Thread:Project:Support desk/Problems resetting password via e-mail reset (2)

Howdy,

I inherited a wikips.tamu.edu, a mediawiki site that was running version 1.6. Users could only access the site when they used the "forgotten your login details" link to generate a temporary password, login with the temp password, enter a new password and then are logged in to the Wiki. However, once users logout, they can not login again with the new password they set, or the emailed password either. the error is "incorrect password entered"

I have updated the site to MediaWiki 1.20.5 and did not update PHP 5.4.7 (apache2handler) or MySQL 5.5.27 and the password problem followed along. We are running XAMPP on Windows 2008R2.

The database is updated and new users can be created, everything is working fine except for this password issue. I have tried manually changing passwords using php.

php changePassword.php --user=example --password=newpassword

and using sql both Salted UPDATE `user` SET user_password = CONCAT(':B:somesalt:', MD5(CONCAT('somesalt-', MD5('somepass')))) WHERE user_name = 'someuser'; and unsalted UPDATE `user` SET user_password = CONCAT(':A:', MD5('somepass')) WHERE user_name = 'someuser';

disabled and enabled password salting in the localsettings.php file.

If I use the user_newpassword field instead of the user_password field in the sql requests, I can login once with the password set with sql, but it makes me change my password and I can' login again.

This issue applies to both new users added after the 1.2 update and existing users before the 1.2 update. here is the localsettings.php <?php


 * 1) This file was automatically generated by the MediaWiki installer.
 * 2) If you make manual changes, please keep track in case you need to
 * 3) recreate them later.
 * 4) See includes/DefaultSettings.php for all configurable settings
 * 5) and their default values, but don't forget to make changes in _this_
 * 6) file, not there.
 * 7) Further documentation for configuration settings may be found at:
 * 8) http://www.mediawiki.org/wiki/Manual:Configuration_settings
 * 1) Further documentation for configuration settings may be found at:
 * 2) http://www.mediawiki.org/wiki/Manual:Configuration_settings

if( defined( 'MW_INSTALL_PATH' ) ) { $IP = MW_INSTALL_PATH; } else { $IP = dirname( __FILE__ ); }
 * 1) If you customize your file layout, set $IP to the directory that contains
 * 2) the other MediaWiki files. It will be used as a base to locate files.

$path = array( $IP, "$IP/includes", "$IP/languages" ); set_include_path( implode( PATH_SEPARATOR, $path ) . PATH_SEPARATOR . get_include_path );

require_once( "$IP/includes/DefaultSettings.php" );

require_once("$IP/extensions/ConfirmAccount/ConfirmAccount.php");
 * 1) added for admin approval before accounts created

require_once("$IP/extensions/ApprovedRevs/ApprovedRevs.php");
 * 1) added for ApproveRevs extenion

if ( $wgCommandLineMode ) { if ( isset( $_SERVER ) && array_key_exists( 'REQUEST_METHOD', $_SERVER ) ) { die( "This script must be run from the command line\n" ); } }
 * 1) Uncomment this to disable output compression
 * 2) $wgDisableOutputCompression = true;

$wgSitename        = "ProcessSafetyWiki";

$wgScriptPath      = ""; $wgScriptExtension = ".php5"; $wgStylePath       = "$wgScriptPath/skins";
 * 1) The URL base path to the directory containing the wiki;
 * 2) defaults for all runtime URL paths are based off of this.
 * 3) For more information on customizing the URLs please see:
 * 4) http://www.mediawiki.org/wiki/Manual:Short_URL
 * 1) The relative URL path to the skins directory

$wgLogo            = "http://wikips.tamu.edu/images/psclogo.JPG";
 * 1) The relative URL path to the logo.  Make sure you change this from the default,
 * 2) or else you'll overwrite your logo when you upgrade!


 * 1) UPO means: this is also a user preference option

$wgEnableEmail     = true; $wgEnableUserEmail = true; # UPO

$wgEmergencyContact = "webmaster@psc.che.tamu.edu"; $wgPasswordSender = "webmaster@psc.che.tamu.edu";

$wgEnotifUserTalk = true; # UPO $wgEnotifWatchlist = true; # UPO $wgEmailAuthentication = true;

$wgDBtype          = "mysql"; $wgDBserver        = "localhost"; $wgDBname          = "XXXXXXX"; $wgDBuser          = "XXXXXXX"; $wgDBpassword      = "XXXXXXX";
 * 1) Database settings

$wgDBprefix        = "mw_";
 * 1) MySQL specific settings

$wgDBTableOptions  = "ENGINE=InnoDB, DEFAULT CHARSET=binary";
 * 1) MySQL table options to use during installation or update

$wgDBmysql5 = true;
 * 1) Experimental charset support for MySQL 4.1/5.0.

$wgMainCacheType = CACHE_NONE; $wgMemCachedServers = array;
 * 1) Shared memory settings

$wgEnableUploads      = true;
 * 1) To enable image uploads, make sure the 'images' directory
 * 2) is writable, then set this to true:
 * 1) $wgUseImageMagick = true;
 * 2) $wgImageMagickConvertCommand = "/usr/bin/convert";

$wgShellLocale = "en_US.utf8";
 * 1) If you use ImageMagick (or any other shell command) on a
 * 2) Linux server, this will need to be set to the name of an
 * 3) available UTF-8 locale


 * 1) If you want to use image uploads under safe mode,
 * 2) create the directories images/archive, images/thumb and
 * 3) images/temp, and make them all writable. Then uncomment
 * 4) this, if it's not already uncommented:
 * 5) $wgHashedUploadDirectory = false;

$wgUseTeX          = false;
 * 1) If you have the appropriate support software installed
 * 2) you can enable inline LaTeX equations:


 * 1) Set $wgCacheDirectory to a writable directory on the web server
 * 2) to make your wiki go slightly faster. The directory should not
 * 3) be publically accessible from the web.
 * 4) $wgCacheDirectory = "$IP/cache";

$wgLocalInterwiki  = strtolower( $wgSitename );

$wgLanguageCode = "en";

$wgSecretKey = "d19ead04a5b64a61c2e9a371b7907d12b04871f1919d08786e867ee305164cc1";

$wgDefaultSkin = 'monobook';
 * 1) Default skin: you can change the default skin. Use the internal symbolic
 * 2) names, ie 'vector', 'monobook':

$wgEnableCreativeCommonsRdf = true; $wgRightsPage = ""; # Set to the title of a wiki page that describes your license/copyright $wgRightsUrl = "http://creativecommons.org/licenses/by-nc-sa/3.0/"; $wgRightsText = "Attribution-NonCommercial-ShareAlike 3.0 Unported"; $wgRightsIcon = "http://i.creativecommons.org/l/by-nc-sa/3.0/88x31.png";
 * 1) For attaching licensing metadata to pages, and displaying an
 * 2) appropriate copyright notice / icon. GNU Free Documentation
 * 3) License and Creative Commons licenses are supported so far.
 * 1) $wgRightsCode = "[license_code]"; # Not yet used

$wgDiff3 = "/usr/bin/diff3";

$wgCacheEpoch = max( $wgCacheEpoch, gmdate( 'YmdHis', @filemtime( __FILE__ ) ) );
 * 1) When you make changes to this configuration file, this will make
 * 2) sure that cached pages are cleared.


 * 1) require_once("$IP/extensions/FCKeditor/FCKeditor.php");
 * 2) $wgFCKEditorToolbarSet   = "Default";

$wgGroupPermissions['*']['read']            = false; $wgGroupPermissions['*']['edit']            = false; $wgGroupPermissions['*']['edit']            = false; $wgGroupPermissions['*']['createpage']      = false; $wgGroupPermissions['*']['createtalk']      = false; $wgGroupPermissions['*']['writeapi']        = false; $wgWhitelistRead = array ("Special:Userlogin", "Special:RequestAccount", "ProcessSafetyWiki:Terms_of_Service", "Help:Contents");

require_once("extensions/table-tab.php"); require_once("extensions/def-tab.php");

$wgFileExtensions = array_merge( $wgFileExtensions, array( 'pdf' ) );

//require_once( "$IP/extensions/WikiEditor/WikiEditor.php" );

require_once("$IP/extensions/WYSIWYG/WYSIWYG.php");

//require_once("$IP/extensions/MobileSkin/MobileSkin.php");
 * 1) Register the MobileSkin extension

if (preg_match("/(mobile|webos|opera mini)/i", $_SERVER['HTTP_USER_AGENT'])) { $wgDefaultSkin = 'wptouch'; } else { $wgDefaultSkin = 'monobook'; }
 * 1) Default skin: you can change the default skin. Use the internal symbolic
 * 2) names, ie 'vector', 'monobook':

Any ideas how to fix this issue without starting over from scratch?

Thanks

Jeff

Jeff Polasek