Hey Pete, Glad it worked for you and good job using it 
Good Morning from a wet and windy Cymru
I have re-run your script Nour, and it gets me to the site and the usual tools across the top of the screen as if I had logged in as Admin. However, clicking on any of the tools brings up a screen with the error message:
âAn unexpected error occurred.
Invalid form token. Please reload this form and submit again.â
That message also seems to âUnlogâ one so to get back again I need to re-run the script. That seems a pity as we are nearly there, but there is one last barrier to overcome. I will remove the script now and hope that somebody can come up with an idea as to why it does not quite work as expected.
Thanks to everybody for your contributions.
Best wishes
Pete
You might have a discrepancy between server time and your website. Try logging in again and instead of clicking on anything navigate to /dashboard
One inside the dashboard go to where the time zone is set and see if an error is indicated. Concrete will tell you if thereâs a discrepancy.
Hi Nour
Thank you for that suggestion. However, once logged in as Super User none of the buttons work so I cannot get to Dashboard. A bit frustratingâŚ
Regards
Pete
Try just adding /dashboard to your websiteâs address
Good Evening Nour and Fellow Coders
This has been an interesting evening so far. I have followed your suggestion of adding â/dashboardâ to the URL, Nour, but unfortunately that simply throws up an Error 404 message and throws me out. I also followed up your suggestion of checking the dates and you were correct. There was a huge difference which seems a bit odd. Anyway that was soon fixed but sadly made no difference to your scriptâs operation.
I also went back to the Forgotten Password routine to see if it could be persuaded to send me an email. It did not. That is a strange problem to my mind. The clever folk who built Concrete have created a password reset script and when run the system generates an email which gets shown in the email log. The strange bit is the barrier that stops the mail actually being sent. I presume, probably incorrectly, that there is a checkbox somewhere which must be âonâ rather than âoffâ for this to happen, but I have not been able to find it. If I am right, does anybody know how to get at it?
Fortunately my systems security training from long ago was actually used when the site was set up. I made the friend who has provided large amounts of content an administrator as a backup in case of trouble. He was not keen to post stuff on the site and usually sent it to me. It was only this morning that I remembered his access rights so a quick email yielded his login. With that I have created another administrator login for me. I was planning to delete Admin, but I can find no way to edit the existing details for Admin. If anybody can point me in the right direction for that I would appreciate it.
At one level this query is solved in that I can now log into the site. However, at a more fundamental level the query has not been resolved. The Change Password routine still does not work correctly and unfortunately Nourâs excellent script does not quite work in Version 9.3.9.
Thank you to everybody who has followed the thread and contributed suggestions. I greatly appreciate that support.
Regards
Pete
You may need to add index.php to the Dashboard URL. Try adding this to your site URL
â/index.php/dashboard/â
Iâm a bit confused. You said my tool allowed you to log in as an admin, and you could see the toolbar. What aspect of my tool didnât work in 9.3.9?
Itâs only there to log you in, not to fix unrelated issues with the website.
Can you tell me more in case thereâs something I need to fix?
As for the 404 when following /dashboard, @mhawke is right you might have to add index.php
The change password routine probably works. If you see the messages sent in the logs then it works. But if your website is using the default PHP mail() method instead of an SMTP server, and if your DNS wasnât set up properly to deal with DKIM and SPF, chances are the messages sent are flagged as spam by your email and rejected.
I might be wrong but this is a very likely scenario.
The admin (or Super User) MUST have an ID of 1. Thatâs how we know it is the Super User. You cannot delete it from the dashboard.
You could delete it from the database but that will most likely not solve the problem.
What is more my tool lets you modify the Super Userâs password to whatever you like so doing anything more to the Super User account beyond that is unlikely to solve other problems your website is experiencing.
Again, if something my tool was supposed to do didnât work please let me know what is was so I can fix it.