Fork me on GitHub

How to reset a password

Losing a password to some online service is always unpleasant. This also requires certain efforts to recover it. At the same time, while you restore your password, it is critical to prevent other people from obtaining or changing it. Since Eonza allows the owner to add users, let’s review two cases: one for recovery of the administrator access, and the other – restoring access of simple users. Passwords aren’t stored in the system “as is”, so the only way to recover access is to set a new password.

How to reset an administrator (owner) password

If you are the owner of the informational storage, you have access to all files on the web server. If you didn’t install the system yourself, get in contact with the person who did and therefore has access to your website. First of all, unpack the reset-password.php file from eonza/tools/reset-password.zip to a directory where the conf.inc.php file is located. After that, execute this script in your browser. For example,

www.my-domain.com/eonza/reset-password.php
www.my-site.org/admin/reset-password.php

You should see a newly generated password in your browser. If you want to set the password immediately, you can create the following PHP script and place it near the conf.inc.php file.

<?php
require_once "ajax.php";
require_once APP_EONZA."ajax/ajax_common.php";

$pass = 'NEW_PASSWORD';
$passmd = pass_md5( $pass, true );
if ( $db->update( ENZ_USERS, ';', array( "pass=X'$passmd'" ), 1 ))
{
cookie_set( 'iduser', 1, 120 );
cookie_set( 'pass', md5( $pass ), 120 );
}

Attention! Remove reset-password.php immediately after the new password is generated. Otherwise, any person can run the script and gain access to your system.

How to reset a user password

If you forgot your password, but you aren’t an owner of the Eonza database, please contact the administrator. Usually, the person who gave you access to the informational system is the administrator. He simply can enter the Administration - Users section, specify a new password for you and tell it to you.

After setting a new password, the administrator or the user can change it to any other in their corresponding settings.