'password' & 'passconf' fields before the insert or update db call.
I'm using Tank Auth for my website.
I've searched for a function that would check if user has entered a valid password, when he tries to update his profile.
I don't understand how to hash password from user input that would match one in database.
Here's my controllers code:
$password = $this->input->post('password');
$hasher = new PasswordHash(
$this->config->item('phpass_hash_strength', 'tank_auth'),
$this->config->item('phpass_hash_portable', 'tank_auth')
);
$hashed_password = $hasher->HashPassword($password);
$hashed_password gives me different hash each time
I dont think that i should enable phpass_hash_portable
Any advices?
You need to use the CheckPassword module of the Tank Auth instead of hashing it by using the PasswordHash of the phpass.
You can check your password by using this function:
$hasher->CheckPassword(password which has to be checked,password from database).
instead of encrypting yourself.
Note: password which has to be checked => is raw data
password from database => password from database.
Is there any way I can access the admin account of a website built in Joomla,if I dont have the password for the admin account.I do have all the privileges on the server. Please let me know your suggestions and opinions.
The password is stored in the MySQL database jos_users table password field. (change this for your table prefix if different)
Use a MySQL utility such as phpMyAdmin or MySQL Query Browser to edit this field.
Open the table, find your admin username, and then select that row for editing.
The password must be hashed (MD5), you cannot simply enter text into this field.
Set the password to a known value eg:
- admin = 21232f297a57a5a743894a0e4a801fc3
Source: http://forum.joomla.org/viewtopic.php?t=10985
The admin password you can find it in {DB_PREFIX}_users, the password is hashed (MD5) ...
Well it's a little more complicated than that, the hash is formed like {hashedpassword}:{hashedsalt}, the hashedpassword is formed by md5(password.hashedsalt) ...
so you can make a little script to echo a new password ...
<?php
$psw = 'hashedpassword:hashedsalt'; // you copy the entry from the db here
$newpassword = 'newpassword'; // your new password
list($hashedpassword, $hashedsalt) = explode(":", $psw);
$newpsw = md5($newpassword.$hashedsalt);
$output = $newpsw.":".$hashedsalt;
echo $output; // this is what you put in the db
?>
I'm trying to query Facebook with the PHP Library and what I've read it shouldn't required a session key, or rather it shouldn't require one for my case, but my code below gives me the following error: "Session key invalid or no longer valid".
http://wiki.developers.facebook.com/index.php/Fql.query
"For example, querying the user table is like calling users.getInfo without a session key -- you can query only on a few fields."
$fb = new Facebook(FACEBOOK_KEY, FACEBOOK_SECRET);
$query = "SELECT uid,
name,
sex,
pic_square,
profile_url
FROM user WHERE name = 'some name' OR username = 'some name'";
$result = $fb->api_client->fql_query($query);
Any ideas?
/Thanks
I think that policy has changed and you cannot query user table without session.
You can try to query standard_user_info table. Think it doesn't need session.