Admin Password Unprotected

Hi,

In the config.inc.php the admin password is in plain text. Any plans to fix this or is there a work around to secure this file?

Thanks

It is not admin password, it is MySQL database access password, right?

It is your hosting responsibility to make this file unaccessible for others! Encryption anyway must be 2-ways, so if someone
able to read this file, he will be able to unencrypt password too.

Is there an answer to this question? How would we encrypt the password?

Some hosts require that your username and password be the same for the mysql database, as well as the entire site.

In fact, amember would not allow the added usernames/passwords that I created for my database. When I installed it, amember would only take the original username and password for my entire site (mysql setup page)! All the other username/password combinations produced an error, and would not let me get to the next page in setup.

What should we do if we want to encrypt our password?

It will be implemented. There is no instant solution.

Almost all PHP scripts (99%) doing the same - scripts needs MySQL password in plain-text. So it is your hosting responsibility to protect your files.

.htacess problems again

First in Foremost your service is great...

alex

1.I am a newbie in this platform

I've read your document (cgi.central.net/opened/html) on Setting up Protection but I got this error:

"This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required."

my membership site is located inside /members folder and I installed the my aMember application inside /aMember both are on the same root.

this is how my .htaccess goes:

AuthType Basic
AuthName "Membership Area"
AuthUserFile /home/user/amember/data/.htpasswd
AuthGroupFile /home/user/amember/data/.htgroup
Require group PRODUCT_3

this didn't work, did I miss something

2.When entering the /members folder a network password box appears, with the username input box having a value (the value of the username used through log-in) while the password input box is still empty.

HELP

and thank you again

Helppp!!!!

Alex,

I'm still having the same error....I still have the same "password box" pop-up and the when I enter the corresponding password the same error msg pops up.... here is my current .htaccess code (cut and paste it from the admin page as u have instructed)

AuthType Basic
AuthName "BusinessSummaries Pro Subscribers Only"
AuthUserFile /usr/local/psa/home/vhosts/contsum.com/httpdocs/amember/data/.htpasswd
AuthGroupFile /usr/local/psa/home/vhosts/contsum.com/httpdocs/amember/data/.htgroup
Require PRODUCT_3

We are really convinced that this is the product for us...and your service is awesome..thanks in advance.

Im so happy

Dumb as I am , I made it work ...I just happen to forget some of the few lines needed...


THanks Alex you'll here from us soon...

Demo Mode

ALEX,

Your service is really awesome...

Follow up questions:

1)My boss wants to have a demo purchase using 2checkout , as part of our QA and testing , how will I do this .Does the free version support such?

2)How do I remove the FREE SIGNUP option under Select Payment Method in the member.php?



Thanks again

Really?

I guess I was aware of that... ...doink!

Thanks again....

Could Not Edit

Alex,

NO question you customer service is the best, and I dont question your integrity either .Thing is ,we are a small company and we would like to spend out resources wisely. Thats why we do all this simulation and test before we actually purchase any applications.



Btw...I could not edit any of your scripts...I am using dreamweaver to do the editing...suggestions?

"access denied"?

Thanks Again