Vanilla 1 is no longer supported or maintained. If you need a copy, you can get it here.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

How to allow guest to post?

edited September 2006 in Vanilla 1.0 Help
Hi, Is there an way to allow guest to posts new discussions and reply to new comments without registration? Thanks


  • Not yet, but someone is working on it.
  • Hope it turns out soon. It's just harder to get vistors to register and sign in just to post replies or new discussions.
  • make a guest account, with password and username: guest

    its not a solution - i would pay for an anonymous-post-extension
  • edited August 2006
    Well... wallphone is already working on 2 extension, but said that he will work on it after. So you will have to wait a little:
  • Feel free to give suggestions on how you feel this should work.

    I can't descide on automatically using the guest account credentials when none are given, or giving ANY unauthenticated user the guest session automatically--then deleting out the guest read history every so often.
  • I can think of 2 options: 1. when guests reply, ask for their email, username and password and register them as a member. 2. allow guest to reply anonympusly. btw, what does the unauthorized role do? I think it should be the guest role, just add some permissions for it.
  • Unauthenticated is an pseudo-role. It doesn't have any configurable permissions.

    Too bad its not that easy!
  • Problem with the non-configuration is that I have a forum where unauthenticated users should have zero access beyond logging in.
  • So just dont make your forum publically viewable? It's an application setting.
  • I too would like to try allowing visitors to post without registering. Wallphone, you say: "Unauthenticated is an pseudo-role. It doesn't have any configurable permissions." But is there any reason why an extension couldn't simply add the same options for "unauthenticated users" as are available for all the rest? Or have I just not understood the problem?
  • What do you mean by 'the same options'? You could make an extension to let unauthenticated users post but they'd have to all post under a 'guest' username so it'd be some pretty lame discussion.
  • Yeah, I just realised that myself and was coming back to edit my post. There would need to be a box added to the "add your comments" section that required a name to be inserted. For example, Blogger allows 3 types of inputs - registered users, visitors who enter their names, and anonymous - and it works. Of course you'd have to feel you could trust your visitors - but sites with specialist topics, few visitors and no trolls might be willing to try it for a while to increase the likelihood of building discussion.
  • My plan is to modify the add comments from to have an check box (or tab?) with 'Post anonomously'. If one checks the box, username and password or whisper fields are replaced with name and email fields that can be set optional by the admin. (I don't see a reason anonymous users should be allowed to whisper... unless someone can convince me otherwise) If name field is optional and not filled in, Anonymous is used in its place. Admin (or anyone with the permission set in their role) can see email, IP, and/or registered user ID if the person who posted anonymously (if they were logged in at the time)
  • edited September 2006
    WallPhone@ Thumbs us! This will be great extensions! I Recently started to use lovely vannila and I miss something like that. When will we see it? I'm just looking forward, but I mean no preasure :)
  • @WallPhone: Great solution. That would be very usefull.
  • edited September 2006
    A few notes on this. I have a forum (phorum based) where anyone can post without registering and it was overrun by spam. My current solution is a plugin that uses all sorts of tricks to prevent spam, including a CAPTCHA, and it works beautifully. But before then, it was totally unusable due to the high amount of spam. If you're requiring email, you could do what weblogs inc. (engadget, joystiq, etc.) does and requie them to click a verification link that's sent to them by email. Eventually spammers will automate their way around this, but until then, it seems a viable solution.
This discussion has been closed.