[RESOLVED] Database shifted and application brought from (http://willow.dawnstar.org not running

siyaverma

Hi ,

Friend of mine who left the job now and i am taking care of his applications ,he brought the Job Tracker application from ([url]http://willow.dawnstar.org)[/url] ,he placed the database on the server which is shifted now, i was on vacation when database shifted and other friend of mine pulled the database in sql querry form which is not the same database but contain similar tables,when i runned the application after running that query in mysql database on new server it begins giving me errors like "xxxx" table doesn't exist or find, so i created those tables finding from a folder called "sql" where all queries where stored in the application installler file and now application is not giving me any error but not accepting the username and password ,which i have inserted in the table ,what do you suggest ,i know its the big application but if i can get some idea what could be wrong ,i mean i get the direction then that will really really help.

Thanks
Siya

bradgrafelman

Well did you insert the usernames and such correctly? Do you know which, if any, encryption/hashing method the script uses to protect passwords? Did you make sure to use this method when storing the password?

siyaverma

Thanks for helping me out,

well while uploading the script i found that passwords were encrypted but it was as insert statements so i changed the passwords and then uploaded the data and when i pull the data for that table ,they were as it is as i uploaded them,not encrypted,i found that in Login action class file they are encryptinng password here is te code

 # Make a password hash.
        $salt = $this->context->config->get( "password_salt" );
        $this->context->logger->debug( __FILE__, "Salting with '".$salt."'" );
        $hash = md5( $salt.":".$password );
        $this->context->logger->debug( __FILE__, "Hash is '".$hash."'" );

    # Compare generated hash with existing hash.
    $user = new User( $this->context->config, $this->context->logger, $this->context->db, $username );
    if( $user->getPassword() == $hash )
    {
        # See if this is a contact, and if we're configured to allow contacts to login.
        if( ! $user->isContact() || ( $user->isContact() && $this->context->config->get( "client_login" ) ) )
        {
            $sessionhash = md5( $username.":".$salt.":".$hash );
            $timestamp = time();
            # Some junk to obfuscate the username.  Not really secure, but
            # good enough for most purposes.
            # Note: password is completely secure, it's hashed.
            $junk = round( sqrt( microtime() ) );
            $sessionid = $junk."_".$username."_".$sessionhash."_".$timestamp;
            $from = $this->context->config->get( "tr_from" );
            $to =   $this->context->config->get( "tr_to" );
            $trsessionid = strtr( $sessionid, $from, $to );
            $this->context->sesshandler->createSession( strtr( $trsessionid, $from, $to ) );
            $this->context->user = $user;
            if( ! $this->context->config->get( "login_allow_simultaneous" ) )
            {
                $this->context->ustate->setValue( $user->getId(), 0, '', '', "login_timestamp", $timestamp );
            }
        }
    }

and password_salt is defined in the willow.ini file and


hash_algorithm = "md5"

; Not yet implemented, sorry.
encrypt_login_cookie = "1"

; Translation strings for trivial encryption.  If you change these in
; a production environment, everyone will be logged out immediately.
tr_from = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_"
tr_to = "aAbB8cC0dDqEfF1gGhHiI2jJk_KlLmM3nNo9OpPWQrR4sStTuUvV5we6xXyYzZ7"

i have the encrypted data of password that was downloaded as sql query from old database ,but don't know how to decrypt it back.

also i tried to enter the user name but no pasword so that it will return me the error that "pasword is empty" but there is no such error you can look at the willow website http://www.dawnstar.com/index.php?display=Faqs,
after reading this i felt that if it is not accepting my cookies then how can i make it accept my cookies and if it is taking me to other domain then what could be the solution to them

thanks
Siya

siyaverma

Please any body help i havn't got any reply sp far.its so important to me to solve ,i know its challenging ,i think there might be some one accepting it.

siyaverma

i found the results
thanks you