Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Failed to initialize vanilla forum in external script - Class Gdn not found

Greetings, great people.

So, very similar to the code in

I used to use the below piece of code in my external chat software to initialize VF and to get user credentials, and to build room/channels from vanilla forum categories. But now in 2.6+ this returns

Class Gdn not found.

I have tested with cache cleared several times.

I hope I am missing something really really really basic, thanks.


define('APPLICATION', 'Vanilla');
// define('APPLICATION_VERSION', '2.3.1');
define('DS', '/');
define('PATH_ROOT', '/');
ini_set('display_errors', 'on'); //????
ini_set('track_errors', 1); //????

ob_start(); // Buffer the output of the code below.
require_once(PATH_ROOT . 'bootstrap.php'); // Require the bootstrap for the framework used by Vanilla.

$Dispatcher = Gdn::Dispatcher(); // Declare an alias for the dispatcher.

// Set up the dispatcher.
$EnabledApplications = Gdn::ApplicationManager()->EnabledApplicationFolders();
$Dispatcher->PassProperty('EnabledApplications', $EnabledApplications);
ob_end_flush(); // Stop and send the buffer for the code above.

$Session = Gdn::Session();
if($Session->IsValid()) {
    echo  $Session->User->Admin; //etc etc


  • Options
    R_JR_J Ex-Fanboy Munich Admin

    That other discussion is some years and some Vanilla versions old. You should take a look at the bootstrap process as it is right now. It starts with the index.php file


    // Minimal environment needed to use most of Vanilla's framework.
    // Require the bootstrap to configure the application.
    // Create and configure the dispatcher.
    $dispatcher = Gdn::dispatcher();
    // Process the request.

    I would say that with including environment and bootstrap you should be able to get started.

  • Options

    Could this task be done through API or an addon. What is the use case?

    What you are you doing to secure this script?

    grep is your friend.

  • Options

    Very excellent point @R_J , I quite overlooked the datedness. I will be doing a series of test with the new code. Thanks.

    @x00 I wondered the same as well. I was unable to get the data from APIv2.
    It seems the API always requires a userID to even begin working, and I was unable to send it a userID in a safe unexposed way.

    The chat software is a VF plugin I made, integrating a fully standalone 3rd party software.
    There is a part of the script that needs some userdata to authenticate

    $userId = " "
    $userName = " ";
    $userIp = " ";
    $usereMail = " ";
    $userRole = " ";

    And all I need is Vanilla's Gdn::Session() user data made available and passed across to this 3rd party script.

  • Options

    @donshakespeare said:
    It seems the API always requires a userID to even begin working, and I was unable to send it a userID in a safe

    if it is server to server what is the problem?

    grep is your friend.

  • Options

    So, all things wonderful being wonderful, it appears that as, @R_J pointed out, initializing the recent Vanilla Forum cores in an External script, is as dead simple as two lines.

    // die(var_dump(Gdn::Session()->User));  //user session goods are now available

    @x00 I have been stopped short in my path by this sweet untimely success :)
    It seems I will have to use the API route another time .

  • Options

    @x00 so I have been studying this API alternative. If this Chat Plugin I am developing is installed in a different domain, my above method is quite useless.

    Just getting a $User by name or id is not safe here.
    So, I am trying to make sure that the user in domain2 is exactly current and carried from domain1.

    After seeing your suggestion on:

    Vanilla is not returning anything
    accessed by
    Using curl

    I even created my own pseudo endpoint:
    This address returns only JSON data of the current User Session.
    I was trying to mimic how jsConnectgets a user credentials across domains.

    But no show! is my approach horribly wrong?

    function myCustomApi(){
      $ch = curl_init();
      curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
      curl_setopt($ch, CURLOPT_URL, '');
      // curl_setopt($ch, CURLOPT_URL, '');
      $data = curl_exec($ch);
      $Session = json_decode($data);
      return $Session;

    Thanks for even looking.

  • Options
    R_JR_J Ex-Fanboy Munich Admin

    What you are showing is your servers code. So if the server requests something, it can only fetch the Vanilla session of the user of the server. The logged in identity of a user is stored in the cookie.

    Your server surely doesn't have the cookies of the user that is doing the request to your server.

    Therefore your script returns no user.

    jsConnect runs on the users browser...

Sign In or Register to comment.