All projects distriyed after latest upgrade....

More
26 May 2013 12:07 - 26 May 2013 12:09 #1053 by GammX1
1)

I knew that the secret key could change if you move the site, but it never happened to change when you UPGRADE it... this is a very annoying behaviour of Joomla... -.-

>> That's a very recommended step when you wish to upgrade PHP (to take a backup and if something goes wrong, to restore it later on the new server... Do you understand that as a new install or move? If YES then you must prevent data lost because the encryption (just my opinion!)
2)

I will add this option FOR SURE in future releases, moreover I'll save the config key, since it seems that the Joomla standard one is not reliable.

>> No problem to wait as far as you may need if finally will be SAFE (if no other way than to have SECRETKEY mandatory... wy not to add an option at the 'tracktime' backend panel where the final user could set its own 'SECRETKEY instead than to use the default Joomla! one)
3)

Just to know, when you performed these changes, did you restore a backup on your site, or simply upgraded it?
I'm asking it since the only point where I can find the secret key changing is while installing...

>> I think, I have answed at the point 1) answer..., Isn't it?

Waiting your feedback,
Rgrds,
Last edit: 26 May 2013 12:09 by GammX1.

Please Log in or Create an account to join the conversation.

More
26 May 2013 13:19 #1054 by admin

Your secret will also change when you restore an Akeeba Backup archive; having the same secret across different sites is a security risk.

as Nicholas from Akeeba Backup confirmed, if you restore your site the secret key will change

Please Log in or Create an account to join the conversation.

More
27 May 2013 16:13 - 27 May 2013 16:23 #1059 by GammX1

Your secret will also change when you restore an Akeeba Backup archive; having the same secret across different sites is a security risk.
as Nicholas from Akeeba Backup confirmed, if you restore your site the secret key will change


>> As far as I understood, your last comment is not a good new!... is that meaning that every 'Tracktime' user will lose his 'Project encrypted data' under a punctual circunstance of needing to restore a backup of his site?

>> At my side, I will try to restore an old (4 months) backup, took when I had PhP 5.3.3 on my production server, to a Joomlas2Go! MULTISITE server that runs PhP 5.3.2 by default, paying special attention (editing manually) to its original 'secretkey' and I'll let you know the results.

At your side, I hope you will do the best to solve the reported issue on your next official release (lets say, allowing the final user to set his own secret encryption key as an option and even to have the posibility to disable data encryption at all)

Thanks in advance for your attention & quick feedback (have a nice trip!),
Rgrds,
Last edit: 27 May 2013 16:23 by GammX1.

Please Log in or Create an account to join the conversation.

More
27 May 2013 18:15 #1061 by GammX1
Hi Davide,
Just to confirm you that setting the same 'public $secret' (from an old backup configuration.php file) to the current 'configuration.php' file made the encrypted data to be readable again at the backend...
>> That is not solving the reported issue (knowing that restoring a 'backup' should always change the 'public $secret') but your provided guidelines saved me to manually fill all the data again from raw 'paper records' (>50 booked projects with a lot custom fields).
I'll stay tuned to your next release (no problem to wait for that as far as you may need. Have a nice trip!),
Rgrds,

Please Log in or Create an account to join the conversation.

More
26 Jun 2013 10:19 - 26 Jun 2013 10:19 #1161 by GammX1
Hi, please confirm if 2.1.0 version solves the reported and commented issue and HowTo. (there is not reference at the changelog under this version release about)
Thanks in advance for your attention & quick answer, Rgrds,
Last edit: 26 Jun 2013 10:19 by GammX1. Reason: typo

Please Log in or Create an account to join the conversation.

More
26 Jun 2013 11:29 #1162 by admin
hi Gabriel, yes, this release fixes your issue.
You don't have to do anything, since TrackTime will store you secret key at first run, then it will re-use it forever, so your Joomla secret key can change without any problem.

sorry for the mess :)
The following user(s) said Thank You: GammX1

Please Log in or Create an account to join the conversation.

Time to create page: 0.227 seconds