Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Hello, thinking about installing vanilla

I already have a custom website where I want to add a forum. I coded a custom one but it's a lot of time spent when there is free and nice alternative like Vanilla with all little features that take hours and hours to code. So I got a few questions.

How hard is it to convert all my current members and add them into the vanilla members list ? They'll need to just enter their password once to create their forum account, then all new members will have their forum account created automatically. Can I really do it like that (duplicating all accounts to forum accounts), or should I "bridge" the login system to my existing table ?

For integration, should I "include" it in my existing website, or include my header and footer inside vanilla directly (for less maintenance) ?

Thanks for your answers :)


  • Options
    422422 Developer MVP

    its not that easy, to be honest. I would include your own header and footer within vanilla ( wrap )
    The issue with SSO is assigning the users to a existing db account, and them handshaking. Far easier on blank userbase system.

    There was an error rendering this rich post.

  • Options

    Well, I have a commercial website and I can't ask people to register for a forum account, I need them to be able to use it "instantly". Even if it's work, I will do it.

    I don't need to have the "Facebook connect" or "OpenId" thingies. The forum would be limited to people who already have an account on my website. I will try tomorrow and post results.

  • Options
    GaryFunkGaryFunk Senior Application Developer ✭✭

    @skzap On your current system, how is the password stored?

  • Options

    The idea when you transfer everything is to 'map' the fieldnames of your forum to the fieldnames of Vanilla.
    When you transfer the users, the passwords are the most difficult to transfer.
    Standard, those passwords are stored in MD5 format, but you can better reset all their passwords, once the users are transferred.
    I personally don't like the embed or SSO method, a clean import would be my way to go.

    The passwords can be re-set. And do you have any custom BBcodes in your forum? Or were you using HTML in your forum posts? How about smileys? How about tagging?

    If you do a test 'conversion' first (on your localhost) you can see what the outcome is and decide whether to continue or do SSO instead.

    There was an error rendering this rich post.

  • Options

    SSO is basically impossible for me. I just need to "map" my current users to the vanilla users. My passwords are currently stored with a personal method (but basically almost sha1), so I know I won't be able to copy their passwords, but like when they go on forums for the first time I can say "enter your password to create your account" and that's it.

    I'm uploading Vanilla right now to my server

  • Options

    Don't forget to map the discussions and comments with your current forum content :-)
    Topics = Discussions, Posts = Comments.
    In discussions, the first post of that discussion is stored in the discussions table.
    Date / Time is stored in datetime fields.
    Tricky parts are firstCommentID and lastCommentId fields. It's fun finding those out :-)
    Format is usually 'Html' (I think Case Sensitive).
    Tags is a bit tricky, so tell us if you have that on your old site.
    User table is pretty straight forward. I think the 'Photo' stores a location of the user photo. Don't know how avatars are handled yet.

    Figure out if you want to use plugins, you might need to convert extra fields after you install those plugins.

    There was an error rendering this rich post.

  • Options
    skzapskzap New
    edited January 2013

    I don't really care about my current content, I have only like 200 messages and I opened it like 1 week ago but no one has been using it because it's ugly and doesn't have enough features. That's why I'm working on Vanilla now.

    By the way, I'm making progress. I have modified the Gdn_PasswordHash class and added a case 'custom' for my "imported" users in CheckPassword function.

    I have made a script to duplicate all my current members into the GDN_User table and it's working (people can log in). I wasted like 30 minutes of not understanding why it didn't work before I noticed my database manager (HeidiSQL) is not converting string to hexadecimal natively.

    Next step is to merge the vanilla login system into my own login system, and then work on integration.

  • Options

    Ok, I think I got something nice. Registration to the forum is handled by my custom code now, and everything is almost seemless for the users with SSO. They even have the ability to change their name for the forums on the first login, I like that.

    I embed the forum inside my website instead of the opposite. I used an embedable theme. Overall, very happy so far. Only have a slight bug with folders inside /userpics/ not getting chmod'd to 755 correctly. (idea anyone ?)

    Let me post a few screenshots of what I'm getting :

  • Options
    x00x00 MVP
    edited January 2013

    For general info.

    The default hash is not md5, it is based on md5 but there is more to it it is called phppass

    DJango hash method uses md5 by default, or you create your own method. if you are creating your own method be careful when you upgrade you could loose the file.

    grep is your friend.

  • Options

    I think it's fine like that, my own method uses sha1 combined with a random seed, so it's ok. I still didn't find a fix for the userpics subfolder not getting chmod'd. So I just manually chmod -R 755, eventually I'll make it a hourly cronjob and it should be good enough for my private community.

    I have looked into the "activity" part, which is pretty interesting. I managed to integrate it with user actions on my website, but the visibility seems to be given only to the one concerned. Which field / combo of field is required to make an activity 100% public ?

Sign In or Register to comment.