YAFLogo

Coleen
  • Coleen
  • 89.2% (Honored)
  • YAF Commander Topic Starter
11 years ago
Good morning (it's 6:50am here!) I need some help - urgently!

Some how my ISP changed their service to go through a different route and therefore my IP address changed and so I lost my "cookie" for my sign-in to my forums. I tried to log in again with the password I (thought) I changed to, but it gave me a password error, so I tried to reset it. I did NOT receive any email to reset my password. I did however get a "Security Question" but I never answered any security question when setting up my profile! I am the main Administrator for this site, and need to get logged back in! Please help! Thanks!

Sponsor
Coleen
  • Coleen
  • 89.2% (Honored)
  • YAF Commander Topic Starter
11 years ago
Does anyone have any information on how to get my user password reset? This is URGENT! I am the Administrator of the site and when I try to log back in it continues to give me a password error!

This is the error I'm getting:

Notification

The user name or password entered is incorrect. Please try again.

OK

PLEASE can anyone help?

Edited to add error on security question:

The password reset does not see to be working. It doesn't email me, and when I enter my email address it comes back and asks me a security question - which I never set up - so how do I get signed back in? Truly - this is URGENT

Edited - sorry I didn't include the version of Yaf I'm using: 1.9.6.1 , Windows 7 OS, Firefox (I test on Firefox, Opera, Chrome and IE8) I use Arvixe hosting for Windows. Thanks for any help that can be given. I was able to have one of my administrators grant me admin access under a new user name, but now I do NOT have host privileges! I could REALLY use some help on this issue!

Please, please I need help!!

Coleen
  • Coleen
  • 89.2% (Honored)
  • YAF Commander Topic Starter
11 years ago
Okay this issue with username/password not being recognized is going to be a HUGE problem. I just tried creating a "Test" user (not an administrator,just a plain new "test"user. After I created the user and registered, I tried to log in as that new user. I KNOW I have thepasswords correct and the username/email correct - IJUST CREATED IT. However, when I tried to log in with that new user account - I got the below error message (Again - on a brand new account!)

Notification

The user name or password entered is incorrect. Please try again.

OK

Then when I try to get my password sent to me I get the following error:

Notification

Your account is not approved yet because you have not validated your email. A new email validation has been sent to newusername at gmail.com. Please verify so you can login.

OK

THIS IS A HUGE PROBLEM!

Please, does anyone have any information on this issue?

JP
  • JP
  • 100% (Exalted)
  • YAF Leader
11 years ago
And you haven't got an verification email to attend to at the newuser gmail account?

A new account is not approved until you have responded to the mail, or have approved it manually in the admin page (which seems to be a Catch 22 for you right now).

I don't understand why an IP change would affect the cookie, since that is set with the site name - not IP...

I have a couple of versions running on different machines and cookies seem to be the least problem.

However if there is a change to the site name from eg forum.aaa.com to forum.bbb.com, a new cookie will be created and require a login to create a new cookie.

Could it be as simple as like your web browser or client security software is set to not accept cookies from your forum site?

Just a crazy thought, but still worth mentioning since I've had users with this problem...

Another issue might be an IE "stale cookie" problem, that I have encountered both in my forum and at work...

So - have you tried with different web browser? Like Google Chrome or Mozilla Firefox?

The IE "stale cookie" problem means that you will have to empty the IE cache completely.

Using the IE standard "Internet Options" -> "General" -> Browsing history "Delete" button will not fix it - so instead of hitting the "Delete" button, you press the "Settings" button and press "View files". Once there, you press Ctrl-A to mark them all and then press Shift-Delete to remove the files.

I don't know it I'm giving any useful information/advice for this situation, but if you are sure you have the admin password right it could be an IE client side problem - Of course only if you use IE 8-10... First try with Firefox or such, and if it works - delete the IE cached files and try it again with IE.


He who asks a question is a fool for five minutes. He who does not ask a question remains a fool forever. [Old Chinese Proverb]
Jaben
  • Jaben
  • 100% (Exalted)
  • YAF Developer
11 years ago
This reminds me, I need to a way to add a "global admin" user via the web.config as a last-ditch.
JP
  • JP
  • 100% (Exalted)
  • YAF Leader
11 years ago
A system-wide global admin to be used as the last resort would be great indeed, as long as you can read & set id + pw in clear text in a config file or such. It's also a big security risk, but so is the db connection string....
He who asks a question is a fool for five minutes. He who does not ask a question remains a fool forever. [Old Chinese Proverb]
Coleen
  • Coleen
  • 89.2% (Honored)
  • YAF Commander Topic Starter
11 years ago

And you haven't got an verification email to attend to at the newuser gmail account?

A new account is not approved until you have responded to the mail, or have approved it manually in the admin page (which seems to be a Catch 22 for you right now).

Currently using my secondary admin account, on the main "Administration" page: myforums\Forums/yaf_admin_admin.aspx there is a (now long) list of "registered" users. I send them an email manually, and once they respond, I go in and set their membership to "Pending" (which gives them access to the "Public" boards and the one where they MUST post their "Required Info" (which gives me the capability of verifying their IP address.) However, if they lose/forget their password, then they can't get back in and it does NOT send them the reset password email! I've verified this by creating a "Dummy " account and entered in the wrong info - I can not now get the password reset to email the dummy account the new password nor does it actually reset the password!

I don't quite understand all the technicalities of why the cookies get lost when our ISP changes over from Mexico to Belize - but it does. My hubby is an IT guru (when he's available!) and explained it to me once, - essentially when the ISP switches from routing through Mexico (our normal "route" ) to routing through Belize City (the "emergency route" ) the login to the service is lost, so even though I have cookies set, the DNS is no longer the same because it is a completely different route - at least that is how I understood the problem. If I had cookies already established for both routes before it had happened, then I probably would not have lost the connection, but since I had also tried to change my main Admin password, (and I think that is the real issue here - changing passwords is NOT working!) it locked me out of the Admin account, and since at the time I didn't have access to the database, even though I tried logging in with my username, my display name, my email address - nothing worked! I don't use IE, I use either Firefox or Chrome, and yes, I tried logging in using Chrome instead of Firefox - still no luck!

So back to how I change/reset the password in the database...?

I tried copying the password I use for my secondary admin account from the database into the password field for my main admin account - it doesn't seem to work. Is there something else I am missing? In the "IsLockedOut" column most of the values are NULL, but some of them are 0 - which happens to be my Admin account and my "Dummy " account - should I set those to 1? I can't reset them to NULL - I tried! Also the "FailedPasswordAttempts" is NULL in all the other users, but in my two accounts that don't work - they are 0 as well.

The tech from my hosting company sent me this: "If you can access the database tables you can create a dummy account and then go into the yaf_user table and change the flags column to "3" for that user. This will set the user as a host admin then sign in as that user and go to the old admins profile and reset there password." Is this correct? Can anyone expand on the details of how/where to set up another "dummy" account"? I set up the other just by doing a new registration with a new email address I created for that purpose. Any help would be VERY appreciated!

Thanks!