Vanilla 1 is no longer supported or maintained. If you need a copy, you can get it here.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

CS-CART Database Intergration (this one will be fun)

edited May 2009 in Vanilla 1.0 Help
Greetings to all! I am new to Vanilla and I must say I love it.... keeping it clean and simple and not tagged out with crappy !smarty tags. THANK YOU TO THE POWERS TO BE FOR THIS WONDERFUL APP! Ok, now that the praise is out of the way we can get down to the nitty gritty and really start tossing ideas around. I have a project that currently has 2 databases, one of the them is automatically generated by CS-CART (which is a shopping cart for those who don't know), and it has the table cscart_users well here is what I want to do.... Since I have programing control over Vanilla more so then cs-cart (which btw is a &%#^! to program for) I want to combine the SQL tables so that when someone registers for the shopping cart they simultaneously register for Vanilla. I have looked at the tables and found where I can partner the required fields that are shared, and then add the ones like "Attributes, CountVisit, CountDiscussions, ect..." as needed. the common traits in the table LUM_User ==> cscart_users UserID ==> user_id FirstName ==> firstname LastName ==> lastname Password ==> password Email ==> email DateLastActive ==> last_login Ok, so I change those over and add the remainder of the tables to the cs-cart database. MY QUESTION IS....... inside the Vanilla database there is something I am unfamiliar with. VerificationKey EmailVerificationKey Are these password encryption strings that are used to login to the forums? Because and I must stress this.... I have to program around cs-cart, it is testy and annoying to do but cs-cart is the dominate entity here. I want to know can I work around this and if so how? Thank you for reading my long story.


  • Options
    ADDITION I just read another posting talking about MD5 password encryption and how Vanilla will convert them to phpass via This would be terrible if I was to integrate those databases and all of a sudden it starts converting peoples passwords to something that cs-cart can not read. I would like to know a way to disable the "convert ==> write back" from the forums to the password table so this does not happen. I also read that Vanilla can read MD5 just fine.... that good enough for me as long as it doesn't convert it and try to save it. Last thing I need is a boss ripping me a new one because none of his clients can login.
  • Options
    You cannot disable the new password hashing algorithm nor would you want to.

    Since you are working with a legacy system, an option for you would be to have two password fields: One that CS-Cart reads from and the other for Vanilla. You then just run a single SQL query to synchronize the two fields ONCE and you're good to go. This will allow to keep the old hash and allow Vanilla to use the modern hash.

    The final step would be to create a hook in CS-Cart (assuming that it will be the user creation application) that will pre-populate the Vanilla password field when a new user is registered.

    As for the VerificationKeys: Vanilla creates a unique key every time a user logs in (the VerificationKey) and uses this key to verify POST data. It is more secure than passing their password around everywhere. The EmailVerificationKey is populated when a user requests to have their password reset.
Sign In or Register to comment.