phpBB login issues

apps

#1

Hi,

I would like to be able to ‘administer’ my forum, but the email address associated with it is not longer active (I changed ISPs), and I don’t remember the user name or password since I have to ‘administer’ the forum so infrequently.

Is there another way for me to access the forum admin area? Is there a way I can reset the password that WON’T be sent to my now inactive email addy? Or can I create a new login that I can then use to ‘administer’ the site? I tried that, but I previously set up the forum where all accounts had to be approved by me at the email addy I no longer have.

I know, I’m a genius… :o(

Can someone help?

TIA


#2

Well there are a couple of ways that come to mind to get you squared away that require you editing the database directly using PhpMyAdmin.

Have you ever used PhpMyAdmin before? I’m only asking because that will dictate how “detailed” my instructions need to be :wink: .

–rlparker


#3

No, sir. I haven’t. I do know how to access it though. I fished around there for a few moments to see if I could figure it out on my own, but, alas…no luck.

Can you help?


#4

That’s good enough! As long as you know how to get to the appropriate database via PhpMyAdmin, you will be back in business in no time!

The trick is to directly modify the record (“row”) in the database for your admin user so that you can get “back in”. You can either do that by modifying that user’s password (to something you now know) or by just changing the email address associated with that user from the one in there now (that you apparently no longer have) to one that you do have current access to so you can use the “Forgot Password” function from the login screen.

Either way will work. Below, I’ll show you how this is done. Don’t get discouraged at what looks like a lot of steps (text). I’ve tried to be “thorough” in my explanation of what is happening but it is really easier to do than it is to explain. As is the case with any such instructions, I suggest you read through it all first, so you get an idea of what is going to happen, and then work through the “steps”… The whole thing will likely take you less than 5 minutes. :slight_smile:

Changing the password directly:

1.) Go to your phpbb database via PhpMyAdmin (since you already know how to do that, we don’t have to go into detailed instruction on how to access that database - woo hoo!)

  1. In the left frame of the PhpMyAdmin screen you will see a list of tables that are in that data base. These are what contains the actual “rows” (records) and “columns” (fields) of data phpBB uses to manage the application - You need to work on the table that stores the user data. The default table name for this table if using a “one-click install” (and if you didn’t modify the “prefix” when you “finished” the install) is “phpbb_users”. If you did change the “prefix”, that prefix will be there instead of the “phpbb_” part of the table name. These names are all “links”. Just find that “phpbb_users” link (or it’s differently prefixed equivalent in your install) and “click” it.

  2. The right frame of the phpbb screen will now change to show you the structure (layout) of that table, and present you with options across the top of the frame. You click “Browse”.

  3. Now you will see a list of records, one to a row, of the users on your phpbb installation. Usually your “admin” user is listed as “user_id” 2 (you should have “Anonymous” as user_id number -1). Locate the user for which you wish to recover/reset the password, and click the little “pencil” icon immediately to the left of the “X” and the “user_id” on the row that represents that user (you can confirm that you have the right one by looking at the “username” field). Alternately, or if at some point you want to “edit” more than one record, you can click the checkbox on the row for the user id for which you want to recover/reset the password, and the checkboxes for any other “records” (rows) you want to edit, and look at the bottom of the screen immediately following the last “user” row displayed. See the “Check All / Uncheck All With selected:” text followed by little icons - a pencil, and “X”, and a “grid”. Click the “pencil”.

  4. Either way, you will now be taken to a screen where you can “edit” the data in the record(s) you indicated (by clicking the “pencil”, or checked, etc). Look in the field named “user_password”, and you will see a long string of characters set as the “value”. YOU CANNOT SIMPLY CHANGE THIS TO A NEW PASSWORD, because that value is derived by MySQL applying an MD5 hash to the password’s “plain text” text string. So, to get around this issue, you can set the “pull down” selection box under the “function” column for that record to “MD5” and then change the “value” field to “plaintext” of what you want to be the “new” password.

  5. Once you have done this, just submit that form by hitting the “go” button at the bottom of the page, and you are done!

This will cause the new value to be run through an MD5 hash (which is phpbb security feature) and be stored in that user’s record. Now when you try to login with that user name, use the new plaintext password you entered into the “value” field in step five and, ta dah!, you are back in. :wink:

Changing the email address, so you can use the “Recover Password” option:

This is often desirable if one of your users ends up in a similar situation and you don’t want to “assign” them a password which you would then have to pass “in the clear” via email. Just reset the email address for the user to one they now have access to, and they can handle their password recovery/reset themselves. :wink:

  1. Steps 1-4 are the same! as above
    .
    .

  2. Just directly edit the contents of the field “user_email” to contain the new email address (that your user has access to).

  3. Once you have done this, just submit that form by hitting the “go” button at the bottom of the page, and you are done!

This technique works on many web applications that use a simple MD5 hash to store passwords in MySQL, and the “change email” method is useful on many others as well, so this is a good little tip that might be useful in other similar situations.

Good Luck, and let us know how it goes! :wink:

–rlparker