i imported the sql of site 1 to site 2, the salt key was changed, so when logging into the admin panel, it asked to reset the password.
on doing so, the image verification did not load up , hence could not reset the pwd, however the admin panel loaded fadedly in the bg, on clicking on the category link got access to the admin panel.
i think this should not be allowed.
just wondering....
also the smtp email pwd is not hashed/encrypted .... it should show up as stars...
Hello.
Please provide more details. What is your AbanteCart version? How you create your sql - via phpmadmin export or AbanteCart buit-in?
Are you saying you were able to get into Admin with no password reset or login? Are you sure? What were your steps?
FYI: When you migrate your site, you should not change your SALT key.
My friend also wanted a similar site on bodybuilding products, but he has 0 knowledge of computers n coding,
so i created a sql backup via cpanel sql backup, the one created by abantecart ( inbuilt) created a corrupted empty sql for some reason.
So u imported my sql into my friends abante sql via phpmyadmin, after dropping all tables.
Then i tried to make some changes to suite his site name etc.... but it didnt allow me to login.
the image verification thing didnt load the image hence i couldnt reset the password
i just clicked ok without image verification and the admin panel opened faintly which a regular user would not see or ignore. But i clicked on categories and i got access...
i am actually worried about security of my site also.
Then later i changed the salt key via ftp on my friends site.
I am using ver 1.2.5 latest
Do you have GD enabled? Missing GD can cause missing image for verification.
Regarding security, I do not think there is an issue here, but we can definitely check this.
I still do no see how you can skip this step. Did you change any PHP files?
I think we are dealing with customer modifications or human error causing issues.
Check that this file is present and has correct permissions
admin/controller/responses/common/captcha.php
If this file is missing or not accessible, captcha will not show and validation will not work.
However, this will NEVER allow login without password.
possibly you copied cache files that cause conflicts.
Try to remove all subdirectories from your public_html/system/cache folder
I installed abante using installatron in both sites. But will try to check the above suggested ... this caputa issue is on both the sites ...
any errors in log?
admin/controller/responses/common/captcha.php is there and has file permission od 644
is that correct?
GD is enabled..
Didnt touch the php.ini file.
Any suggestions pl..
Quote from: CoolSurfer on January 07, 2016, 02:34:30 AM
admin/controller/responses/common/captcha.php is there and has file permission od 644
Try to set 755 permission to this file
issue solved in v1.2.7.
See details here https://github.com/abantecart/abantecart-src/commit/ef60cbf500f332a04dea26a8e85316aac3a96916