function vf_create_vanilla_user_on_registration_save($user_id)
{
$options = get_option(VF_OPTIONS_NAME);
if ('on' === vf_get_value('sso-create-users-on-register', $options, '')) {
vf_send_user_data_to_vanilla($user_id);
}
}
/**
* Embed Vanilla administration page.
*/
function vf_embed_admin_page()
{
// Check that the user has the required capability
if (!current_user_can('manage_options')) {
wp_die(__('You do not have sufficient permissions to access this page.'));
}
$post_id = vf_configure_embed_container();
$options = get_option(VF_OPTIONS_NAME);
$embed_code = vf_get_value('embed-code', $options);
$vanilla_post = get_post($PostID);
?>
<div class="wrap">
<div id="icon-options-general" class="icon32"><br /></div>
<h2><?php
_e('<Embed> Vanilla');
?>
</h2>
<p>Use this page to embed your Vanilla Forum into WordPress.</p>
<?php
vf_open_form('embed-form');
?>
<strong>Forum Location in WordPress</strong>
<em>Define where to access your Vanilla Forum within WordPress.</em>
<div id="edit-slug-box"><?php
echo get_sample_permalink_html($post_id);
?>
</div>
<?php
wp_nonce_field('samplepermalink', 'samplepermalinknonce', false);
?>
<em>You can further customize the page that contains your forum <a href="./post.php?post=<?php
echo $post_id;
?>
&action=edit">here</a>.</em>
<strong>Forum <Embed> Code</strong>
<textarea id="EmbedCode" name="<?php
echo vf_get_option_name('embed-code');
?>
"><?php
echo $embed_code;
?>
</textarea>
<em>You can make changes to your forum embed code here (optional).</em>
<p class="submit"><input type="submit" name="save" value="<?php
_e('Save Changes');
?>
" /></p>
</div>
</form>
</div>
<?php
}
function vf_admin_page()
{
// Check that the user has the required capability
if (!current_user_can('manage_options')) {
wp_die(__('You do not have sufficient permissions to access this page.'));
}
$options = get_option(VF_OPTIONS_NAME);
$url = vf_get_value('url', $options);
?>
<div class="wrap">
<div id="icon-options-general" class="icon32"><br /></div>
<h2><?php
_e('Vanilla Forum Administration');
?>
</h2>
<p>Use this page to configure your Vanilla Forum to work with WordPress.</p>
<?php
if ($url == '') {
?>
<div class="GetVanilla">
<h2>Don't have a Vanilla Forum yet?</h2>
<a href="http://vanillaforums.com" target="_blank"><span>Get one in under 60 seconds!</span></a>
</div>
<?php
}
vf_open_form('url-form');
?>
<strong>Tell WordPress where your Vanilla Forum is located</strong>
<input name="<?php
echo vf_get_option_name('url');
?>
" value="<?php
echo $url;
?>
" class="InputBox" />
<em>Paste the url to your Vanilla forum here (eg. http://yourdomain.com/forum)</em>
<p class="submit"><input type="submit" name="save" value="<?php
_e('Validate & Save');
?>
" /></p>
</form>
</div>
<?php
}
/**
* Single Sign-on administration page.
*/
function vf_sso_admin_page()
{
if (!current_user_can('manage_options')) {
wp_die(__('You do not have sufficient permissions to access this page.'));
}
$options = get_option(VF_OPTIONS_NAME);
$sso_enabled = vf_get_value('sso-enabled', $options, '');
$sso_create_users_on_register = vf_get_value('sso-create-users-on-register', $options, '');
$sso_clientid = vf_get_value('sso-clientid', $options, vf_format_url(get_option('blogname')));
$sso_secret = vf_get_value('sso-secret', $options, '');
$vanilla_url = vf_get_value('url', $options);
?>
<style type="text/css">
.wrap strong {
display: block;
font-size: 14px;
}
.TextBox {
width: 300px;
}
.form-container {
background: #f0f0f0;
display: block;
max-width: 800px;
padding: 10px;
margin: 0 0 20px;
}
.form-container label {
display: block;
padding: 0 0 16px;
}
.form-container label:last-child {
padding: 0;
}
.form-container span {
display: block;
}
.info-container {
background: #f0f0f0;
display: block;
max-width: 800px;
padding: 10px;
}
.form-container label,
.info-container label {
cursor: auto;
}
.CopyBox {
font-size: 12px;
border: 1px solid #ddd;
background: #fff;
padding: 3px 6px;
font-family: monospace;
margin-bottom: 10px;
border-radius: 2px;
-moz-border-radius: 2px;
-webkit-border-radius: 2px;
}
.important {
font-weight: bold;
font-style: italic;
}
</style>
<script type="text/javascript">
jQuery(document).ready(function($) {
$('.generate-secret').click(function() {
$.ajax({
url: $(this).attr('href'),
success: function(data) {
$('input.sso-secret').val(data);
}
});
return false;
});
});
</script>
<div class="wrap">
<div id="icon-options-general" class="icon32"><br /></div>
<h2><?php
_e('Vanilla Single Sign-on Integration');
?>
</h2>
<?php
vf_open_form('sso-form');
?>
<br />
<strong>Security Settings for Single Sign-on</strong>
<div class="form-container">
<label>
<strong>Enable</strong>
<input type="checkbox" name="<?php
echo vf_get_option_name('sso-enabled');
?>
" value="1" <?php
echo $sso_enabled == '1' ? ' checked="checked"' : '';
?>
/>
Allow users to sign into Vanilla through WordPress.
</label>
<label>
<strong>Enable creating user in vanilla on Wordpress user creation</strong>
<input type="checkbox" name="<?php
echo vf_get_option_name('sso-create-users-on-register');
?>
" <?php
echo $sso_create_users_on_register == 'on' ? ' checked="checked"' : '';
?>
/>
Create vanilla forum user immediatelly after wordpress user registration
</label>
<label>
<strong>Client ID</strong>
<span>The client id is a url-friendly value that identifies your WordPress site to Vanilla.</span>
<input class="TextBox" type="text" name="<?php
echo vf_get_option_name('sso-clientid');
?>
" value="<?php
echo $sso_clientid;
?>
" />
</label>
<label>
<strong>Secret</strong>
<span>This is a "secret" value that Vanilla uses to ensure that your WordPress site is a trusted source.</span>
<input class="TextBox sso-secret" type="text" name="<?php
echo vf_get_option_name('sso-secret');
?>
" value="<?php
echo $sso_secret;
?>
" />
<a class="generate-secret" href="<?php
echo site_url('?VFRequest=generate-secret');
?>
">Generate</a>
</label>
</div>
<strong>Other information for Vanilla</strong>
<div class="info-container">
<label>
<strong>Authenticate Url</strong>
<div class="CopyBox"><?php
echo site_url('?VFRequest=connect');
?>
</div>
</label>
<label>
<strong>Sign In Url</strong>
<div class="CopyBox"><?php
echo wp_login_url();
?>
?redirect_to={Target}</div>
</label>
<label>
<strong>Register Url</strong>
<div class="CopyBox"><?php
echo site_url('wp-login.php?action=register', 'login');
?>
</div>
</label>
<label>
<strong>SignOut Url</strong>
<div class="CopyBox"><?php
echo add_query_arg(array('action' => 'logout', '_wpnonce' => '{Nonce}', 'redirect_to' => '{Redirect}'), site_url('wp-login.php', 'login'));
?>
</div>
</label>
</div>
<p class="important">Make sure that <u>all</u> of the values above are copied into <a href="<?php
echo vf_combine_paths(array($vanilla_url, 'dashboard/settings/jsconnect'));
?>
">your Vanilla jsConnect settings page</a>.</p>
<p class="submit"><input type="submit" name="save" value="<?php
_e('Save Changes');
?>
" /></p>
</form>
</div>
<?php
}
function vf_widget_users_control()
{
// Get our options and see if we're handling a form submission.
$options = get_option(VF_OPTIONS_NAME);
$title = vf_get_value('widget-users-title', $options, 'Recently Active Users');
$count = (int) vf_get_value('widget-users-count', $options, 10);
$width = (int) vf_get_value('widget-users-iconwidth', $options, 32);
if ($_POST['widget-users-submit']) {
// Remember to sanitize and format use input appropriately.
$title = strip_tags(stripslashes($_POST['widget-users-title']));
$count = (int) vf_get_value('widget-users-count', $_POST);
$width = (int) vf_get_value('widget-users-iconwidth', $_POST);
$options['widget-users-title'] = $title;
$options['widget-users-count'] = $count;
$options['widget-users-iconwidth'] = $width;
update_option(VF_OPTIONS_NAME, $options);
}
// Be sure you format your options to be valid HTML attributes.
$title = htmlspecialchars($title, ENT_QUOTES);
echo '<p><label for="widget-users-title">' . __('Title:') . ' <input style="width: 100%;" id="widget-users-title" name="widget-users-title" type="text" value="' . $title . '" /></label></p>';
echo '<p><label for="widget-users-count">' . __('Number of users to show:') . ' <input style="width: 40px;" id="widget-users-count" name="widget-users-count" type="text" value="' . $count . '" /></label></p>';
echo '<p><label for="widget-users-iconwidth">' . __('Icon width:') . ' <input style="width: 40px;" id="widget-users-iconwidth" name="widget-users-iconwidth" type="text" value="' . $width . '" />px</label></p>';
echo '<input type="hidden" id="widget-users-submit" name="widget-users-submit" value="1" />';
}
function vf_get_sso_string()
{
$user = vf_get_user();
if (empty($user)) {
return '';
}
$options = get_option(VF_OPTIONS_NAME);
$clientID = vf_get_value('sso-clientid', $options, '');
$secret = vf_get_value('sso-secret', $options, '');
if (!$clientID || !$secret) {
return '';
}
$user['client_id'] = $clientID;
$string = base64_encode(json_encode($user));
$timestamp = time();
$hash = hash_hmac('sha1', "{$string} {$timestamp}", $secret);
$result = "{$string} {$hash} {$timestamp} hmacsha1";
return $result;
}
<?php
// only enqueue all the admin stuff if is_admin
if (is_admin()) {
// Initialize admin settings
add_action('admin_init', 'vf_admin_init');
// Add menu options to dashboard
add_action('admin_menu', 'vf_add_vanilla_menu');
}
// Replace the page content with the vanilla embed code if viewing the page that
// is supposed to contain the forum.
add_filter('the_content', 'vf_embed_content');
// Handle saving the permalink via ajax
add_action('wp_ajax_vf_embed_edit_slug', 'vf_embed_edit_slug');
$options = get_option(VF_OPTIONS_NAME);
$url = vf_get_value('url', $options);
if ($url != '') {
// Add Vanilla Widgets to WordPress
add_action('widgets_init', 'vf_widgets_init');
// Override wordpress' core functions for rendering comments and comment counts.
add_filter('comments_template', 'vf_comments_template', 1, 2);
// Place the Vanilla Forum on the external domain redirect whitelist.
add_filter('allowed_redirect_hosts', 'vf_allowed_redirect_hosts', 10, 2);
}
// Override the comment link html
add_filter('comments_open', 'vf_comments_open');
add_filter('comments_number', 'vf_comments_number');
// Add our js to update the comment count
add_action('wp_footer', 'vf_comment_count_js');
add_action('wp_loaded', 'vf_check_request');
//add_filter('allowed_redirect_hosts', 'vf_allowed_redirect_hosts');
/**
* SSO administration page.
*/
function vf_sso_admin_page()
{
if (!current_user_can('manage_options')) {
wp_die(__('You do not have sufficient permissions to access this page.'));
}
$options = get_option(VF_OPTIONS_NAME);
$cookie_domain = vf_get_value('vanilla_cookie_domain', $options, '');
$Key = vf_get_value('vanilla_sso_key', $options, '');
if ($Key == '') {
$Characters = 'abcdefghijklmnopqrstuvwxyz0123456789';
$Key = '';
for ($i = 0; $i < 16; ++$i) {
$Offset = rand() % 35;
$Key .= substr($Characters, $Offset, 1);
}
vf_update_option('vanilla_sso_key', $Key);
}
?>
<div class="wrap">
<div id="icon-options-general" class="icon32"><br /></div>
<h2><?php
_e('Vanilla Single Sign-on Configuration');
?>
</h2>
<h3><?php
_e('Vanilla Settings for WordPress');
?>
</h3>
<p>Grab this value from the single sign-on configuration screen in your Vanilla installation:</p>
<?php
vf_open_form('sso-form');
?>
<table class="form-table">
<tr>
<th>Vanilla's Cookie Domain</th>
<td><input name="<?php
echo vf_get_option_name('vanilla_cookie_domain');
?>
" value="<?php
echo $cookie_domain;
?>
" class="InputBox" /></td>
</tr>
</table>
<p class="submit"><input type="submit" name="save" value="<?php
_e('Save');
?>
" /></p>
</form>
<h3><?php
_e('WordPress Settings for Vanilla');
?>
</h3>
<p>Copy & paste the following information into the single sign-on configuration screen in your Vanilla installation:</p>
<table class="form-table">
<tr>
<th>Authenticate Url</th>
<td><span class="description"><?php
echo site_url('?VanillaChallengeKey=' . $Key, 'vanilla-sso-info');
?>
</span></td>
</tr>
<tr>
<th>Registration Url</th>
<td><span class="description"><?php
echo site_url('wp-login.php?action=register', 'login');
?>
</span></td>
</tr>
<tr>
<th>Sign-in Url</th>
<td><span class="description"><?php
echo wp_login_url();
?>
?redirect_to={Redirect}</span></td>
</tr>
<tr>
<th>Sign-out Url</th>
<td><span class="description"><?php
echo add_query_arg(array('action' => 'logout', '_wpnonce' => '{Nonce}', 'redirect_to' => '{Redirect}'), site_url('wp-login.php', 'login'));
?>
</span></td>
</tr>
</table>
</div>
<?php
}
$categoryid = vf_get_value('embed-categoryid', $options, '0');
if (vf_get_value('embed-matchcategories', $options, '0')) {
// Send the post's category ID instead of the default.
$categories = get_the_category();
if (!empty($categories)) {
$category = array_shift($categories);
if (isset($category->slug)) {
$categoryid = $category->slug;
}
}
}
?>
<div id="vanilla-comments"></div>
<script type="text/javascript">
var vanilla_forum_url = '<?php
echo vf_get_value('url', $options);
?>
'; // Required: the full http url & path to your vanilla forum
var vanilla_identifier = '<?php
echo $post->ID;
?>
'; // Required: your unique identifier for the content being commented on
var vanilla_url = '<?php
echo get_permalink();
?>
'; // Current page's url
<?php
if ($categoryid) {
?>
var vanilla_category_id = '<?php
echo $categoryid;
function vf_comments_template($value)
{
global $EMBED;
global $post;
global $comments;
if (!(is_singular() && (have_comments() || $post->comment_status == 'open'))) {
return;
}
if (vf_forum_embedded()) {
$EMBED = true;
return dirname(__FILE__) . '/empty.php';
}
$options = get_option(VF_OPTIONS_NAME);
$embed_comments = vf_get_value('embed-comments', $options);
if (!$embed_comments) {
return $value;
}
$EMBED = true;
return dirname(__FILE__) . '/comments.php';
}
<?php
/**
* Single Sign-on functions.
*/
/**
* Check to see if we should kill processing and display information for Vanilla
*/
$VFRequest = vf_get_value('VFRequest', $_GET);
switch ($VFRequest) {
// Show the signed in user
case 'connect':
require_once dirname(__FILE__) . '/functions.jsconnect.php';
$user = vf_get_user();
$options = get_option(VF_OPTIONS_NAME);
$clientID = vf_get_value('sso-clientid', $options, '');
$secret = vf_get_value('sso-secret', $options, '');
WriteJsConnect($user, $_GET, $clientID, $secret, true);
exit;
break;
// Generate a secret to be used for security.
// Generate a secret to be used for security.
case 'generate-secret':
echo md5(time());
exit;
break;
}
/**
* Validates options being saved for Vanilla Forums. WordPress is a bit hinky
* here, so we use hidden inputs to identify the forum being saved and validate
* the inputs accordingly. This is a catch-all validation for all forms.
*/
function vf_validate_options($options)
{
$formname = vf_get_value('form-name', $options);
$alloptions = get_option(VF_OPTIONS_NAME);
if (!is_array($alloptions)) {
$alloptions = array();
}
switch ($formname) {
case 'url-form':
$url = vf_get_value('url', $options, '');
$options = $alloptions;
// Make a rest request to Vanilla's API to validate that the forum is at the given location.
$resturl = vf_combine_paths(array($url, '?p=discussions.json'), '/');
$data = json_decode(vf_rest($resturl));
if (!is_object($data)) {
$options['url'] = '';
add_settings_error('url', 'url', 'Forum url could not be validated. Are you sure you entered the correct web address of your forum?');
} else {
$options['url'] = $url;
if (vf_get_value('embed-code', $options, '') == '') {
// Set the embed_code if it is not already defined.
$embedurl = vf_combine_paths(array($url, 'plugins/embedvanilla/remote.js'), '/');
$options['embed-code'] = '<script type="text/javascript" src="' . $embedurl . '"></script>';
}
vf_configure_embed_container();
}
break;
case 'embed-form':
$embed_code = vf_get_value('embed-code', $options, '');
$options = $alloptions;
$url = vf_get_value('url', $options, '');
if ($embed_code == '') {
// Set the embed_code if it is not already defined.
$embedurl = vf_combine_paths(array($url, 'plugins/embedvanilla/remote.js'), '/');
$options['embed-code'] = '<script type="text/javascript" src="' . $embedurl . '"></script>';
} else {
$options['embed-code'] = $embed_code;
}
break;
default:
$options = array_merge($alloptions, $options);
break;
}
return $options;
}