#137 default credentials fail new install

[Anonymous]

fresh install of ubuntu , default credentials fail - saw other ticket (#40 Default password not working) with similar problem but no resolution…

what am I missing?

====output of database====

mysql> use phpipam;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
mysql> select * from users;
+----+----------+----------------------------------+--------+---------------+---------------+--------------------+------------+-----------------------------------------------------------------------------------+------+----------+
| id | username | password | groups | role | real_name | email | domainUser | widgets | lang | editDate |
+----+----------+----------------------------------+--------+---------------+---------------+--------------------+------------+-----------------------------------------------------------------------------------+------+----------+
| 1 | Admin | d10bb806e97d3538fb13b5581db11e9e | | Administrator | phpIPAM Admin | admin@domain.local | 0 | statistics;top10_hosts_v4;top10_hosts_v6;top10_percentage;access_logs;error_logs; | 1 | NULL |
+----+----------+----------------------------------+--------+---------------+---------------+--------------------+------------+-----------------------------------------------------------------------------------+------+----------+
1 row in set (0.00 sec)

[Miha Petkovsek]

Hi, just tried it myself and have no errors, works fine.

Can you try with some different browsers, there was a problem once with Firefox lower-casing username automatically or smth similar...

brm

[Anonymous]

Tried IE10, Chrome, Firefox, all same result - failed to login... will try re-install i guess..

[Anonymous]

Hello

I have the same error.

[Marcio Merlone]

Same here. Now what?

[Miha Petkovsek]

Hi, can you try to enter this query, that is used to authenticate local user and post the result?

select * from users where username = binary "Admin" and password = BINARY "d10bb806e97d3538fb13b5581db11e9e" and domainUser = "0" limit 1;

[Marcio Merlone]

Sure:

# id, username, password, groups, role, real_name, email, domainUser, widgets, lang, editDate
'1', 'Admin', 'd10bb806e97d3538fb13b5581db11e9e', '', 'Administrator', 'phpIPAM Admin', 'admin@domain.local', ?, 'statistics;top10_hosts_v4;top10_hosts_v6;top10_percentage;access_logs;error_logs;', '1', NULL

The '?' is a blob value, but you may already know. :)

[Miha Petkovsek]

Can you open functions/functions-install.php and search for function checkLogin, and after $query = add newline with print $query;

$query      = 'select * from `users` where `username`...
print $query;

You will get the query now in login result.

[Marcio Merlone]

There it goes:

select * from users where username = binary "admin" and password = BINARY "d" and domainUser = "0" limit 1;

[Miha Petkovsek]

Well password is not ok for sure... You entered username/pass as Admin/ipamadmin (mind capitals)? Change
print $query
with
print_r($_POST);

To see what is sent from login form.

[Marcio Merlone]

Yes, I did...

select * from users where username = binary "admin" and password = BINARY "d" and domainUser = "0" limit 1;

var_dump($_REQUEST):
array(2) {
["ipamusername"]=>
string(5) "admin"
["ipampassword"]=>
string(9) "ipamadmin"
}

[Marcio Merlone]

Before you ask: no fancy config on apache's virtual host, phpipam is a subdir of my intranet like http://intranet.domain.tld/ipam. It is puzzling me too.

[Miha Petkovsek]

Well lower-case admin is not ok for sure, this must be browser related. You can simply change username to admin in sql directly:

update `users` set `username` = "Admin" where `username` = "admin";

Still what bothers me password part, maybe something is not ok with md5() function? What does the "print $md5password;" return in checklogin function?

[Marcio Merlone]

Hi,

Edited site/login/loginCheck.php and var_dumped the array $ipampassword:
echo '

';

    var_dump($ipampassword);

echo '

';

got:
string(9) "dpamadmin"

Now I see a probable var collision, I am using "register_globals on"
due to a legacy app:

$_POST['ipampassword'] versus $ipampassword... will adjust the server
setting for this location and return with results.

On Tue, Feb 11, 2014 at 10:14 AM, Miha Petkovsek myha@users.sf.net wrote:

Well lower-case admin is not ok for sure, this must be browser related. You
can simply change username to admin in sql directly:

update users set username = "Admin" where username = "admin";

Still what bothers me password part, maybe something is not ok with md5()
function? What does the "print $md5password;" return in checklogin function?

---

[bugs:#137] default credentials fail new install

Status: open
Created: Wed Nov 13, 2013 01:34 AM UTC by Anonymous
Last Updated: Tue Feb 11, 2014 12:08 PM UTC
Owner: nobody

fresh install of ubuntu , default credentials fail - saw other ticket (#40
Default password not working) with similar problem but no resolution...

what am I missing?

====output of database====

mysql> use phpipam;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
mysql> select * from users;
+----+----------+----------------------------------+--------+---------------+---------------+--------------------+------------+-----------------------------------------------------------------------------------+------+----------+
| id | username | password | groups | role | real_name | email | domainUser
| widgets | lang | editDate |
+----+----------+----------------------------------+--------+---------------+---------------+--------------------+------------+-----------------------------------------------------------------------------------+------+----------+
| 1 | Admin | d10bb806e97d3538fb13b5581db11e9e | | Administrator | phpIPAM
Admin | admin@domain.local | 0 |
statistics;top10_hosts_v4;top10_hosts_v6;top10_percentage;access_logs;error_logs;
| 1 | NULL |
+----+----------+----------------------------------+--------+---------------+---------------+--------------------+------------+-----------------------------------------------------------------------------------+------+----------+
1 row in set (0.00 sec)

---

Sent from sourceforge.net because you indicated interest in
https://sourceforge.net/p/phpipam/bugs/137/

To unsubscribe from further messages, please visit
https://sourceforge.net/auth/subscriptions/

--
Marcio Merlone

[Marcio Merlone]

So, I changed register_globals to off, updated Admin to admin on db
and now it works on Google Chrome. Tested case on Firefox and it works
with 'Admin'.

So, for the record:
1. register_globals must be off.
2. Google Chrome lower-cases username, so either run from Firefox or
update users set username = 'admin' where username = 'Admin'.

Case closed, thanks for your time and effort. :)

Regards.

On Tue, Feb 11, 2014 at 10:27 AM, Marcio Merlone mmerlone@gmail.com wrote:

Hi,

Edited site/login/loginCheck.php and var_dumped the array $ipampassword:
echo '

';

    var_dump($ipampassword);

echo '

';

got:
string(9) "dpamadmin"

Now I see a probable var collision, I am using "register_globals on"
due to a legacy app:

$_POST['ipampassword'] versus $ipampassword... will adjust the server
setting for this location and return with results.

On Tue, Feb 11, 2014 at 10:14 AM, Miha Petkovsek myha@users.sf.net wrote:

Well lower-case admin is not ok for sure, this must be browser related. You
can simply change username to admin in sql directly:

update users set username = "Admin" where username = "admin";

Still what bothers me password part, maybe something is not ok with md5()
function? What does the "print $md5password;" return in checklogin function?

---

[bugs:#137] default credentials fail new install

Status: open
Created: Wed Nov 13, 2013 01:34 AM UTC by Anonymous
Last Updated: Tue Feb 11, 2014 12:08 PM UTC
Owner: nobody

fresh install of ubuntu , default credentials fail - saw other ticket (#40
Default password not working) with similar problem but no resolution...

what am I missing?

====output of database====

mysql> use phpipam;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
mysql> select * from users;
+----+----------+----------------------------------+--------+---------------+---------------+--------------------+------------+-----------------------------------------------------------------------------------+------+----------+
| id | username | password | groups | role | real_name | email | domainUser
| widgets | lang | editDate |
+----+----------+----------------------------------+--------+---------------+---------------+--------------------+------------+-----------------------------------------------------------------------------------+------+----------+
| 1 | Admin | d10bb806e97d3538fb13b5581db11e9e | | Administrator | phpIPAM
Admin | admin@domain.local | 0 |
statistics;top10_hosts_v4;top10_hosts_v6;top10_percentage;access_logs;error_logs;
| 1 | NULL |
+----+----------+----------------------------------+--------+---------------+---------------+--------------------+------------+-----------------------------------------------------------------------------------+------+----------+
1 row in set (0.00 sec)

---

Sent from sourceforge.net because you indicated interest in
https://sourceforge.net/p/phpipam/bugs/137/

To unsubscribe from further messages, please visit
https://sourceforge.net/auth/subscriptions/

--
Marcio Merlone

--
Marcio Merlone

[Marcio Merlone]

So, I changed register_globals to off, updated Admin to admin on db
and now it works on Google Chrome. Tested case on Firefox and it works
with 'Admin'.

So, for the record:
1. register_globals must be off.
2. Google Chrome lower-cases username, so either run from Firefox or

update users set username = 'admin' where username = 'Admin';

Case closed, thanks for your time and effort. :)

Regards.

[Miha Petkovsek]

Hi, good news. Can you tell me which os/browser you are using so I can test this username lowercasing? On OsX it works fine.

[Marcio Merlone]

So, I changed register_globals to off, updated Admin to admin on db
and now it works on Google Chrome. Tested case on Firefox and it works
with 'Admin'. Using latest linux Mint (Ubuntu based).

So, for the record:
1. register_globals must be off.
2. Google Chrome lower-cases username, so either run from Firefox or
update users set username = 'admin' where username = 'Admin'.

Case closed, thanks for your time and effort. :)

Regards.

[Anonymous]

Hello, Register_Globals was also the key for me (Ubuntu, phpipam 0.9) thankies !

[Anonymous]

I'm having the same issue.
Just looking at the Admin row data, in my DB it shows domainUser=30 yet your line in the function is looking for domainUser="0" ?

Could this be it?

[Miha Petkovsek]

Yes, set it to 0.

[Anonymous]

I have same problem with the login...

[Anonymous]

Same problem. Php 5.6, so register_globals was removed at all. Cannot register. When I run "update users set password='1a1dc91c907325c69271ddf0c944bc72' where username='admin';" I can register with "admin/pass" (the hash is from 'pass' password). After register run "select password,domainUser from users". Got - *0,0. Then - logout, cannot register, run sql to update hash, register, so on. The domain auth works well. What to do with local? OpenSUSE 13.2 64 bit.