OJS OCS OMP OHS

You are viewing the PKP Support Forum | PKP Home Wiki



Resetting admin password without email?

Are you responsible for making OJS work -- installing, upgrading, migrating or troubleshooting? Do you think you've found a bug? Post in this forum.

Moderators: jmacgreg, btbell, michael, bdgregg, barbarah, asmecher

Forum rules
What to do if you have a technical problem with OJS:

1. Search the forum. You can do this from the Advanced Search Page or from our Google Custom Search, which will search the entire PKP site. If you are encountering an error, we especially recommend searching the forum for said error.

2. Check the FAQ to see if your question or error has already been resolved.

3. Post a question, but please, only after trying the above two solutions. If it's a workflow or usability question you should probably post to the OJS Editorial Support and Discussion subforum; if you have a development question, try the OJS Development subforum.

Resetting admin password without email?

Postby sourjya » Thu Jan 10, 2013 2:30 am

Hello,
I've got a test setup for which I've lost the admin password. I have access to the database and I can see the password hash. Since this is on a local setup the email based password recovery isn't working either. How can I reset the admin password? Can I generate a new SHA1 hash of a password and replace the password hash in the DB with it? What routine is used to generate he password hash?

Thanks,
Sourjya
sourjya
 
Posts: 2
Joined: Thu Jan 10, 2013 2:26 am

Re: Resetting admin password without email?

Postby bdgregg » Thu Jan 10, 2013 7:50 am

Sourjya,

I've found a slightly older document here http://pkp.sfu.ca/files/docs/quickreference/quickreference.pdf that may be of some assistance. Please look at page 38 of the PDF where it talks about how to reset passwords directly with the database. The following steps will require you to have direct access to the database.

I will recap what it says here as well for those that have lost/forgotten the admin password. There is also another thread that discusses this found here that is similar but is not so straight forward: http://pkp.sfu.ca/support/forum/viewtopic.php?f=8&t=6582&start=0

Common Database Tasks
It is possible to perform most tasks that will be needed for a successful conference or journal without
needing to access the database directly. However, it may occasionally be necessary to fetch information
from the database. See the “Database Access” section above for information on executing SQL
statements; alternately, use a graphical interface such as PhpMyAdmin. (SQL statements can be
executed in PhpMyAdmin by clicking the “SQL” icon.)

Determining a User ID
A user ID can be fetched from the database using one of the following SQL statements:

If you have an email address for the user (e.g. pkpsupport@sfu.ca):
Code: Select all
SELECT user_id FROM users WHERE email = 'pkp-support@sfu.ca';

If you have a username (e.g. admin):
Code: Select all
SELECT user_id FROM users WHERE username = 'admin';

Note that normally the admin user has a user_id of '1'.


Password Reset
To reset as user's password, follow these steps:

1. Determine the user ID (see above).

2. Determine the password encryption method. See the encryption setting in the [security]
section of the config.inc.php configuration file. This will be sha1 or md5.

3. Execute the following SQL to reset the password. For example, for user ID 15 with
md5 encryption, to reset the password to “newPasswordHere”:

Code: Select all
UPDATE users SET password=MD5(CONCAT(username, 'newPasswordHere'))
WHERE user_id = 15;


If your configuration indicated sha1 then to reset the password to "newPasswordHere":
Code: Select all
UPDATE users SET password=SHA1(CONCAT(username, 'newPasswordHere'))
WHERE user_id = 15;


To reset the admin password where the user_id for the admin account is '1' and the encryption is SHA1:
Code: Select all
UPDATE users SET password=SHA1(CONCAT(username, 'newPasswordHere')) WHERE user_id = 1;



I hope this helps.
bdgregg
 
Posts: 117
Joined: Wed Sep 15, 2004 8:21 am
Location: University of Pittsburgh

Re: Resetting admin password without email?

Postby sourjya » Thu Jan 10, 2013 6:32 pm

Brian - THANK YOU VERY MUCH! That worked perfectly. My hash was set to SHA1 and earlier I had tried to set the value in the DB as SHA1('password'). It's the CONCAT part with the username that I missed out on.

Sincere Thanks for such an all-comprehensive reply.

Regards,
Sourjya
sourjya
 
Posts: 2
Joined: Thu Jan 10, 2013 2:26 am


Return to OJS Technical Support

Who is online

Users browsing this forum: Yahoo [Bot] and 3 guests