Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Try Vanilla Forums Cloud product


Ready to contribute?

Amazing! Sign our contributors' agreement and then join us on GitHub.

Vanilla is proud to present version 2.2.

Linc · Vanilla's Bard · Vanilla Staff

Options are papercuts.


Last Active
Administrator, Staff


  • Unfortunately, I can no longer do ad hoc migration packages, I just don't have time. If there's a strategic package we should be supporting (i.e. has a substantial install base and/or is EOL'd) I can possibly get a developer to work on it. I'd reque…
  • It's a relatively new distinction, too. I only added it a few months ago, and it's invisible if it's not used.
  • @luxlogica said: @Linc Sorry for being "surprised" that in 7 years, as you put it, no one - including all the developers involved with the project - noticed this seemingly glaring security hole. We noticed the fact of it long ago, and it's n…
  • The addon section allows for uploading alpha, beta, and release candidate version numbering, which puts them in a separate section. This works for new versions of existing addons, anyway. Maybe an addon with only non-release version numbers could be…
  • If you need to make a new owner admin, I also recommend searching for any other users with Admin = 1 and deleting those accounts immediately if you do not have control over them. Otherwise the next utility/update may disable your admin status since …
  • First, try a password reset over email. If that doesn't work, go to the database (commonly using phpMyAdmin). Find your owner admin account (sort by UserID and it'll be a very low number). Change the 'Password' field for that row to a new password,…
  • Vanilla doesn't use sessions, so my understanding is this would have no effect.
  • Yeah, I agree that'd be nice. The problem is the system isn't making a secure connection to start those discussions, and we don't necessarily know what WordPress user made the blog post. You'd need a full API integration to achieve that extra detail…
  • Well, the first step would probably be replicating the issue. You have hundreds of reports of this, or you have hundreds of users and one or two of them have this issue? Checking your domain configuration, whether your site is consistently http or…
  • You could probably just truncate the GDN_Log table if you don't have anything of value in your change log, spam queue, or moderation queue.
  • @luxlogica said: I'm extremely surprised. No moreso than how surprised I am this is the feature (or lack thereof) being fixated on today. No one cares for 7 years, then suddenly it's why someone says they can never use your software because …
  • @luxlogica said: You mean, not even manually? Doesn't that sooner or later become a problem? - or am I overreacting? Nope. I mean, if you're on a 1 GB GoDaddy plan, sure, it's possibly a problem (at that point isn't just running a forum a pr…
  • @luxlogica said: Any guidance would be appreciated! For what it's worth, neither Vanilla nor I personally make any effort to clean them up currently.
  • Continue sending to master as usual. You can note if it should be picked to 2.3.
  • It has begun. And @x00 's reCAPTCHA upgrade slipped in at the last moment.
  • We have started managing more of our roadmap publicly. Get the ZenHub browser extension for Firefox or Chrome. Info: Then check out our first Epic:
  • You can safely ignore those notices.
  • You should disable Advanced Notifications for non-staff members. It's not really meant to be on for everyone. It's not currently possible to use a digest because Vanilla has no native ability to fire asynchronous, timed events.
  • PS we'd love a better solution than forcing anything, but we needed reCAPTCHA to protect Applicant method, and there's no way to do that currently without requiring it.
  • UserModel didn't use to have a static instance you could grab, so most of the time it's legacy code when we instantiate. However, our models do get polluted, so it could also be done to make sure you have a clean copy, or to do something in paralle…
    in PHP(?) question Comment by Linc March 31
  • Is there a way to allow spaces in user names? If you have Unicode regex support, set this in your config: $Configuration['Garden']['User']['ValidationRegex'] = '\p{N}\p{L}\p{M}\p{Pc} '; Note the space before the final single quote. If you don't …
  • Vanilla does not currently have a proper session to invalidate. Limiting your cookie validation window to a shorter timeframe would be one way to accomplish something similar. Generally, you don't want SSO validating on every request as that would b…
  • I'll file it as an idea internally. I'd have to sit and have a think to know how feasible it is. I imagine it'd be similar to our permission filtering, after pulling from Sphinx's index.
  • We don't have immediate plans to put Vanilla on Packagist, but we may in the future. Unfortunately it's not quite click-and-play to do so.
  • Here's the latest word / summary on 2.3 & 2.4 plans: 2.3 will be PHP 7.0 compatible. I'd like to fork for a first beta release in the next 2-4 weeks. HTML emails is in for 2.3. Spoilers are being moved to core for 2.3 (no more plugin). Discuss…
  • You can upload screenshots afterward. There are management options in a toolbar above the main area when you own the addon.
  • The Developer role was missing the "Add" permission for some reason. I've fixed it.
  • Oh man. The errors I've made. Epic stories for the bar.
  • Fixed again. Sorry, I never pulled the new version of the code so utility/update kept resetting it. I actually deployed it this time.
  • see also