Sonya* Posted November 6, 2018 Share Posted November 6, 2018 I have upgraded 3.2 to 4.3 on the test server and encounter an issue that some users cannot login with their valid passwords any more. Another users can. I have investigated further and found one dependency: if user's password contains capital letters in it then user cannot login in 4.3 after upgrade. If there are no capital letters in the password the login credentials are still valid. Has someone encountered the same issue? Is it a bug or works as desired? I have over 280 000 users and would like to avoid mass changing passwords after upgrade. It is already "difficult" for users to use their display name or email instead of login. And if the passwords do not work either the users will be definitely confused. Link to comment Share on other sites More sharing options...
bfarber Posted November 6, 2018 Share Posted November 6, 2018 Are we talking capital latin characters, or capital letters in another language? Link to comment Share on other sites More sharing options...
Sonya* Posted November 6, 2018 Author Share Posted November 6, 2018 (edited) Сapital latin characters. Meanwhile we have also users that have capital latin characters in their passwords and can login. I have no idea why some users can login and another not. The passwords are definitely correct. I test them on 3.2 and they work and then on upgraded 4.3 and they do not work... Edited November 6, 2018 by Sonya* Link to comment Share on other sites More sharing options...
BomAle Posted November 6, 2018 Share Posted November 6, 2018 (edited) Try to check if user is listed into the result of this query SELECT member_id, name, members_pass_hash, members_pass_salt FROM core_members WHERE members_pass_hash <> '' and members_pass_salt = '' Edited November 6, 2018 by BomAle Sonya* 1 Link to comment Share on other sites More sharing options...
Sonya* Posted November 7, 2018 Author Share Posted November 7, 2018 19 hours ago, BomAle said: Try to check if user is listed into the result of this query SELECT member_id, name, members_pass_hash, members_pass_salt FROM core_members WHERE members_pass_hash <> '' and members_pass_salt = '' I have 20526 users that match this query And indeed the users that cannot login are included. I have applied your fix and now they can login again. Thank you!!! And now? Should I leave the fix or will it be fixed by IPS in the next version? Or in the upgrade routine? Have you reported it? Link to comment Share on other sites More sharing options...
BomAle Posted November 7, 2018 Share Posted November 7, 2018 (edited) Quote Hello. This is unfortunately a very rare issue, and only affects a small number of installs with very old members, so it's unlikely that the software will be changed for this one specific issue, but please feel free to make that suggestion in the Feedback & Ideas sections of our community forum. Regards, Mark Higgins Invision Power Services, Inc. from #1021485 ticket I suggest to change the code where you have applied the fix and redirect on reset password with a notice for help understand the issue if user attempt login have a empty salt. Edited November 7, 2018 by BomAle Sonya* 1 Link to comment Share on other sites More sharing options...
Zhana Posted March 20, 2020 Share Posted March 20, 2020 Hello, I recently upgraded from 3.x to 4.x and members on my forum are also reporting problems with logging in. I ran the SQL query and got 14984 results. What is the best course of action from here, should I ask IPS support for help in this matter? BomAle 1 Link to comment Share on other sites More sharing options...
.thumb.png.72c24494603afd7a572d55d4a71e4af2.png)
Recommended Posts