Blog Documentation Try Vanilla Cloud
Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Options

$Request['client_id']

salmonsalmon
edited April 2012 in Vanilla 2.0 - 2.8

I have one file called test.php the $clientID and $secret are correct, but I have masked them in the example below. When I go to test.php I get the error {"error":"invalid_request","message":"The client_id parameter is missing."} Where does $Request['client_id'] get set?

<?php
require_once dirname(__FILE__).'/functions.jsconnect.php';;

// 1. Get your client ID and secret here. These must match those in your jsConnect settings.
$clientID = "xxxxxx";

$secret = "xxxxxxxxxx";

// 2. Grab the current user from your session management system or database here.
$signedIn = true; // this is just a placeholder

// YOUR CODE HERE.

// 3. Fill in the user information in a way that Vanilla can understand.
$user = array();

if ($signedIn) {
   // CHANGE THESE FOUR LINES.
   $user['uniqueid'] = '123';
   $user['name'] = 'John PHP';
   $user['email'] = 'john.php@anonymous.com';
   $user['photourl'] = '';
}

// 4. Generate the jsConnect string.

// This should be true unless you are testing. 
// You can also use a hash name like md5, sha1 etc which must be the name as the connection settings in Vanilla.
$secure = true; 
WriteJsConnect($user, $_GET, $clientID, $secret, $secure);

Answers

  • Options
    salmonsalmon

    Also when I press test URL I just get a blank page.

  • Options
    salmonsalmon

    I think I may have miss understood this plugin. If the user signs into my site are they automatically signed into the forum as well?

  • Options
    salmonsalmon

    Sorry, I think I'm doing this completely wrong/php/test.php?client_id=1384997971&timestamp=1333481630&signature=81849d5ec77abf7098df8feba7032b0e&Target=%2Fsettings%2Fjsconnect&callback=test what is all the stuff after it? does it all need to be passed?

  • Options
    ToddTodd Chief Product Officer Vanilla Staff

    A blank page could be the result of an error. When debugging php code you should always know the following three lines of code:

    error_reporting(E_ALL);
ini_set('display_errors', 'on');
ini_set('track_errors', 1);

    To answer your last question, All of that information must be passed into the url for security.
    You can see from the comments on the page that you can get stuff tested by using $secure = false;, but you need that information once you launch.

Sign In or Register to comment.