In this documentation, the term "user" is used for visitors of your gallery who have registered an account and have logged in. The term "visitor" is used for all who access your gallery, both registered users as well as unregistered guests. Registration features (if visitors are allowed to register in the first place and how registration will work) can be configured in the corresponding section of the config panel. Coppermine comes with a user management of it's own that allows you to control what group your users are in (group membership controls permissions) unless you disable the built-in user management in favor of bridging Coppermine with another app. If you enable bridging, the bridging application will take over and control your users instead of Coppermine.
The user control panel
The user control panel can be found when clicking "users" from the admin menu. It is the place where you create and manage your users.
If you have enabled integration (bridging) Coppermine with another application (e.g. your favorite BBS app), Coppermine will use the member table of the application you bridged with (your BBS), so the built-in Coppermine user management will be disabled in favor of the user management that comes with the bridged application. This has been incorporated to eliminate redundancy and facilitate a seemless integration.
As a result, you will not have this user control panel; clicking the "users" link will send you to your bridge application's user management instead.
Page controls
You can sort the user management display by either clicking the arrow icons () next to each column header or by choosing the sort order from the dropdown at the top right.
If you have more than 25 users, a page tab will apear at the bottom right of the screen, allowing you to go to subsequent pages of your member list
Clicking on the profil icon () will display the profile page of the individual user (read only)
The edit icon () will send you to the user's profile in edit mode - you can change the password, email account and other user-related settings there
If a user has uploaded any files, the rey link () next to his name turnes green (). Clicking on this link will display files that have been uploaded by that user
The "group" column displays the primary member group the user is in
The column "Registered on" will show the date that the user account was created
The "Last visit" column will show the last login of the user. Note: if the user has ticked the checkbox "Remember me" on the login screen, he will not have to login every time he visits the gallery so this date may be accurate.
The "Files" column displays how many files the user has uploaded to date (including those that are awaiting admin approval)
The "Space used" column shows how much of the space that is assigned to the user has already been used. The total space the user is allowed to have ("Space Quota") depends on the user's group - which you set in the groups panel. As the least restrictive quota applies, the space usage bar may look inacurate on some setups if your users are members of several groups with several different quotas.
You can change a number of settings for several users at once by clicking the checkbox in front of the user row (use the checkbox at the very top or bottom of the page to select/unselect all users on the page) and then chosing an action to perform from the dropdown box "With selected" at the bottom left of the page. The actions you can choose from are "Delete", "Deactivate", "Activate", "Reset password", "Change primary membergroup" and "Add secondary membergroup". The user currently logged on (you as gallery admin) has no checkbox to avoid accidental deletion or deactivation of your own admin account.
Searching for user(s)
You can use the wildcards: * (for any string) and ? (any single character) or even %expression%. Example: searching for j* will return both Jack and Jill
Creating new users
To create a new user, simply click on the button "Create new user" at the bottom of the user manager and fill in the form that will come up.
This does of course not apply if you have bridging enabled, as user management is being handled by the app you have bridged coppermine with. In this case, the user management screen of your bridged app should show - create a new user there.
Editing users
To edit the properties of a user, click the -button next to the user name. You will then find a page where you can modify all user profile fields the user has. This includes the option to change the password of that user. If you don't want to change a user's password, leave the password field blank.
The dropdown list determines the primary group the user is in, the checkboxes beneath it determine the secondary groups.
Please note that this screen (as well as the rest of Coppermine's user management) will not be available if you have enabled bridging, because then the user management of the application you have bridged with (e.g. your BBS) kicks in and handles everything related to user management.
Album permissions by group
The link "Album permissions by group" will let you display what albums are assigned exclusively to members of a particular group. To make this absolutely clear: this feature does not allow you to actually assign albums to groups, it just displays those assignements. To actually assign albums to particular groups, use the album properties dialog of individual albums.
Group membership
When creating a new user or editing an existing user, you will notice a row named "User group" - it determines what group(s) the user is in.
The first field (a dropdown field) determines the primary user group. It determines the status of a user. You should set it to "Administrator" (for users you want to assign admins powers to) or "Registered".
Additional (secondary) group membership can be assigned using the checkboxes beneath the dropdown field. Here, all your custom groups (that you can create and manage using the group control panel) should show as well as the core groups (the ones that come with coppermine out of the box and can't be deleted). Assign additional group membership to your users here. Privileges for a particular user inherited from group membership are added: the least restrictive permissions are taken into account.
If you want your registered users to be capable of viewing the gallery only, and only privileged users of your custom user group "photographers" are allowed to actually upload files, make all your users members of the built-in group "registered" (by default, they already are). Only for user you want to give the privilege to upload, tick the check box "photographers" as secondary group. Then go to your groups control panel and disallow uploads for the registered group there, but allow uploads for the custom group "photographers".
Note: the button "album permission by group" beneath the checkboxes is not meant to assign album permissions, but only to check the permissions set. You can only assign particular album permissions on the album properties screen.
Lost passwords
There are many passwords that you have to memorize, and there are many issues that are related to password issues. Not all of them are related to Coppermine though, so they will be discussed in brevity here. If you need to figure out details on password issues that are not related to Coppermine in itself, it's a good idea to use a search engine and/or your webhost for support.
Coppermine user account password
There is no difference in this aspect between an admin and a non-admin user account: they both work the same way: you have to log in providing a user name (or an email address if you enabled the corresponding option in Coppermine's config) and a password. If this authentification has been successfull, i.e. if Coppermine "knows" you, Coppermine will determine if your user account belongs to the admin group or not. Based on this group membership you will have different privileges.
There is however a basic difference between Coppermine running in standalone mode (out of the box it runs in standalone mode) and Coppermine being bridged with another application:
Coppermine in standalone mode
The database table that Coppermine users are being stored in does not contain the actual user's password in plain text, but only an MD5-encrypted password hash. Think of such a hash as a checksum: in fact it's the result of a calculation: when the password is being entered on Coppermine's login screen into the form there, the browser sends the password the visitor has entered to the server. The server then calculates the hash that results out of the password the visitor has entered and finally compares the hash stored inside the database table against the has that was just calculated. If those hash values match, the password is considered to be correct and the user is authentificated, i.e. a cookie is being stored on the visitor's computer that basically says "the user with the user name XYZ has successfully authentificated". Again, no password is being stored anywhere.
With this being said it should be obvious that you can't look the password up anywhere, simply because it isn't actually stored anywhere.
But then, we're all human, so it might happen that you (as someone who runs a Coppermine gallery) or your users forget your password for whatever reason. That's why there is a mechanism to make sure you can log in again. Sadly, you can not just send a password reminder inside an email to the user, simply because the server is not aware of the password. That's why there is a link on Coppermine's login screen that is named "I forgot my password". If a visitor clicks on it, he/she will be sent to a password reminder screen where he/she can enter his/her email address. But wait a minute! Haven't you just said that the server doesn't know the password and therefore it can't send it by email? And yes, that's true. Actually, it's a three-step process: the visitor can enter his/her email address. If a user with that email address exists in Coppermine's user table, an email is being sent to that address that basically contains a link that the recipient of the email needs to click on to verify that he actually has forgotten his/her password and wants to request a new one. This is meant as a pre-caution against vandalism to make sure nobody get's locked out because someone else requested a new password for him. The link inside the email contains a token that can not be guessed or made up: it's unique. Only if that link is actually clicked the password reminder is triggered. The server then assigns a new random password for the account that corresponds to the email address and sends that new password in another email. With that new password inisde that second email the user can log in again.
This is a very elegant and fool-proof process once it is set up properly, but there are of course some things that can go wrong as well:
The user needs to know the email address he used to create his user account
The user needs to have access to the email address, i.e. he needs to remember the non-Coppermine password for the email account
The email address that corresponds to the user account needs to be populated in the first place, which might not be the case for the admin if he failed to provide one for his own account
The server needs to be configured properly to actually send emails
The email sent by the server might mistakenly be blocked by third-party spam filtering mechanisms
If this is the case for you, i.e. if you have forgotten Coppermine's admin account and you can't use the "forgot password" feature for whatever reason, here are some things to do:
If you have access to phpMyAdmin, simply set a new password for your Coppermine user account. Here are the instructions that were originally posted as a user contribution on the Coppermine support board:
Once you are in the phpMyAdmin you will see the databases on the left. Click on the database that belongs to coppermine. On the left you will see the tables.
Click on the table named XXX_users, where XXX is the table prefix that you have chosen when installing Coppermine in the first place (out of the box, the prefix is cpg15x_, so the default table name should be cpg15x_users). You must click on the icon to the left of the text or you won't get the right screen.
If you lost your admin password look under the column titled user_id. Look for the 1. That is admin account that you have created during initial install. To the left of that column is a pencil icon (that means edit). Click on it.
You now should have fields you can write in.
To the right of the row called user_pass is the encrypted password. Erase that and fill it with
.
That will make the password admin. Do not under any circumstances leave the password field blank. Go to the bottom of the page and just above the light bulb it should say Save. If it does click the go button. Exit out of phpMyAdmin by going to the exit icon at the upper left corner.
Type in the URL of your Coppermine page. Login with your user name and the password admin. Once you have successfully logged in, you should of course change the password to something else instead of the phrase admin. Click on "My Profile", scroll to the bottom of the page and click on "Change my password". Enter the old password (admin) and your new password (you need to enter that twice) and submit the form. If all went well you will see a message that says so.
You can do the same process for users: to access a user's profile, you log in as admin, go to the user control panel, edit the user account by clicking the edit icon next to the user's name and then enter a new password into the corresponding field.
Another alternative using phpMyAdmin without changing anything around is to use a rainbow table site and search for the password that matches to the hash that you can retrieve using phpMyAdmin.
If you don't have access to phpMyAdmin, you can do the following to create a new admin account:
Use your favorite plain text editor (notepad.exe is fine) to create a plain text file with this content:
Name that file adminpass.php and upload it to your webserver into the Coppermine root folder
Run the file in your browser by entering the URL of the file you just uploaded (something like http://yourdomain.tld/your_coppermine_folder/adminpass.php) into the address bar of your browser
Important: delete the file adminpass.php from your server - it's a great danger to your site if you don't!
Log in with the new user that the script has created for you.
Immediately change the password of the user account once you have logged in.
Coppermine bridged
When Coppermine is bridged, the user management of the other application that it's bridged with "takes over", so if a visitor clicks on the login link within Coppermine he is being redirected to your bridging app's login screen. After a successfull login there, he/she might be sent back to your Coppermine-driven gallery (if your bridging app supports redirection after logging in). Coppermine is only "aware" that the user has been authentificated in your bridging app; Coppermine is not aware of the user's password. Subsequently, you can't use Coppermine mechanisms to retrieve lost user account passwords when you're bridged. If your bridging app provides mechanisms to recover from password-loss, then use those mechanisms.
mySQL account password
If you (or your webhost) have changed your mySQL account details (e.g. if you have assigned a new password to your mySQL account) you can reflect your changes in Coppermine by editing the file include/config.inc.php.
Please keep in mind that you can only reflect your mySQL database account changes in that file. Coppermine can not actually change the password of your mySQL account itself. If you want to do that (i.e. change your mySQL admin account password), use whatever mechanism your webhost is providing to accomplish this or ask your webhost to change it for you.
) next to each column header or by choosing the sort order from the dropdown at the top right.
) will display the profile page of the individual user (read only)
) will send you to the user's profile in edit mode - you can change the password, email account and other user-related settings there
) next to his name turnes green (
). Clicking on this link will display files that have been uploaded by that user
To edit the properties of a user, click the