Vanilla 1 is no longer supported or maintained. If you need a copy, you can get it here.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Easiest way to get external pages with vanilla roles

edited August 2006 in Vanilla 1.0 Help
Hello, I'm vanilla newbie. I don't know how I found vanilla, but I was amazed (and I'm pretty sick of phpBB and constantly showing in bugtraq..). I'm starting a community website and I thought why not base it on Vanilla.. so I downloaded and trying to understand how it works.

I need to insert tabs in the header menu and panel and I found this

Now my next aim is to insert some pure php scripts in that tabs, but I want to make 2 new role abilities and in the top of those scripts to check if user has ability to view it.
I didn't have any luck in inserting new abilities (they are in the list with abilities, but now working).

If somebody has done this and has time to share his results or even examples I will be very very gratefull...

greetings from bulgaria,


  • h8rh8r
    edited August 2006
    well, I check it but its not what I need. If user knows the url of the script/file I want to restrict, he can access it directly.. what is the point? anybody can give me ideas how to securely restrict access to different php scripts?
  • Well if you use php to include() the script/page/file/whatever within the page instead of simply linking to the resource it would work.
  • I don't know how works the page manager about access restriction, but if you want one of your page to be only accessible to vanilla user with the right permission, you need to include:
    include('appg/settings.php'); $Configuration['SELF_URL'] = 'page_url'; include('appg/init_vanilla.php'); if ( $Context->Session->User->Permission("PERMISSION_WHATEVER") ) { ... }
  • Thanks, Dinoboff.. this is what I've been searching.. I use it with else statement, so I can explain to users why can't view a category. I added to /conf/settings.php this 2 role abilities. $Configuration['PERMISSION_ADD_KONT'] = '0'; $Configuration['PERMISSION_MODERATE_KONT'] = '0'; I hope this is the right approach of doing this? Also combining this snippet code with the page manager seems like a great power. Thanks for replies.
  • see this post:
  • Yeah, I saw it.. I'm here since yesterday and Its hard to get the things that fast. Thanks a lot :0
This discussion has been closed.