Vanilla 1 is no longer supported or maintained. If you need a copy, you can get it here.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Why can't I access the LussumoUserID session variable?

edited January 2009 in Vanilla 1.0 Help
I've tried everything, and I still can't access the User ID session variable. I can get info from the cookies fine, but nothing from the session

session_start(); echo $_SESSION['LussumoUserID'];
That bit of code returns nothing. I've logged in with the "remember me" unchecked and checked... still nothing. Any suggestions?


  • Why are you trying to access that directly, rather than using $Context->Session->UserID?
  • @bjork24: your code works as expected for me.

    Just check (see the cookies) that your session is not named differently that the standard PHPSESSID Vanilla use.
    BTW, I intend to open a topic on this subject: name the session to something unique to avoid unwanted mix of session variables on a multi purpose server.
  • MarkMark Vanilla Staff
    @Max_B: The session is already named something unique - I highly doubt that anyone else in the world uses LussumoUserID as a session name.

    Regardless, the session name is a configuration variable - so if you are concerned about having two vanilla forums that clash, you can just change it in your second forum using the $Configuration array.
  • I'm integrating people authenticatin into the rest of my website, so I need to be able to find out if a user is logged in outside of the forum. Cookie verification was easy, but I can't figure out the sessions. So my code isn't what I should be looking for? How do I determine, then, what session variable name to use? The appg/settings.php $Configuration says I should use LussumoUserID... if that's not right, how do I figure out what to use?
  • Max_BMax_B New
    edited August 2006
    @Mark: You didn't get me. I was not writing about this session variable which is OK, but about callingsession_name('LUSSUMO or whatever you want');before callingsession_start();This way if one is using two different PHP web-app on the same server the session spaces are distincts. Moreover the PHP session cookie is now clearly identified rather than being PHPSESSID.

    LussumoUserID is not the session NAME it is a session variable you are using to identify your own Vanilla session.
  • Ok, so LussumoUserID is not the session name... what is? Very simply put:

    1. How do I determine if someone is signed in (having not checked the Remeber Me box) strictly through sessions?
    2. How can I extract the User ID from that variable?

    Unfortunately, this code doesn't work.
  • MarkMark Vanilla Staff
    @Max: My bad. Mistook your meaning.

    @bjork: That code *should* work. Try this to see what the session *does* contain:

  • print_r($_SESSION);
    That line of code returns an empty array.
  • if you turn on error reporting error_reporting(E_ALL) does anything show up when you try to start the session?
  • @itchy: no errors reported.

    My PHPSESSID cookie contains what looks like an md5 hash, but I still can't find any direct sessions related to Vanilla.
  • Max_BMax_B New
    edited August 2006
    @bjork: sorry to ask this, but… Are you sure your script open a session? Does it call session_start() before looking at the $_SESSION array?
    I mean the real script, not the bit you posted above.
  • edited August 2006
    @Max_B: By "real script" do you mean the people engine? Here's the exact procedure I follow:

    1. Logout of Vanilla completely
    2. Clear my cookies and cache (just to be safe)
    3. Log back in, without checking the "Remember Me" box
    4. Call a page with the following script:

    error_reporting(E_ALL); session_start(); print_r($_SESSION); print_r($_COOKIE);
    And receive the following:

    Array() Array([PHPSESSID]=>####hash####)
    This is soooooo frustrating, as I have no problem at all with the cookies, which are supposed to be more difficult to work with than the sessions.
  • how are you calling that page?
  • How should I be calling it?
  • ithcyithcy New
    edited August 2006
    with the session ID?

    i mean, you're calling it from within vanilla? is it an extension?
  • @itchy: No, this is elsewhere on my site. The forum is located at, but I want to be able to find an existing session anywhere on the site... including my test page, which is sitting at
  • ithcyithcy New
    edited August 2006
    well the cookie contains the session id, and the cookie is only valid under the path you set it for, so you either have to pass the session id explicitly or change your cookie path in your vanilla settings.

    nevermind, i missed the part where you got the cookie OK.. hmm
  • try this:

    and make sure it matches exactly the hostname you're using in the browser. (including or excluding www or whatever)
  • Yes, it does.
  • argh

    can you view your raw error log?
Sign In or Register to comment.