I suspect in rerunning the installer you overlooked this note regarding the password salt used to encrypt user passwords:
This is a random value used to encrypt user passwords. You should not need to modify this value. However, if you are using this form to modify an existing OJS installation, you must enter the same value for your current password salt here or any existing users will be unable to log in after you submit this form.
If the password salt has been changed and you do not have a backup of the database from which to retrieve the previous value, the passwords currently in the database are now essentially gibberish (and likely not ASCII, as you observed when trying to retrieve the password via the "lost password" function).
It is an oversight on our part that the passwords of authors/readers cannot be reset from the administration interface (unless they are also registered in another role).
The only way to fix this would be to manually reset the password for those users in the database. For example, like this:
- Code: Select all
SELECT chPasswordSalt FROM tbljournalconfig;
(note the value returned by this query)
UPDATE tblusers SET password = encode('NEW_PASSWORD', 'THE_PASSWORD_SALT') WHERE chUsername = 'SOME_USER';
Understandably, this is a bit awkward; this will likely not be an issue in the next major version of OJS as we are using a different scheme for storing user passwords (one-way MD5 encryption).
I would advise against deleting authors, as they will become disassociated from any articles they have submitted (unless you manually make changes to the database to reestablish the links).