A Potentially Delicate Problem..

Here's the situation…



I hired a developer overseas to install CS cart and design a new skin. The installation went OK but he's simply not getting it done with the design end of it. He's exceeded the deadline for completion twice over with no end in sight.



I'm going to fire him of course, that's the easy part. My concern though is since he installed the software it's his name and password in the “number one” position in the administrators screen. Mine is directly under his. Problem is, MY user account can be deleted while HIS user account has no such option. I'm worried that the guy might get vindictive when I let him go and somehow lock me out of my own store! Worse yet he could play havoc on the work I've already done to it and get into a host of other potential mischief.



Changing the FTP password on my server is easily done, but I don't think that that affects access to the store's back end. How do I switch settings so that he can't get in?

Login in to the MySQL database and change your user_type to 'A'. Then login to CS-Cart Admin and delete him

Thanks, but could you be a little more specific? I was able to log onto MySQL database, but there's at least 100 headings to choose from (C.S. Cart Users… C.S. Cart access restrictions etc.)



It'll be just my luck to change one setting in the database, mess the whole thing up, and not be able to undo what I did. I need to get this right the first time.

OK… I poked around and found the correct screen. Thing is, I'm already set to “User_Type A”. Still not sure how I can delete him when that's not an option in the back end of the store.



Do I have to delete him from the database? When/if I do, does my profile automatically become the one that does not have the “delete option” in the back end?

Just noticed that in the “Is_root” field, he is marked as “Y”, while I'm marked as “N”. Is this another change I'll have to make?

Well, now I’m COMPLETELY screwed!



I deleted the developer’s user ID from MySQL Database and now I get this when I try to log on:



http://cabinethardwa…c.com/4dmin.php



Same deal if I try to log on to the front end of the store: [url=“http://cabinethardwareetc.com/”]Welcome cabinethardwareetc.com - BlueHost.com



Here’s a screen shot after the deletion:



http://s307.beta.pho…enshot.png.html



Looking back at Jeremy’s advice, I guess I should have deleted him thru the CS cart back end, not while in the database itself.



Needless to say I’m devastated and could really use some help

Yes I was suggesting that you login to CS-Cart admin and delete him.



Do you have a backup of the database?



The errors you are seeing are all related the $db_conn object so perhaps you corrupted the database when you deleted the record. Try running the Fix or Repair function on the database and/or affected tables

No, no back up database (unless by some miracle CS cart does that by default behind the scenes).



I tried “analyze table”, Repair table, and “check table” and get message saying that everything is peachy freekin keen, except it’s NOT.



Just wrote tech support, maybe they can help

I'm sure they will be happy to sort it out for 5 support credits.



Sorry for this bit of misfortune.



PM me if you would like to discuss a design for your website. I work exclusively with CS-Cart for ecommerce sites.

Make a backup of your database. Then try running this SQL statement on the database:


INSERT INTO `cscart_users` (`user_id`, `status`, `user_type`, `user_login`, `referer`, `is_root`, `company_id`, `last_login`, `timestamp`, `password`, `salt`, `title`, `firstname`, `lastname`, `company`, `email`, `phone`, `fax`, `url`, `tax_exempt`, `lang_code`, `birthday`, `purchase_timestamp_from`, `purchase_timestamp_to`, `responsible_email`, `last_passwords`, `password_change_timestamp`) VALUES
(1, 'A', 'A', 'admin', '', 'Y', 0, 1360951833, 1356041792, 'password', 'pwsalt', 'mr', 'Your', 'Name', 'Your company', 'yourunique@email.com', '55 55 555 5555', '', '', 'N', 'EN', 0, 0, 0, '', '', 1356042011);




This is assuming the deleted account was user_id = 1 and it was the main admin account (ie. is_root = Y). User_id = 1 and is_root = Y is always true for the root user admin. If no user_id = 1 exists in your store and no other user has is_root = Y, it is safe to run this command. You should also change 'yourunique@email.com' in the statement to an email address only you have access to. You can then go to the admin login page, and reset the password to this email address. Note the email address must be unique otherwise you'll run in to problems.

I would change your userid to 1 and set your is_root = Y

I would not be surprised if the site works again then. Likely CS-Cart simply cant find the superadmin.

Stellar,



Thank you for this! Before I do anything, let me say that earlier I had noticed that Root=Y was a difference between the other guy's info and mine. I figured that was the thing that made it impossible to delete his account from the back end, so I changed my Root to equal Y as well. That had the desired effect of eliminating the “delete option” from my log-in credentials just like his, and at the time “matter and anti-matter” seemed to co-exist without any explosions. I then figured it was all clear to delete his as well and that's when all hell broke loose.



Also, I just tried as P-Pharma suggested as it seemed a little easier to get my head around, but unfortunately, no luck… same issue.



So are you saying that before I do anything, I should change my Root back to =N and change my I.D. to something other than 1? (i think it was 4 but I'm not positive).



If all that is true, I'm still a little sketchy on how to “run the SQL statement on the database”. I assume you meant everything that's in between the parentheses, but I've no clue as to just where to put the text and what to click once I do.

Please see attached:



http://s307.beta.photobucket.com/user/woonnblood/media/SQLscreenshot-1.png.html



Could I just copy/paste the fields in order as I started to do here and get the same effect?

Navigate to the cscart_users table and then click on SQL tab and paste the following into it:





[color=#000000]INSERT INTO [/color][color=#008800]cscart_users[/color][color=#000000] [/color][color=#666600]([/color][color=#008800]user_id[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]status[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]user_type[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]user_login[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]referer[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]is_root[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]company_id[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]last_login[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]timestamp[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]password[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]salt[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]title[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]firstname[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]lastname[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]company[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]email[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]phone[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]fax[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]url[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]tax_exempt[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]lang_code[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]birthday[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]purchase_timestamp_from[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]purchase_timestamp_to[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]responsible_email[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]last_passwords[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]password_change_timestamp[/color][color=#666600])[/color][color=#000000] VALUES

[/color][color=#666600]([/color][color=#006666]1[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]'A'[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]'A'[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]'admin'[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]''[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]'Y'[/color][color=#666600],[/color][color=#000000] [/color][color=#006666]0[/color][color=#666600],[/color][color=#000000] [/color][color=#006666]1360951833[/color][color=#666600],[/color][color=#000000] [/color][color=#006666]1356041792[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]'password'[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]'pwsalt'[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]'mr'[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]'Your'[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]'Name'[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]'Your company'[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]'yourunique@email.com'[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]'55 55 555 5555'[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]''[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]''[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]'N'[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]'EN'[/color][color=#666600],[/color][color=#000000] [/color][color=#006666]0[/color][color=#666600],[/color][color=#000000] [/color][color=#006666]0[/color][color=#666600],[/color][color=#000000] [/color][color=#006666]0[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]''[/color][color=#666600],[/color][color=#000000] [/color][color=#008800]''[/color][color=#666600],[/color][color=#000000] [/color][color=#006666]1356042011[/color][color=#666600]);[/color]



Then click the Go button

well, it did paste in as planned, but unfortunately I get the same result when I try to view my site. Here's a screen shot of the user list if anything jumps out at you.



http://s307.beta.photobucket.com/user/woonnblood/media/SQLscreenshot-2.png.html



I never messed with any of the code on any other page, but could something I did on the cscart_users screen have corrupted something else down the line?

Are you choosing MD5 under the function for the password field before inserting or saving?

[quote name=‘ticeholdings’ timestamp=‘1360965039’ post=‘155495’]

Are you choosing MD5 under the function for the password field before inserting or saving?

[/quote]



Jeremy, I really do appreciate your helping me, but I have absolutely no idea what you mean by the above. I just pasted everything into the SQL window, crossed my fingers and hit “Go”.

Oh I think I figured out what you meant. I hit “browse” and selected the new entry and went to “edit mode”. Then I used the drop down and chose MD5 for the password field, and hit GO.



The password field got changed into a much longer string but still not effect on getting the site up and visible.



See screen shot here: http://s307.beta.photobucket.com/user/woonnblood/media/SQLscreenshot-3.png.html

If you are able to send me (PM) your Cpanel login info, I will do what I can to assist you.

On it's way!