Admin account made through install cannot log in through e107/login.php

[JohanKlos]

I made an admin account on a fresh v2 alpha install. I can't log it in through "/e107/login.php", I get this message: "Incorrect login. The entered data doesn't match to a registered user. Check if you have the CAPS-LOCK key activated as logins on this site are case sensitive"

However, if I go directly to the Admin Area "/e107/e107_admin/admin.php" the same login details DO work.

[Moc]

I doubt this is a bug. I cannot reproduce this nor have we had any reports of this.

• Can you please double check the login data you enter on both the admin login and frontend login.
• Does it make a difference when you try to login using the login_menu?

[JohanKlos]

I use pasted the same login details so they are the same. Does NOT work: "Sign in"

Does NOT work: "Welcome" (I'm assuming this is the login_menu you mean)

Does work: "Admin section"

I'm not sure if this has anything to do with it, but I had to nuke an e107_config.php because something went wrong with the first install. I then did the iinstall.php and it made a new e107_config.php to a new mysql database.

[CaMer0n]

Please disable your browser's cache and see if that helps. The web-developer plugin is helpful for doing this:
http://chrispederick.com/work/web-developer/

[JohanKlos]

I've tried the same details in a different browser which I hadn't used for this site yet, same result.

[Moc]

I recently had this happening on a website as well. Looking into it.

[JohanKlos]

Ok, I'll not mess with anything so I can test your solution or give you information on settings. Please note that this was a clean install, NOT an upgrade from 1.*

[Moc]

Are you using the latest Github files or the v1 to v2 alpha upgrade package? If the latter, please try grabbing the zip from Github https://github.com/e107inc/e107/archive/master.zip and overwrite all the existing files with the ones from the zip.

[JohanKlos]

Neither. I'm using the full v2 alpha package, not the upgrade package. The admin page says "Version 2.0 alpha1", maybe the information there should list the build, could help in troubleshooting. I'll install https://github.com/e107inc/e107/archive/master.zip and get back to you.

[JohanKlos]

if anyone else was wondering why the master was so much larger than the other zips you may have gotten, it's all those fonts in e107_plugins\pdf\fonts Do we really need them?

[Moc]

They are not included in the official v2 downloads which are offered on e107.org, for that same reason. They are however needed in the plugin package, so they're on Github.

Let me know how the latest files from Github work out for you :)

[JohanKlos]

Finished uploading, the problem is still there.

[e107steved]

Are you using a user name or password which is longer than that allowed in the configuration preferences?

[Moc]

@e107steved is there a maximum? I do see a minimum which is set to 6 characters by default, but a maximum?

[JohanKlos]

Is there a maximum? My password is 20 characters long, has letters (upper and lower), numbers and symbols. As the issue states, the password works using one method, not the other, so it would surprise me if the issue was the password. A good website shouldn't limit the password in any way, in my opinion.

[e107steved]

You've got two areas where the length might be limited. The first is in the entry box, which is potentially theme or template dependent, and this could affect both login name and password. The second is in the underlying code, and on a quick look only login name is limited - there is a preference setting for maximum length, which defaults to 30 characters on a new install. (I think that's strictly 'bytes', so non-ASCII characters will take up more than one byte) There are no particular constraints on the password in the code, AFAIK

[JohanKlos]

Would the following website give a correct count of the bytes? http://mothereff.in/byte-counter If so, the password in question is 20 bytes long, so it is unlikely this is the problem, right?

[Moc]

@e107steved Can you find me on Skype some time to discuss/debug this issue? I have access to several v2 installs where the install is broken. Either it throws a blank page or it returns the 'incorrect login' error.

[e107steved]

Can you enable the rolling log? I think it will then record the reason why each non-admin login fails

[Moc]

These are the results, attempted both login_menu as /login.php directly

13-06-06 23:03:49 4 IP 0 Anonymous LOGIN e107_handlers/login.php Function: logNote Line: 561 Invalid username/password combination username

13-06-06 23:03:49 4 IP 0 Anonymous LOGIN e107_handlers/login.php Function: logNote Line: 561 Invalid username/password combination CHAP: username

13-06-06 23:03:38 4 IP 0 Anonymous LOGIN e107_handlers/login.php Function: logNote Line: 561 Invalid username/password combination username

13-06-06 23:03:38 4 IP 0 Anonymous LOGIN e107_handlers/login.php Function: logNote Line: 561 Invalid username/password combination CHAP: username

I've edited both IP and username for privacy reasons.

[myovchev]

Please review your Site Prefs -> Security & Protection area and tell me what are your "Password encoding" and "Password transmission method" settings

[Moc]

Good call, it's the CHAP that's not working properly.

The settings are set to 'md5' and 'CHAP only' When CHAP only is changed to plaintext, logging in on the frontend works just fine.

[JohanKlos]

Confirmed, that seems to have been it. I'd suggest leaving this issue open since it's not really a fix, right?

[e107steved]

Looks like changes to the JS structure have stopped this working. Possibly in rather an obscure way!

[Moc]

@JohanKlos Could you please test the functionality of the login when CHAP is enabled? Using the latest files from Github.

[JohanKlos]

I will update to the latest version and give you feedback here.

[JohanKlos]

Password encoding: Salted md5 (Legacy) Password transmission method CHAP only

Doesn't work but doesn't give an error message, either. The sign in fields in Welcome are missing. I only updated newer or different sized files, I'll do a complete upload and test again.

[JohanKlos]

I did a complete upload while overwriting every file and the issues are the same:

• login using login fields in the top right do not work (no error) when method is set as "CHAP only"
• login fields in "welcome" section are missing though you can see a very quick "Javascript must be enabled in...." that disappears much too quickly (I guess this would be a new issue, but it's more than likely been reported already)
• login using admin.php does work

When I switch back to plaintext instead of CHAP the login method on the top right works again.

[Moc]

Thank you for the feedback.

@e107steved CHAP not functional atm, guess it needs more work. Could you check it out please?

Changing this to alpha3 instead of alpha2.

[e107steved]

Will try and have another look - I have just managed to set up a 'clean' test site on a separate server, which will make things easier. Don't think it's relevant here, but I did find while updating code that I had to keep clearing cache to ensure changes were properly recognised. The 'very quick "Javascript must be enabled in...."' message which appears is normal ATM - if JS isn't disabled, the message stays visible to inform the user. Hopefully there's a clever way to ensure the message stays visible when needed, without flashing up in a JS-enabled browser as it does ATM

[JohanKlos]

I upgraded to the newest version and it seems the problem of not being able to login if CHAP was functional was fixed! It works now both from the top bar and from the menu. I'll close this issue.