Can't reset Admin password
The commonly recommended soloution is to login as the DB admin and then use phpMyAdmin to check the "Logs" table for the message that should have been sent to reset the password.
I did that, and there are no password resetting messages in the Logs table. I know that sendmail is configured properly because there are other sent messages from Forms, but nothing as a password reset is in the Logs table.
Because I;m on version 22.214.171.124, resetting the password column using a known password for another user doesn't work either - I guess there was a change in the salting process. Which is great for security, but prevents me from accessing my site.
Again, I already know that sendmail works at least for Forms, so I know that sendmail is not misconfigured. So finding out that sendmail doesn't work wouldn't seem to be a possibility.
Does C5 really have a system that makes it impossible for a db and/or web admin to reset a password?
I'll attempt to continue without such assumptions:
Things I would do:
doublecheck the admin user in the database to make sure that the email address is actually correct and the one that you are expecting to receive the password reset email
check also in the database that the following fields in the config table are set to 1
if not, set them to 1 and then go back to your website's password reset form (normally index.php/login if you haven't changed it)
add your admin email address to the box marked 'Email Address'
Click 'Reset and Email Password'
Do you get a message towards the top of the screen saying 'An email containing instructions has been sent to your account address'?
or do you see something else / nothing?
If you received the success message then check your mailbox, check spam etc.
If still nothing then go back to phpmyadmin and look in your logs table
Is there an entry at or towards the bottom of the table with the logType sent_emails that starts something like '**EMAILS ARE ENABLED"
If so click on the edit button and copy the password reset link from the field and put it in your browser.
If you received an error message when submitting the form or you have an entry in your logs table with the logType exception then there is something going wrong somewhere - the error message might help.
ENABLE_LOG_EMAIL, ENABLE_LOG_ERRORS, and SITE_DEBUG_LEVEL are all 1.
When I click 'Reset and Email Password' it tells me that a message has been sent to my account address. It never arrives at the inbox, Spam, Trash, or anywhere else. I scanned my filters to make sure nothing there would be deleting a message.
I have already checked the Logs table and as I said, there are no relevant entries there. (There are some entries from a "Forms" block I set up, and I know that those emails are going out successfully, but nothing else.) There are no error messages or anything about a logType exception.
So, no solution yet.
I think it's great that security is beefed up by removing the SALT from the public file, but it does seem to me like a good idea to outline a method to generate the correct hash for a password and to be able to insert it into the database. If the method would have to be used by a privileged user at the database level, it seems to me that there is no loss of security - if you have db admin privilege you can pretty much do anything to a C5 site anyway.
Facing the same issue, and after losing time tring to fix it both on my hosting provider and C5 sides, the "forgot password" email was still not sending (but the Form emails did).
So I configured the SMTP emails in Concrete5 Dashboard instead of the default PHP email function.
I did not try to set it up with my initial @gmail.com adress (hmmm maybe it would have worked?), instead I created an address @mysite.com.
Now it works, and in my case, only with SSL authentification.
The new email address is only used for that, but at least, it works.
Hope it helps