Database and Admin Passwords

From PhpCOIN Documentation

Jump to: navigation, search


Database Password

Before you install phpCOIN, you setup a MySQL database along with a MySQL user and a MySQL password to access the database. You must manually enter this information into the phpCOIN file config.php so phpCOIN itself can access the database when it runs.

The MySQL password is not encrypted by phpCOIN, and during normal use would never be changed.

Admin Password

During the installation process, phpCOIN automatically creates a default admin user in the database called "webmaster" and gives it a default login password that is the same as the password contained in the config.php file.

The admin login password is stored by phpCOIN within the database and it is encrypted by phpCOIN. During normal use the admin user may change his login password at any time, so it is no longer in-synch with the database password.

To login to phpCOIN as an admin, you need the login password (which you may have changed from the default).

Installation/Upgrade Password

The phpCOIN installation and/or upgrade procedure asks for the database password (contained in config.php) so it can proceed.

If the phpCOIN install/upgrade procedure is telling you that the password you are typing into the install form is incorrect, it means that what you are typing is NOT the MySQL password contained within config.php, so MySQL is denying access to the database. This means phpCOIN cannot proceed.

The MySQL password is plain-text in config.php for phpCOIN usage, but if a third-party installer such as cPanel or Fantastico has encrypted it, phpCOIN knows nothing about it and the password will not match when phpCOIN tries to use it.

Several folks have had an issue upgrading a third-party installation because of the third-party password encryption. We do not know what they are doing to our code, so cannot troubleshoot it.

Password Encryption

The admin and client passwords contained within the phpCOIN database are one-way encrypted by phpCOIN, using whatever encryption method your installation of php is configured to use. For most people, this is MD5 but for hardened php it is usually BlowFish.

During the login procedure, phpCOIN normally encrypts the entered password using whatever encryption method your installation of php is configured to use, and compares it against the database. If your encryption method has changed between the initial record creation and this login, phpCOIN will account for the different encryption methods automatically. In other words, it does not matter if you change encryption methods because phpCOIN will accommodate it automatically and seamlessly.

Password Modification

Each client and each admin may change his or her password at any time, and as many times as he or she wishes.

The MySQL password contained within config.php should never be changed unless you have also changed the actual password for the MySQL user via phpMyAdmin or cPanel or Fantastico or other control panel.

The phpCOIN upgrade procedure has never touched the passwords contained within the database, and cannot touch the MySQL database contained within config.php If you are having trouble logging in after an upgrade, try clearing your bowser cache and cookies, and check to see what has changed in your server configuration, such as the php encryption method being changed.

Personal tools

Inscrita el Registro Mercantil de Mallorca Tomo 2140, Hoja No. PM-51034, Folio 135
This website owned and operated by: Technology Services RPVW S.L. CIF# B57345084
Avda Constitucion 48 Bajos Alaro 07340 Baleares SPAIN
Tel:+34 971518362    Fax: +34 971518368    eMail: