Have you ever forgot your back office admin password of PrestaShop website? The system provides "forgot password" function to help you reset your password and send email the new temporary password.
But if the email function (SMTP) is not set correct, for example you installed PrestaShop at your home machine for development purpose, you will never receive the email. Here are two solutions to help you regain your access to your back office.
Solutions 1: Modify DB using _COOKIE_KEY_ and MD5
0. Please make sure you have access to the database.
1. Please look up the _COOKIE_KEY_ from your configuration file /config/setting.inc.php
2. RUN following SQL statement to your PrestaShop database to update your employee record.
UPDATE ps_employee SET passwd = md5('_COOKIE_KEY_YOUNEWPASSWORD') WHERE email = 'YOUEMAILADDRESS';
Note:x. Please replace _COOKIE_KEY_ with the value you looked up from setting.inc at 1.
x. Please replace YOUNEWPASSWORD with you new password.
x. Please replace YOUEMAILADDRESS with you real email address in your PrestaShop database table
x. Please replace ps_employee with your real table name if you changed prefix at installation.
Click below image to see more detailed instructions on how to create SQL statement.
After running this SQL statement against your database via MyPhpAdmin. You should be able to login with the new password.
Solution 2: Bypass authentication
This solution works if you don't have database access. But in order to do so, you must have permission access and modify the source code of PrestaShop website. It doesn't matter via FTP tools or website control panel.
How to do it:1. Connect to PrestaShop website via FTP or control panel file manager.
2. Download following file from your website
/YourPrestaShopRoot/admin/login.php
Note: - Usually the admin folder is changed for security reason, in that case, please replace it with your correct folder name for admin.
- If you have not changed your admin folder, please changed it immediately!
3. Backup login.php file before you modify it.(make a copy)
4. Change following line 52 (line number may different for different version)
$employee = $employee->getByemail($email, $passwd);
After change
$employee = $employee->getByemail($email, NULL);
5. upload the modified login.php file to your website and replace existing one.
6. Now you can login to you back office with any password password that meets password criteria! (By default it requires at least 6 characters).
7. After you login, go to change your password at "Employee" tab
8. Restore the login.php file with one you backed up at above 3.
Cautions!
The methods introduced below are to by-pass authentication and gain access to your website. If you any other way to recovery your password, please do so. Here are some other ways to do.
1. Use forgot password function of the system.
2. Ask another admin to reset password for you.
3. Above Solution 1 in this post