Jump to content

I cannot log into the Admin section of Cubecart


Neil_Armstrong

Recommended Posts

Cubecart has worked for the last two weeks faultlessly. Ive started to stock it. 
www.curlywhiskers.com

I'm using the latest version of Cubecart. 

I have used Internet Explorer and UC Browser. 

I log in using the www.mystorename.com/store-folder/admin_875cv8974 etc .

It results in saying "invalid username  or Password."

SO.... clicking the FORGOT YOUR PASSWORD link it says, after Ive put in my email and Username,  "Incorrect details, please try again." 

BUT going into the SQL database and into  xxxx_CubeCart_admin_users I have reset the password to one I want (setting the MD5 drop down left of where I type in my words and numbers) and see my username as Admin.  Cool! SO lets go forward. 

Using Admin as the original username and my chosen password I STILL cannot either login to the admin section OR get the login system to recognise me. 

I back process the MD5 hash of my password just to get nittygritty perfect. It IS PERFECT> No problems there. 

I am empty of ideas this far forwards. 

The DB says my username is Admin. 
I see the password. 
It doesnt work. 

Sniffle.  :(

Does it matter that I've upgraded my server to PHPv7.2?  From within the actual Heartinternet (my Host account) Server control panel?  

Link to comment
Share on other sites

As yet, I find no reason why PHP 7.2 would prevent a log-in.

As for manually editing the password field in the CubeCart_admin_users table -- CC3 did a simple MD5 (32 characters), CC4 added a random salt to a simple mix, and CC5/6 really salted the heck out of it. To convince CC6 that you have a valid CC3 user/pass, the salt field must be null (possibly blank will do), and the new_password field must be zero(0). (Also, the verify field should be empty.)

That said, make sure the username and email values are what you expect. Did you get the new password verification email?

Then, visit the CubeCart_blocker table and delete all rows.

Don't use Admin as an original username. CubeCart never went that route. (Unless you intentionally set the username value to Admin.)

Lastly, admin_875cv8974, is that the admin folder name or the admin script name? If the script, then it needs a .php at the end of it.

 

Link to comment
Share on other sites

Hi Smither.... thanks for the reply and new results. 

So, with your help this is what I did. 
1 ) I changed the username to suit me from "Admin" to another name.
2 ) I deleted the SALT field to nothing. No Null no Zero. Nothing. Blank. 
3 ) I deleted the VERIFY field to nothing/blank.  
4 ) I changed the Password again to a new one and then set the drop-down to MD5 
then saved all this. 

Then logged in again using... 
the new Username.
The new Password as per chosen new one.

I am in.  🙂  
This was a real heacache and why would I suffer this?

 
So, what implications can I expect without a SALT or VERIFY field? 

Oh and regarding the admin I used the admin_i8hf589734.php else I would not have seen the login window.

 

Link to comment
Share on other sites

CubeCart determined from the empty salt and new_password is zero fields that this must be a CC3 password. Afterwards, CubeCart added a salt, created a new hashed value for the password field, and set the new_password field to one (1).

(The verify field comes into play when one has asked CubeCart to do its "Forgot Password" feature.)

I have no information as to why there was a problem with the first log-in attempt.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...