Jump to content

Recommended Posts

Hi there,

I'm developing locally on my laptop and we have a testing server where I deploy via rsynch + running a DB Dump script.

(Exported via MySQLWorkbench)

I've noticed that the admin password becomes invalid every time a DB Dump script is run on the server.

Is this possibly because there's a hash and/or salt stored alongside the password and my local one is not valid on the server?

Are there better practices of synching between my local Processwire and the server instance to prevent the admin password being invalidated?

Share this post


Link to post
Share on other sites

This should normally work ok, but to answer the question, the password salt is in the site/config.php and nowhere else.

Share this post


Link to post
Share on other sites

Perhaps I should resynch the config.php files between the 2 machines and try again.

Thanks for the answer, LostKobrakai

Share this post


Link to post
Share on other sites

I have the same issue after DB syncing, i got it that salt in the config is the issue but as said several times its known that passwords will not work anymore after site migration. As far as i can say its not about the salt because nobody changes the salt for the migration. It wouldnt even be that bad if the user account data wouldnt be in the page table which of course has to be deployed if i add changes to the page. I deploy sometimes 10 times a day at least to staging areas and i am tired of reseting the passwords again and again. Isnt there any way to disable this? If a user changes his password by himself i will never be able to deploy without knowing his password?

Share this post


Link to post
Share on other sites

If the user salt is correctly deployed and your fields_pass table is also correctly moved there should be no problems. The only issue I can imagine is that one of your environments might support blowfish encryption and the other one doesn't, which would result in different hashing behaviors.

A few words about your rant about users being part of the pages table: If you have just about any amount of user-generated / user-changeable content you cannot overwrite the db just with a sql dump. You'll need to go different ways if you need to deploy (possibly automatically) your database changes with a staging/live environment. Therefore it shouldn't matter that much if users are pages as well or not.

  • Like 1

Share this post


Link to post
Share on other sites

The Blowfish encryption is an interesting detail, will check that. Would make sense.

Of course i need to sync in both directions but if it would be a separate table i would simply exclude them. 

Share this post


Link to post
Share on other sites

Migrated my dev environment from MAMP to vagrant box and the issue doesnt happen anymore. So you are right that the reason is an environment detail, in my case of MAMP.

Share this post


Link to post
Share on other sites

I have the same problem with Mamp.

Has someone already a solution to make it work with mamp ?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By Lewis Newson
      Hi All,
      Im working on streamlining my email sending setup for SMTP. I have a page where the user of the website can input the SMTP host, port, connection type email and password etc but the password field has an additional box underneath it for 'Confirming' it as if it were a new password. The placeholder text also says 'New Password' but I want to be able to change that. I just need an input field where they can enter their SMTP password without it being plain text.
      Thanks for your help!
    • By humanafterall
      Hi,
      I would like to set an admin template to 'https only' as recommended in the Processwire security docs.
      However if I do this it forces this setting locally too, resulting in https://localhost requests which result in an error page.
      Is there a simple way round this? Setting https for templates in the config?
      Thanks!
    • By jom
      Chäs & Co is a b2b cheese trader. They love good cheese and are proud of their excellent knowledge und connections to small cheese producers. They maintain a custom made database and used to copy/paste (!) the cheese infos to the former CMS (Contao). Since substituting the database with ProcessWire was no option, they export now the database to a csv file and import it to the new website (expanded version of module ImportPagesCSV).
      From there, the pw magic begins. The staff works with the admin interface: They search and find products in notime using the build-in search field (using cheese names or id. Using ids only possible by adding hook, see this forum thread). They generate price lists easily based on a template, providing checkboxes and option buttons for some restrictions, choose i.e. the cheese origin and price audience (all implemented as page selectors). By saving the page a PDF list gets generated (using mpdf, a php pdf library).
      The visitors can sort and filter the products using a form by shuffle.js. Product details are shown in a popup (fancybox). There's also the option for generating a nice pdf data sheet. No CSS framework being used.
      Other modules used: ProcessJumpLinks, ProcessProMailer, ProcessWireUpgrade.
      Visual design: Nicole Haller


    • By DanielKit
      Hi. I'm currently stuck at the login page in my project. Once I enter my admin username and my password and press login, nothing happens. The page just reloads. However, the URL changes from http://myipaddress/processwire to http://myipaddress/processwire/?login=1. I've checked all of my server settings, and to my knowledge, all seems to be fine there. I don't know where to go from here.. Thanks in advance!
    • By modifiedcontent
      Small annoyance: I get a horizontal scrollbar in UIkit admin area - or actually Admin Theme Boss based on Uikit 3. I tried to fix it with CSS, but had trouble isolating/targeting it and don't want to mess with module or core files. I think this issue has been reported before. Is there a recommended fix? 
×
×
  • Create New...