I was recently alerted that, on our one Evo site, people are signing up with WebloginPE and then getting their password thrown out as incorrect when they try to login - the very same password they received in the confirmation email. Naturally, this isn’t making the client look very good
I went on and signed up for an account myself, and here’s what I found. The system generated the password ’WTp4mjvfzh’ in the confirmation email, but the hash under ’cachepwd’ in the modx_web_users table doesn’t look right. Where normal hashes look something like ’c106b7b9164d81359f6a0f5ad19c4351’, it shows ’1309453124’. Several other user accounts show something similar under ’cachepwd’ - a numeric string of that length instead of a proper hash.
When I change the password for one of these accounts inside the manager, it functions normally and the user can log in using the password I created.
This was working when I originally set it up. The only thing I can think of that has been majorly changed is the version of MODx - I upgraded to 1.0.5 when it came out. I am running the latest version of WLPE, 1.3.1. I can supply snippet calls, chunks, and anything else relevant upon request. This is a real headscratcher for me, and it doesn’t help that I’m now so deep into Revo I can hardly remember how to do anything in Evo (unfortunately upgrading the site to Revo is not an option right now though).
Any help would be greatly appreciated.
One other abnormal behavior I forgot to mention: The Manager title is showing ’SM Page (call)’ on every screen, instead of the site name. Don’t know whether one could have anything to do with the other or not.