ocPortal Tutorial: Disaster recovery
Written by Chris Graham, ocProducts
This tutorial will go through some solutions to 'disasterous' scenarios that could happen on an unstable web server configuration.It does not cover all that could go wrong by any means, as there are literally an infinite number of things that could go wrong if ocPortal is running in an unreliable environment.
I am going to assume that you have access to phpMyAdmin for the purposes of this tutorial. phpMyAdmin is a user-friendly web-based frontend to mySQL, and is available from most hosting control panels. For more information, see the Manually editing your database with phpMyAdmin tutorial.
Table of contents
Changing a login password
If you've misset a password and for whatever reason can't use the 'lost password' feature to reset it (perhaps because of an invalid/non-existant e-mail address for that account, or a faulty/non-existant mail server), then you'll want to manually reset it.Obviously this needs a greater level of access than ordinary members would have. We could either use:
- Database access
- Disk access
Via the database
For this, I am assuming that you are using OCF . If you are using another forum then the method will be similar, but will be done upon the data of that forum.
Select to browse the f_members table |
Edit the row for the username for which the password should be changed |
2) Browse the contents of the ocPortal f_members table (named ocp2_f_members if you used the default table prefix).
3) You will see rows for all usernames. Click the little edit icon and you'll see an editing screen.
Change the settings and 'Go' |
- m_pass_hash_salted should be given the new password. It is essential that you also choose 'MD5' from the list to the left of the input field, so that the password gets 'encrypted' (ocPortal assumes an encrypted password and if it is not then it will not succesfully log in).
- m_pass_salt should be blanked out.
- m_password_compatibility_scheme should be set to 'md5'.
5) Scroll to the bottom of the form and click 'Go'.
You should now be able to log in to ocPortal using your new password.
Via the disk
If you open up sources/users.php in a text editor and go to line 345 you'll find an interesting line of code:Code
$backdoor_ip_address=false; // Enable to a real IP address to force login from FTP access (if lost admin password)
All you need to do is to go to myIPaddress.com: What is my IP address? How do I find my IP address? and copy your IP address, with quotation marks, in substitution of false.
For example:
Code
$backdoor_ip_address='12.45.56.78'; // Enable to a real IP address to force login from FTP access (if lost admin password)
You will then be logged in as member 2, which is 'admin' on OCF. If you need a different member ID, change line 351.
It should go without saying that you should only use this 'backdoor' for a short space of time and not disclose your IP address when doing it. ocProducts makes no claims to how secure this backdoor might be and you open it up entirely at your own risk.
Unbanning an IP
Select to browse the usersubmitban_ip table |
Delete the row corresponding to your IP address |