Topic: Default admin account not working after fresh installation

[Marlamin]

Hey guys,

I just did a fresh install of Mibew 1.6.8 on my server and I can't seem to login with the default admin user (admin) and password (empty). I've already reinstalled it twice and it just refuses to login.

There was some password enhancements done but the default SQL install script still seems to use MD5 instead of your new calculate_password_hash functionality.

Anything I can do to make this work instead of going back to Mibew 1.6.7?

With Friendly Regards,

Marlamin

[faf]

There were no any changes in passwords-related code between Mibew 1.6.7 and 1.6.8.

You've gave a link to the commit in the master branch which stands for the upcoming Mibew 2.0. And that commit is actually just a port of this commit in the legacy branch.

The switch to a properly salted and hashed passwords was between Mibew 1.6.5 and Mibew 1.6.6. But we saved the backwards compatibility with old hashing, so that's why install script still use plain MD5 hashing. Since one should change the default empty password anyway. 

So... For now I don't know what's your problem. Do you use the same database for your new Mibew installation or a new one? Are there any messages in error logs?

[Marlamin]

Sorry, my mistake. Should have looked better through commits.

I guess it might be related to the fact we run an older version of MySQL (4).

I kinda missed the MySQL 5+ requirement on the download page when I downloaded it and I guess the installer doesn't warn when using an old MySQL (which it shouldn't if people read the requirements correctly like I didnt  ).

My bad, sorry for the inconvenience.

[faf]

Well, no problems. Err is human. 

And we'll implement the DB version check in the future releases. Thanks for this issue.