search

simlexx-k / chebut-adminlte

Chebut Tea Farmers Management System is a web-based application developed using PHP and Bootstrap AdminLTE. This application is designed to efficiently capture and manage farmers' records for tea production, process payrolls, generate payslips, and handle deductions such as NSSF, NHIF, and tax.
https://chebut-adminlte.vercel.app
MIT License
0 stars 0 forks source link

Password #1

Open MakmotRobin opened 1 year ago

MakmotRobin commented 1 year ago

Hello, am trying to login into the admin panel but I can't find the password. I tried changing it from the database but still it won't accept

simlexx-k commented 1 year ago

Hi there, sorry for the delay. Have you tried using admin as username and password for the password?

MakmotRobin commented 1 year ago

Let me try it out

On Thu, Aug 17, 2023 at 7:40 PM Simon Kosgei @.***> wrote:

Hi there, sorry for the delay. Have you tried using admin as username and password for the password?

— Reply to this email directly, view it on GitHub https://github.com/simlexx-k/chebut-adminlte/issues/1#issuecomment-1682615225, or unsubscribe https://github.com/notifications/unsubscribe-auth/A6VV7YSWCUFXQ7JEHKQCIETXVZCP7ANCNFSM6AAAAAA3QVSJUY . You are receiving this because you authored the thread.Message ID: @.***>

AlvinKimata commented 11 months ago

Hi there, sorry for the delay. Have you tried using admin as username and password for the password?

The password worked. Thanks

simlexx-k commented 11 months ago

Hello there. Let's go over some items here. Have you already imported the database file into phpMyAdmin (if using XAMPP)?

On Fri, Nov 3, 2023 at 1:05 PM Alvin Kimata @.***> wrote:

Hi there, sorry for the delay. Have you tried using admin as username and password for the password?

The password does not work. Please provide a correct password.

— Reply to this email directly, view it on GitHub https://github.com/simlexx-k/chebut-adminlte/issues/1#issuecomment-1792160730, or unsubscribe https://github.com/notifications/unsubscribe-auth/AOCUPJIGKT3LEPTBDLY4JJTYCS6V3AVCNFSM6AAAAAA3QVSJU2VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTOOJSGE3DANZTGA . You are receiving this because you commented.Message ID: @.***>

simlexx-k commented 11 months ago

If the password works then that's fine.

pountel commented 6 months ago

Hey simlexx, having the admin password issue kindly advice of how to get around it, also kindly confirm the database file name is actually apsystem

pountel commented 6 months ago

I havent managed to get to the dashboard after establishing the database connection, still trying to solve admin login at the admin portal

simlexx-k commented 6 months ago

I'll be sorting that issue in a one hour. It's seems persistent.

On Sat, 20 Apr 2024, 02:59 pountel, @.***> wrote:

I havent managed to get to the dashboard after establishing the database connection, still trying to solve admin login at the admin portal

— Reply to this email directly, view it on GitHub https://github.com/simlexx-k/chebut-adminlte/issues/1#issuecomment-2067406168, or unsubscribe https://github.com/notifications/unsubscribe-auth/AOCUPJOCNQ6HS7ZGAZYRAG3Y6GVVVAVCNFSM6AAAAAA3QVSJU2VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDANRXGQYDMMJWHA . You are receiving this because you commented.Message ID: @.***>

pountel commented 6 months ago

I suggest you look at the sql admin table password verification code/logic

pountel commented 6 months ago

i have managed to login using both Uname admin and pw as 'password'....however, am not contented because while its true i can see admin table has a Uname 'admin', the password there is '$2y$10$fCOiMky4n5hCJx3cpsG20Od4wHtlkCLKmO6VLobJNRIg9ooHTkgjK' and not 'password'......ideally, password shouldnt be working i guess...kindly clarify

AlvinKimata commented 6 months ago

The password is hashed and or salted before being stored in the database.

Hashing is a common technique used to securely store passwords by converting them into a fixed-length string of characters.When a user tries to log in, their entered password is hashed using the same algorithm, and the resulting hash is compared with the stored hash in the database.

If they match, the login is successful. Therefore, even though you see 'password' in the code, it's being hashed before being stored in the database.

pountel commented 6 months ago

A small bug, a farmer cannot edit the collection centre (from the farmers list)

Error! Unknown column 'centre' in 'field list'

pountel commented 6 months ago

The password is hashed and or salted before being stored in the database.

Hashing is a common technique used to securely store passwords by converting them into a fixed-length string of characters.When a user tries to log in, their entered password is hashed using the same algorithm, and the resulting hash is compared with the stored hash in the database.

If they match, the login is successful. Therefore, even though you see 'password' in the code, it's being hashed before being stored in the database.

well explained and understood

pountel commented 6 months ago

Clerks recording module in the index looks great, is it actually designed to collect the kgs after hitting submit? Nothing seems to happen after submitting

Does the farmers id get authenticated through database to confirm the farmer exists before submitting the kgs for today? (this works fine within the dashboard's record intake, just noticed it doesn't of the index clerks recording module)

Also, to safeguard against factories admin deleting everything if he/she wanted, i just thing a super admin would be a cool idea, how limits levels access - just a thought