after upgrade to fp1.4 admin password failure

[miksmith]

Hi

I followed the instructions for fp1.4 *upgrade* from 1.3:

-backup
-copy upgrade files to server
-selete %%setup.loc
-run setup, setting password
-copy config files across

When I try to do an admin login I get "password incorrect" error. I deleted %%setup.lock and reset the password but get the same error.
Flatpress loads the blog correctly on the front end

What might be the problem?

thanks
mike

[fraenkiman]

Hello Mike,

blindly into the blue: The new password cannot be written to the existing AdminName.php file because you have insufficient rights.
1. please delete the file %%setup.lock again
2. make sure that your user is the owner of the directories and files.
3. it is recommended to recursively assign 0755 for the directory fp-content and 0644 for files.
4. start the setup and enter an AdminName that you have not yet used.

There must now be a new file in the fp-content/users directory with the newly selected AdminName.

You could also test 0777 for the directory fp-content and 0666 for files. To do this, edit the defaults.php file and adjust the values in lines 26 and 27. Then carry out steps 1 to 4.

Best regards
Frank

[stippi]

I had the same issue and it turned out my PW was way too complicated. I used a 'simple' one could log in and changed the 'simple' one back to the 'comlex' one in the admin dash board.

stippi

[fraenkiman]

Hello everyone,

There is no explicit character restriction in the setup for the password assignment, except that it must be at least 6 characters long. However, you should avoid spaces.

Stippi, can you please post an example of a password that is far too complicated?

[stippi]

Hello everyone,

There is no explicit character restriction in the setup for the password assignment, except that it must be at least 6 characters long. However, you should avoid spaces.

Stippi, can you please post an example of a password that is far too complicated?

Hi Fraenkiman,
nice try
Okay, I just changed it again and send you the "old" one.
&xK8wMNvq1_uGa#7xuH#gwFYH$tbv%.

Greetings
stippi

P.S.: last character is a fullstop as part of the PW.

[fraenkiman]

The problem has been found.

In the login.php file, special characters are cleaned up with htmlspecialchars().

Screenshot 2025-05-31 163459.png (30.91 KiB) Viewed 21163 times

It is possible that the cleanup should only be applied to the user name - not to the password. I'll be right back with a possible patch.

[fraenkiman]

No special characters are now sanitized in the password

login.zip

(1.69 KiB) Downloaded 982 times

[Juggernaut]

Why I’m Staying with FlatPress 1.3 – 1.4.x Update Broke My Blog

Hi everyone,

I recently attempted to update my FlatPress installation from 1.3 to 1.4, and then again to 1.4.1, hoping for improvements and continued support.
Instead, I ran into a wall of issues that I simply cannot ignore – and that ultimately locked me out of my own blog.

Let me outline my experience:

The Update Locked Me Out Completely
After applying the update (as described in the instructions), I was no longer able to log in as admin.
The system suddenly wanted a new admin name – which wasn’t documented clearly, and made zero sense in context.
Why would an update invalidate my existing credentials or require a new user name altogether?
There was no warning, and no fallback – just access denied.

This isn’t a minor bug. It’s a complete show-stopper.

Risking Hundreds of Entries? No, Thanks.
I’ve been running my blog for years now, and it’s filled with hundreds of posts that I don’t want to lose or risk corrupting.
The fact that a standard update can cause this level of access failure is deeply concerning.

I’m not willing to “experiment” with my content or spend hours in panic recovery mode.

That’s not how updates should work.

What’s With the Update Instructions?
Another point of criticism: the update process itself.

The documentation felt incomplete and over-simplified for such a major version change.
If there’s a structural shift that affects users, admin access, or login mechanics, this should be made absolutely clear – before the user hits “update.”

The user experience here feels like an afterthought.

I’m Sticking with 1.3 – It Just Works
Until these issues are addressed – especially the unexplained admin login failure – I’m staying with version 1.3.
It may be older, but it works reliably and doesn’t lock me out or force me to “guess” what’s going wrong.

To the FlatPress Team
I appreciate the work that goes into open-source projects like FlatPress.
But please consider that for many users, reliability and clarity are more important than shiny version numbers.
This update felt rushed and dangerous for production blogs.

Looking forward to seeing a more stable and well-documented release in the future – maybe then I’ll give it another shot.

Until then… FlatPress 1.3 all the way.

Best regards Juggernaut

[miksmith]

Ive gone back to 1.3. Couldnt get admin to work all

[WineMan]

Curious as to why some people are having problems with the upgrade(s). Personally I have had no problems at any time, upgrading this application.