List Info

Thread: User Authentication
User Authentication
user name
 2006-08-09 12:39:09 

  


  

    With the new version of campsite, Ive had trouble with users logging into the system.

Once a user tries to log in, the server informs them that the security has been upgraded, and they need to log in again. It never authenticates them however. The only workaround I've found is to log in once, then go directly to the database, and change the password field in the users table for that particular user to:


PASSWORD('old_password')

...and that seems to work.

Any suggestions?

Chris


  

  
  
   
     
    

  

    User Authentication
  


  

     user name

     2006-08-09 14:11:21
  


  

    

  


  

    What do you mean by "it never authenticates them"?  Do you mean that they cant log in?

What should happen is this:
1) user logs in with old password
2) user prompted to enter their password again to upgrade it

3) user is logged in

- Paul


On 8/9/06, Christopher Palermo <wayuga.com">cpalermowayuga.com> wrote:

With the new version of campsite, Ive had trouble with users logging into the system.


Once a user tries to log in, the server informs them that the security has been upgraded, and they need to log in again. It never authenticates them however. The only workaround I've found is to log in once, then go directly to the database, and change the password field in the users table for that particular user to:


PASSWORD('old_password')

...and that seems to work.

Any suggestions?

Chris






  

  
  
   
     
    

  

    User Authentication
  


  

     user name

     2006-08-09 14:24:02
  


  

    
As far as I am familiar with the probelm, there are several
configuratons you use and on the versions of applications
you run
campsite on.

1) At certain point in past there was an issue, where
database field for
pasword was too short to keep the authentification string.
Untill it was
expanded, it cuts off the string and damaged the passwords

2) After expansions we had some probems with mysql versions,
because
password function in MySQL changed between versions and such
an upgrade
affected campsite passwords
therefore Passwords are encripted by sha() function instead
of
Password()

3) It happens all the time that at certain point simply
upgrade causes
all old passwords to be invalid and the reasons are so
various, that my
suggestion was to create reset_password dialog which should
be aviable
through login_failed dialog and which should generate new
password, set
it to database and send it to user to his registered email.

I believe this feature would stop all talks about passwords.
If it does
not work, reset it. If reset did not work, simply let
developers know.

I would also ask everyone reporting bug or asking for an
advice to
specify your system. tell us, what is the latest upgrade
(which version
to what version), what MySQL version you use and if you
upgraded it
during time, what PHP version you use...

Ondra

On Wed, 2006-08-09 at 15:11 +0100, Paul Baranowski wrote:
> What do you mean by "it never authenticates
them"?  Do you mean that
> they cant log in?
> 
> What should happen is this:
> 1) user logs in with old password
> 2) user prompted to enter their password again to
upgrade it 
> 3) user is logged in
> 
> - Paul
> 
> 
> On 8/9/06, Christopher Palermo <cpalermowayuga.com> wrote: 
>         With the new version of campsite, Ive had
trouble with users
>         logging into the system.
>         
>         Once a user tries to log in, the server informs
them that the
>         security has been upgraded, and they need to
log in again. It
>         never authenticates them however. The only
workaround I've
>         found is to log in once, then go directly to
the database, and
>         change the password field in the users table
for that
>         particular user to: 
>         
>         PASSWORD('old_password')
>         
>         ...and that seems to work.
>         
>         Any suggestions?
>         
>         Chris
>         
> 



  


  

    
  

  
  
   
     
    

  

    User Authentication
  


  

     user name

     2006-08-09 14:30:31
  


  

    

  


  

    Ondra-

Yes, this was the problem.


1) At certain point in past there was an issue, where database field for

pasword was too short to keep the authentification string. Untill it was
expanded, it cuts off the string and damaged the passwords




I've increased the size of the password field to 64, and now it works fine.


Thank you both.

Chris


  

  
  
   
     
    






 [1-4]











   
 





about | contact  Other archives ( Real Estate discussion Medical topics )