Archived Forum

A bit confusing Tom;

I can get in using phpMyAdmin after creating a new user, then copied the PW and Salt, but no luck.

Can you clarify if this worked (I can get in) or didn't (but no luck)

Paul

Hi Paul,

I meant I can run phpMyAdmin and look at the emoncms database and see data accumulating in my tables. So I went to the opening emoncms login screen and registered a new user with the password I want. Then I try to login and it fails.

I also went back to phpMyAdmin, in the users table, copied the password and salt fields from the new user into the original user. Then when I try to login, it still gives me a password error.

Regards,

Tom

Are you using special/localised characters in your password? 
Some changes were made a few days ago - see this commit, to increase system security, which has resulted in special characters in passwords not being modified by the MYSQL update.

If so, can you create a new user using a password with no special characters, and using phpMyAdmin , copy the password & salt to your primary password account.

Paul

I was able to get in by going to a previous version backup I had, created a new user, then went back to the newest version and went in with that new user. Then I copied the original password, api read, api write and salt fields to the new user fields in the users table. Then I deleted the original username and then renamed the new user to the name of the original username (a little crazy, but it worked).

When I got in with the original username, I ran a database check and it said the Salt field had to be changed to 32 characters. Maybe that was the problem? I don't know, but at least I am back to working again.

I am still wondering though if it would be possible to run a emoncms database update/check from the command line, without have to be logged into emoncms?

I posted about the same time as you, but if you check my last post, I think that it is the issue I described.
The recent update increased the DB password field to 250 characters.

You should be able to run a db update from within your local network via http://SERVERIP/emoncms/admin/db?apply=true

Paul

Ok thanks Paul. But, I tried to run the db update from my browser as you noted; it gave me an authentication error (in other words it was telling me I was not logged in). That's why I was wondering if there was a way to do the update from a SSH Putty or MobaXterm command line, or inside MySQL with a query?

What if you add your api key?

http://SERVERIP/emoncms/admin/db?apply=true&apikey=i337eg3e737e3e7etqei

​Paul

I tried with r/w API key, but still get the same message:

Admin re-authentication required

Regards,

Tom

OK Tom, I've already logged this as an issue, enjoy Christmas, and hopefully a developer will be back in touch after the Christmas break.

Paul

Hello Tom, very sorry for the issue with the password login glad to hear you managed to access your account ok in the end.

For anyone else using passwords with special characters I have created a small tool that applies the mysql real escape string modification that has now been removed from emoncms so that its possible to login again:

The tool is here and runs locally in your browser using javascript and so is safe, nothing is sent to a remote server, you can check it for yourself with a test string and the browser's network tab.

http://openenergymonitor.org/tools/realescapestring

Note: The reason for this change is using MySQL real escape string is not best practice, is deprecated and removed from php in v7.0.0. Using prepared statements is recommended instead, which is part of the reason for this change. It also helps ensure the string length is not expanded beyond the maximum limit.

For your second question, To update the database without being logged in, add the line

$updatelogin = true;

to settings.php

Then run:

http://localhost/emoncms/admin/db?apply=true

Thanks Trystan. The update database function works now as you described and my login is fine. 

Best Regards,

Tom