Vanilla 1 is no longer supported or maintained. If you need a copy, you can get it here.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.


edited April 2007 in Vanilla 1.0 Help
Hi All!

Just getting started with Vanilla, I have an include at the min on every page that simply checks for the session variable, and if it's not there it redirects to the login page. This is what I want to replace the current authentication system with - well I say replace, but I still want it to use the username that I pick out.

if ($_SERVER['PHP_SELF'] != "/login.php") {
     if (!isset($_SESSION['user_id'])) {
          header("Location: http://" . $_SERVER['HTTP_HOST'] . "/login.php");
     } else {
          $sql = "SELECT * FROM users WHERE id = '".$_SESSION['user_id']."'";
          $user = $db->getRow($sql);

I've looked at the ones below, but I'm just looking for a quick and dirty way of getting the username from my inlcude script and not the People authenticator.

Any help would be much appreciated! Thanks!



  • Options
    MarkMark Vanilla Staff
    The username isn't enough for Vanilla to go on... Vanilla needs to load some other basic information about a user in order to have them authenticated.
  • Options
    Well I can get the username and password from this line:

    $sql = "SELECT * FROM users WHERE id = '".$_SESSION['user_id']."'";
    $user = $db->getRow($sql);

    And the remember me will always be set to false. I can change the pages used for login / logout in the conf/settings.php file, but how do I pass the authentication info from my wee script above into the vanilla one, so I can seamlessly transfer someone over without logging them in again via the vanilla form. I've already got vanilla working from my own users table, so one login works for both.
  • Options
    edited April 2007
    Turns out that it's actually dead easy.

    1. Follow Wordpress Integration (Database Integration bit only)
    2. In your own login script for your current site have it set the VerificationKey for the user and then the two cookies which lussumo uses:
    $sql = "UPDATE `users` SET `VerificationKey` = '".session_id()."' WHERE `id` = ".$user['id'];

    setcookie ("lussumocookieone", $user['id'], $timeout, "/", $_SERVER['HTTP_HOST']);
    setcookie ("lussumocookietwo", session_id(), $timeout, "/", $_SERVER['HTTP_HOST']);

    3. Adjust styles so that your logout URL is used.

    Tada! I haven't tested it thoroughly but seems to work fine. I now have my previously working site and login with Vanilla running seemlessly!

    So all you need really is just a username, and set whatever VerificationKey you like, Vanilla then checks everything from the two cookies and takes it from there.
This discussion has been closed.