Blog

Joomla 3.2.0 passwords issue (solution)

Joomla 3.2.0 is a result of terrible coding and total irresponsibility: users registration and password reset are broken and passwords are not recognized. Please note that Joomla 3.2.1+ doesn't have these issues.

We suffered from this a couple of days and finally propose a solution, though you can just install Joomla_3.1.6-Stable-Update_Package.zip and downgrade.

Edit /libraries/joomla/user/helper.php:

1. Change

$encrypted = ($salt) ? md5($plaintext . $salt) : md5($plaintext);

to

$encrypted = ($salt) ? md5($plaintext . $salt) . ':' . $salt : md5($plaintext);

Edit /libraries/joomla/user/user.php:

2. Change

$array['password'] = $crypt . ':' . $salt;

to

$array['password'] = $crypt;

Edit /components/com_users/models/reset.php:

3. Change

$password = $crypted . ':' . $salt;

to

$password = $crypted;

4. Change

if (!($crypt == $testcrypt))

to

if (!($user->activation == $testcrypt))

5. Change

$testcrypt = JUserHelper::getCryptedPassword($data['token'], $salt);

to

$testcrypt = JUserHelper::getCryptedPassword($data['token'], $salt, 'md5-hex');

Edit /plugins/authentication/joomla/joomla.php:

6. Change

if ($crypt == $testcrypt)

to

if ($result->password == $testcrypt)

 

Reset your password if it still doesn't work after these changes. 

Need Help?

If you are in need of help or have any questions regarding our products you may use one of the links below:

Our Newsletter

Get the latest news, product updates and special offers!

We use cookies so that you can place orders and we can provide a better service. You can control the use of cookies at the individual browser level. If you reject cookies, you may still use our website, but your ability to use some features or areas of our website may be limited.