Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.


edited April 2012 in Vanilla 2.0 - 2.8

I have one file called test.php the $clientID and $secret are correct, but I have masked them in the example below. When I go to test.php I get the error {"error":"invalid_request","message":"The client_id parameter is missing."} Where does $Request['client_id'] get set?

require_once dirname(__FILE__).'/functions.jsconnect.php';;

// 1. Get your client ID and secret here. These must match those in your jsConnect settings.
$clientID = "xxxxxx";

$secret = "xxxxxxxxxx";

// 2. Grab the current user from your session management system or database here.
$signedIn = true; // this is just a placeholder


// 3. Fill in the user information in a way that Vanilla can understand.
$user = array();

if ($signedIn) {
   $user['uniqueid'] = '123';
   $user['name'] = 'John PHP';
   $user['email'] = '';
   $user['photourl'] = '';

// 4. Generate the jsConnect string.

// This should be true unless you are testing. 
// You can also use a hash name like md5, sha1 etc which must be the name as the connection settings in Vanilla.
$secure = true; 
WriteJsConnect($user, $_GET, $clientID, $secret, $secure);


  • Options

    Also when I press test URL I just get a blank page.

  • Options

    I think I may have miss understood this plugin. If the user signs into my site are they automatically signed into the forum as well?

  • Options

    Sorry, I think I'm doing this completely wrong/php/test.php?client_id=1384997971&timestamp=1333481630&signature=81849d5ec77abf7098df8feba7032b0e&Target=%2Fsettings%2Fjsconnect&callback=test what is all the stuff after it? does it all need to be passed?

  • Options
    ToddTodd Chief Product Officer Vanilla Staff

    A blank page could be the result of an error. When debugging php code you should always know the following three lines of code:

    ini_set('display_errors', 'on');
    ini_set('track_errors', 1);

    To answer your last question, All of that information must be passed into the url for security.
    You can see from the comments on the page that you can get stuff tested by using $secure = false;, but you need that information once you launch.

Sign In or Register to comment.