Users running a non-download version of Vanilla (pulled from github), on branch release/2019.016 or master from the last 2 weeks should upgrade to release/2019.017 or latest master for security reasons. Downloaded official open sources releases are not affected.
Please upgrade here. These earlier versions are no longer being updated and have security issues.

What sessions vanilla uses?

Ok i have php chat that i wrote myself and i have vanilla.
Chat location is http://localhost/chat amd vanilla location is http://localhost/forum.
Now how do i pull vanilla username from PHP?
I ask for something like this: $_SESSION['username'] and $_SESSION['is_logged']?

Comments

  • ToddTodd Chief Product Officer Vanilla Staff
    edited July 2011
    Vanilla uses custom sessions so this isn't going to be easy. Try the following:

    1. Vanilla uses the cookie called "Vanilla" by default.

    2. To get the current UserID try:
    $Parts = explode('-', $_COOKIE['Vanilla']);
    $UserID = $Parts[0];
    3. To get the current username you'll have to go to the db. The table you want is GDN_User and your query needs to be something like:
    $Sql = "select Name from GDN_User where UserID = $UserID";
  • edited July 2011
    Thank you.
    It worked.
    Ok but i see that user can change his cookie.
    Is there any way i can test about that?
    It think that answer is in other parts of cookie.
  • I tryed print_r($_SESSION) but there is no session.

    And this code:
    define('APPLICATION', 'Vanilla');
    define('APPLICATION_VERSION', '2.0.16');
    define('DS', '/');
    define('PATH_ROOT', 'path-to-forum');
    ob_start();
    require_once(PATH_ROOT.DS.'bootstrap.php');
    ob_end_clean(); // clear any header output from vanila
    $Session = Gdn::Session();
    $Authenticator = Gdn::Authenticator();
    if ($Session->IsValid()) {
    $Name = $Session->User->Name;
    echo "You are logged in as $Name";
    } else { echo "You are not logged in"; }

    Breaks my page!!!

    Im looking for any costume way to check for user authorizastion.
  • AoleeAolee Hobbyist & Coder ✭✭
    not $_SESSION try it's $Session
  • i se that you dont understand well
    i dont have $Session variable.

    Now i want function that will check if cookie is valid.
    And i want it to 100 % stand alone.
  • I dont need this anymore i moved to phpBB forum now.
  • AoleeAolee Hobbyist & Coder ✭✭
    i se that you dont understand well
    i dont have $Session variable.

    Now i want function that will check if cookie is valid.
    And i want it to 100 % stand alone.
    you have the $Session, that's the reason u included the script above to be able to pull the user info. it contains all the user values u'll need.

    $Session returned is an Object, var_dump it or print_r it and you'll get the values

    if your need it in $_SESSION, create and pass it there

    e.g.
    $_SESSION['vanilla'] = $Session;
Sign In or Register to comment.