Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site, or upgrade to a Web browser that does support JavaScript.
Sign In
Not a member yet? Click here to register.

Admin Password confusion!


Print Track
Hello everybody.

Finally I moved to v7.00 Final and migration processed quietly and without problems. Cool! :)

However, it seems I'm turning a dumb guy but I really don't understand the concept behind the "admin password" in the administrator account and I'm having problems with it.

For example, the username and also administrator is "bebe". The admin password for that user is "xxxx" and the user password is "yyyy" because it MUST be different from "xxxx".

When I log in with user "bebe" it ONLY accepts the "yyyy" password (the user one) and doesn't allow me to log with the "xxxx" password (the admin one).

After logged on with "yyyy" I can go to the admin CP but after making some changes to the panels, for example, I receive a message saying that the password is invalid when I try to save any changes. Weird, at least to me...

Is there any kind soul willing to help me with this, please, and properly explain me the concept behind these two passwords for one account? I'm totally lost with this because this concept is quite fuzzy to me at the moment.

Many thanks, in advance, for any useful help.

14 replies

Quote

softgil wrote:
Hello everybody.

Finally I moved to v7.00 Final and migration processed quietly and without problems. Cool! :)

However, it seems I'm turning a dumb guy but I really don't understand the concept behind the "admin password" in the administrator account and I'm having problems with it.

For example, the username and also administrator is "bebe". The admin password for that user is "xxxx" and the user password is "yyyy" because it MUST be different from "xxxx".

When I log in with user "bebe" it ONLY accepts the "yyyy" password (the user one) and doesn't allow me to log with the "xxxx" password (the admin one).

After logged on with "yyyy" I can go to the admin CP but after making some changes to the panels, for example, I receive a message saying that the password is invalid when I try to save any changes. Weird, at least to me...

Is there any kind soul willing to help me with this, please, and properly explain me the concept behind these two passwords for one account? I'm totally lost with this because this concept is quite fuzzy to me at the moment.

Many thanks, in advance, for any useful help.


the admin password is used in some areas in admin section, if you add a panel you need to type the "admin" password in the field "Admin Password" to save the panel
The Admin password is a secondary backup. If someone manages to get hold of your account password, they still need the admin password to use within the admin panel before they can effect any major change.

The chances that someone will get both passwords right is tiny, unless you've told them
I am also having the same trouble understanding the function of the secondary admin password. I have upgraded to v7 with no trouble, but am now trying to change the default theme under Main Settings in the admin panel. There is no where on the page where I can input the secondary admin password. When I change the default theme and click the Save Settings button, I receive the following error message: "403 Forbidden - You don't have permission to access /administration/settings_main.php on this server."

I've checked the folder chmod settings for this folder and it is set to 777. I don't know what else to do. Can someone help clarify the use of the secondary admin password so I can update the Main Settings options in the Control Panel?

Thank you!
It's easy. Even though you're an admin you're still a user.

User password is for logging in and the front-end in general.
Admin password is for when there's a setting in the administration section that requires a password-- for extra security-- incase your account is compromised.

:)
PHP-Fusion is different from the likes of SMF or PHPBB which you need to re-login w/ ur admin password when accession the admin section.

The password for PHP-Fusion is need when you're modifying some sections on your site like custom pages, panels, etc. That's theonly that you will need to enter your password. You will not be asked to login using the admin password.
Of course its different.
Fusion is a CMS, not a Forum script like phpBB.
It maybe a nice idea with the admin password, but better would be to use different logins for the portal and the admin-area like in Typo3 or modX.
Yes, I understand that. But my question still hasn't been answered.

Quote

"...trying to change the default theme under Main Settings in the admin panel. There is no where on the page where I can input the secondary admin password."


and...

Quote

"When I change the default theme and click the Save Settings button, I receive the following error message: "403 Forbidden - You don't have permission to access /administration/settings_main.php on this server."


:(

Quote

eskindian wrote:
I am also having the same trouble understanding the function of the secondary admin password. I have upgraded to v7 with no trouble, but am now trying to change the default theme under Main Settings in the admin panel. There is no where on the page where I can input the secondary admin password. When I change the default theme and click the Save Settings button, I receive the following error message: "403 Forbidden - You don't have permission to access /administration/settings_main.php on this server."

I've checked the folder chmod settings for this folder and it is set to 777. I don't know what else to do. Can someone help clarify the use of the secondary admin password so I can update the Main Settings options in the Control Panel?

Thank you!


Only these folders should be chmod:

3. Unless you are running PHP-Fusion on a local server, in most cases you will need to CHMOD the following files and folders to 777:

* administration/db_backups/
* images/
* images/imagelist.js
* images/articles/
* images/avatars/
* images/news/
* images/news_cats/
* images/photoalbum/
* images/photoalbum/submissions/
* forum/attachments/
* config.php

Quote

WEC wrote:

Only these folders should be chmod:

3. Unless you are running PHP-Fusion on a local server, in most cases you will need to CHMOD the following files and folders to 777:

* administration/db_backups/
* images/
* images/imagelist.js
* images/articles/
* images/avatars/
* images/news/
* images/news_cats/
* images/photoalbum/
* images/photoalbum/submissions/
* forum/attachments/
* config.php


Right. I mispoke. I thought I was suppose to chmod the administration folder, so I tried it and I received the same error message. I then went back to the installation instructions and noticed that I was incorrect and only the db_backups folder needed to be chmod...which I did during installation. So I put the main folder back to it's original state. It is no longer 777. You are correct.

However, before I did this, and after I incorrectly changed the chmod for the administration folder, and even after I returned it to it's original state, I received the same error message in all three instances AND no option to type in the secondary admin password has ever been available.

Has anyone tried to change any options on the Main Settings page? If so, what do you see? Are you getting the same error message as I am? Do you see any place or are you prompted to type in the secondary admin password?

Thank you.
Main settings doesn't have any admin password since anything you enter there is sanitized.

You shouldn't be prompted for any password in that area of the administration.
Cool. So the following error message, "403 Forbidden - You don't have permission to access /administration/settings_main.php on this server.", must mean I have a different issue...

hummmm....let's think.... :|
Check your chmod of all files in the administration folder.

Deleting the entire folder and uploading a fresh copy should reset chmod if you find that easier.

Then chmod administration/db_backups/ 777
Thank you WEC. I tried it and I'm getting the same message.
SOLUTION: I contacted my web host last night and they had to change some sort of permissions or settings in the background. Something they said that I couldn't do myself. They wouldn't tell me what exactly they did, so if anyone out there runs into this problem in the future (403 Forbidden Error), contact your web host.

Thanks everyone!
author softgil
forumSystem Administration - 8
replies15 posts
viewed5,378 times
activeLast updated on 11 years ago
You can view all discussion threads in this forum.
You cannot set up a bounty in this discussion thread.
You can start a new discussion thread in this forum.
You cannot reply in this discussion thread.
You cannot start on a poll in this forum.
You cannot upload attachments in this forum.
You can download attachments in this forum.
You cannot up or down-vote on the post in this discussion thread.
Users who participated in discussion: WEC, eskindian, Reef, alcazar, softgil, Ninos, SiteMaster, cybernie