Vanilla 1 is no longer supported or maintained. If you need a copy, you can get it here.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

how to do a Vanilla login outside of Vanilla?

edited August 2005 in Vanilla 1.0 Help
hi guys, i am setting up a vanilla forum for a client and i have to say i'm loving it so far. it really does what it says on the box. my situation is that i have a wordpress blog on the front end and i'd like vanilla to serve the forums inside. when a user registers with WP, i enter the record OK into the LUM_User table and that works fine. what i'm having trouble with is how to drop the correct cookie information manually during the wordpress login so that the users don't need to log in at Vanilla as well. right now, i'm dropping the "vanillaname" and "vanillapass" cookies with the values of md5(username) and the md5(password) respectively.. but Vanilla's not letting me in yet. still demands the login. is there a snippet of code which will let me do a .. "pre-login".. if you will.. ? yeah - i have tried reading Vanilla's code, but it's way too advanced. it's almost "showing off" in my books.. ;-) thanks! sarah.

Comments

  • lechlech
    edited August 2005
    Hi sarah, In the current version, cookies are a bit messy and quite a bit off. This should be fixed in the next coming release. Thus WordPress and Vanilla are probably not playing together nicely unless you flush your cookie cache between application loads. But I'd like to better understand why you're not just allowing users to register through the vanilla interface themselves? You shouldn't have to manually edit the database like you're currently doing. My guess is that if it's not the cookie issue, then Vanilla is possibly looking for the extra info required when you sign up. First/Last name/Email address and everything else you fill out at signup. There is some security built in mind here so most outside attempts to login/post are seen as possible spam attacks so they likely just get ignored. Currently mark is away (don't know for how long) but will likely answer this question in more detail when he gets back, or he might see it while he's away, who knows. Otherwise, I would recommend using Vanilla right now as it's meant to be used until things like this get considered and built up either into the core set of features, or as an extension of some type. Hope that's at least a little bit helpful :)
  • edited August 2005
    hi lech
    But I'd like to better understand why you're not just allowing users to register through the vanilla interface themselves
    good question -- i'd rather make a seamless 1 signup process that gets people into the blog and the forum too. 1 signup is always better than 2.
    My guess is that if it's not the cookie issue, then Vanilla is possibly looking for the extra info required when you sign up. First/Last name/Email address and everything else you fill out at signup
    in my manual insert, i enter all the needed info that allows my users to never even see the Vanilla registration form. we can enter the username/pass into the login page and get straight in. the cookies Vanilla is dropping look just the same as the ones i'm manually setting during the WordPress login too.

    the only cookie i can see that's been added is PHPSESSID.

    surely if 1 script can do it, so can another?

    i'm afraid i'm just not good enough to work out when the Vanilla script is doing differently!!
    Hope that's at least a little bit helpful :)
    indeed! thanks for the reply.

    s.
  • Yeah, mark is likely the one to better answer this question for you. Hopefully in the next revision mark will have knocked out the "must click TOS" button and include an option to do it another way. If not it will come in a later version for now I would just recommend having your users sign up manually otherwise you're just adding an unnecessary headache to the routine you've set up. At least until a sure-fire method comes along to impliment what you need to do, correctly. A few things I want you to check for and try really quick: 1. Dump all your cookies after logging out of WP, and try to login to Vanilla 2. Are you running an open or a closed forum? 3. If it's a closed forum, are you activating the accounts as necessary? 4. If it's an open forum, are you sure you have registration management set up along with the necessary global application settings? That's just a quick checklist for you, if you're sure everything is in place, it leaves me to believe it might be a Vanilla internal check that's refusing because of something not set in the DB, most likely role history.
  • kewl, thanks lech. i'll have a noodle around and see if i can't come up with somethjing. :)
  • lech, i'm not sure you're quite getting what sarahw is trying to achieve here. As i understand it she's not having the old vanilla/wordpress dont like each others cookies problem, she's trying to make wordpress create a vanilla cookie aswell as its own so it logs in together. If you'd realised that, or if infact i'm completely wrong and you were right anyway, i apologise, but i thought it was best to make sure. Just out of interest, sarah, vanilla uses some cookie verification codes (which also prevent being able to be logged in twice by cookies) - are you sure you're replicating this accurately? My guess is that thats where the problems may be occuring.
  • mini, not just cookies however, sarah's also manipulating the DB tables , which is going completely around what Vanilla should be originally doing on it's own. I just tried to briefly draw out what processes Vanilla is taking upon creating a new user. A new set of entries is created under LUM_Users for that particular user as well as LUM_UserRoleHistory when that user is approved either by an Admin or automatically when running as an open forum. Not something I would recommend doing either way because that could possibly open up a hole in security for one or both applications if done wrong.
  • If WordPress integration is the most important feature, then you might try bbPress, which integrates out-of-box.
  • ahh, but it's not vanilla!
  • edited August 2005
    hey hey
    If WordPress integration is the most important feature, then you might try bbPress, which integrates out-of-box.
    Two things:

    1. bbpress doesn't integrate with WP very easily. they have different and very independent table structures and the WP support forum goers actively try to discourage you from trying to integrate since bbpress in particular is undergoing massive internal change constantly.

    2. bbpress sucks ass. i can't stand it.

    oh -- and mini is right when he says:
    lech, i'm not sure you're quite getting what sarahw is trying to achieve here. As i understand it she's not having the old vanilla/wordpress dont like each others cookies problem, she's trying to make wordpress create a vanilla cookie aswell as its own so it logs in together.
    this is exactly what i'm trying to do. my code, so far, inserts the LUM_user record and drops the correct cookies but when the user tries to go to a vaniila page, they are kicked back to login.

    they enter their username and password into the box and get in just fine. when i recheck the cookie vals, they are unchanged, and this makes me think that maybe there's another table entry somewhere being made by the vanilla login that i'm not doing yet. haven't had time to track that down yet, but there is no alternative. i do NOT want users to see another login.

    ciao ...

    s
  • lechlech
    edited August 2005
    Ahh, well in that case, Vanilla does log information about the user when they log in, come back or post (ip address [if enabled] and time of last post, visit count). This is probably not working due to the current way Vanilla is treating cookies in the current version, so it's not validating correctly. If that's the case, this is probably why your users currently can't log into both areas at the same time. From what I know, mark has fixed this in the next release, whenever that is going to be. Hopefully it will work then for you, sarah.
  • hi guys... is mark back yet? i'm pretty keen to get his feedback on this issue if possible.. s.
  • Hi all, I noticed this post a few days back, but have been too lazy to register here before now. Strangely, we needed almost exactly the same thing: A single point of login to a member area that bypasses the Vanilla login (at least I think that's what you were after Sarah?)

    In addition to updating the LUM_User table, store LUM_User.UserID as a foreign key in your main member table and add it to your session variable on login i.e.

    $_SESSION['UserID'] = $UserID;

    Works here... :D

    Cheers
    Rob

This discussion has been closed.