|
Server : Apache/2.4.62 System : FreeBSD fbsdweb2.web.rcn.net 14.1-RELEASE FreeBSD 14.1-RELEASE releng/14.1-n267679-10e31f0946d8 GENERIC amd64 User : www ( 80) PHP Version : 8.3.8 Disable Function : NONE Directory : /domains/owens.enteract/inc/libs/fb/ |
Upload File : |
<?php
/**
* A quick and easy php Facebook initialization.
*/
//ini_set("session.save_path",dirname(__FILE__)."/client/sessions");
require 'client/facebook.php';
$facebook = new Facebook(array(
'appId' => FB_APP_ID,
'secret' => FB_SECRET_KEY,
));
//AS OF NOW, TABS *AND* APPS GET signed_request PARAMETER. WHO KNOWS HOW LONG THAT WILL LAST. THE TAB signed_request HAS AN ADDITIONAL page PARAMETER.
//$fb_signed_request = parse_signed_request($_REQUEST['signed_request'], SECRET_KEY);
//$fb_signed_request = parse_signed_request($facebook->getSignedRequest(), SECRET_KEY);
$fb_signed_request = $facebook->getSignedRequest();
$is_tab = isset($fb_signed_request['page']);
$embedtype = ($is_tab) ? "tab" : "app";
$uid = $fb_signed_request['user_id'];
//$fullname
$locale = $fb_signed_request['user']['locale'];
$country = $fb_signed_request['user']['country'];
$age_min = $fb_signed_request['user']['age']['min'];
$age_max = $fb_signed_request['user']['age']['max'];
//$hassession
//$access_token = $fb_signed_request['oauth_token'];
$issued = $fb_signed_request['issued_at'];
$expires = $fb_signed_request['expires'];
if ($is_tab) {
$fbPageID = $fb_signed_request['page']['id'];
$isFan = $fb_signed_request['page']['liked'];
$isAdmin = $fb_signed_request['page']['admin'];
$app_data = $fb_signed_request['app_data'];
//don't leave $pageFan empty for 'false'.
if ($pageFan == ""){ $pageFan = "0"; }
}
else
{
//page data is irrelevant, but included to not break stuff.
$fbPageID = "";
$isFan = "";
$isAdmin = "";
$app_data = "";
}
$granted_permissions = ""; //only set if there's a session
// See if there is a user from a cookie
$user = $facebook->getUser();
if ($user) {
try {
$access_token = $facebook->getAccessToken();
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
//these three happen often enough that they are always included.
$fullname = $user_profile['name'];
$firstname = $user_profile['first_name'];
$lastname = $user_profile['last_name'];
//These are common requests. They require extended permissions.
//$email = $user_profile['email'];
//$birthday = $user_profile['birthday'];
//$location = (isset($user_profile['location'])) ? $location = $user_profile['location']['name'] : "";
// User is logged in and authorized
$hassession = "yes";
//$granted_permissions
//check for specific user permissions through fql
//permissions documentation - http://developers.facebook.com/docs/authentication/permissions/
//comma deliniated list of permissions - UPDATE TO WHAT IS NEEDED FOR THE APP.
//$wanted_permissions = 'friends_photos,publish_stream,read_stream,user_birthday,user_hometown,user_likes,user_location,user_photos,user_relationships,user_relationship_details'; //defined in index / tab
if ($wanted_permissions != ""){
$fql = 'SELECT '.$wanted_permissions.' FROM permissions WHERE uid = me()';
$response = $facebook->api(array(
'method' => 'fql.query',
'query' =>$fql,
));
foreach ($response[0] as $key => $value) {
if ($value == "1"){
//add each permsission to the string, comma deliniated
$granted_permissions .= $key . ",";
}
}
//remove the trailing comma
$granted_permissions = substr($granted_permissions, 0, -1);
}
} catch (FacebookApiException $e) {
//echo ":etype:" . $e->getType();
//echo ":emsg:" . $e->getMessage();
$user = null;
$hassession = "no";
$granted_permissions = "";
$fullname = "";
$firstname = "";
$lastname = "";
}
} else {
/**
* ---
* At this point we have determined that the user is not logged
* in to the application. From here we'll need to authorize them
* using the getLoginUrl() function available from the API library.
* ---
*
* getLoginUrl parameters:
* - next: the url to go to after a successful login
* - cancel_url: the url to go to after the user cancels
* - req_perms: comma separated list of requested extended perms
* - display: can be "page" (default, full page) or "popup"
**/
//FORCE A USER TO AUTHORIZE APP BEFORE ACCESSING APP
/*
$params = array(
'fbconnect'=>0,
'canvas'=>1,
//'req_perms'=>'user_likes,email,user_location',
'req_perms'=>'publish_stream,offline_access',
'next'=>FB_ROOT,
'cancel_url'=>FB_ROOT
);
$redirect = $facebook->getLoginUrl($params);
//header('Location: '.$redirect); - FB already has content on the page, this will redirect the iframe?
?>
<script type="text/javascript">
<!--
top.location.href = "<?=$redirect?>"
//-->
</script>
*/
//IF THE USER IS NOT BEING FORCED TO AUTHORIZE, COLLECT WHAT WE CAN FROM signed_request AND PROCEED.
$hassession = "no";
$granted_permissions = "";
$fullname = "";
$email = '';
}
/* -----------------------------------------------------------------------------------------------
FB UTILS
-----------------------------------------------------------------------------------------------*/
function parse_signed_request($signed_request, $secret) {
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
// decode the data
$sig = base64_url_decode($encoded_sig);
$data = json_decode(base64_url_decode($payload), true);
if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
error_log('Unknown algorithm. Expected HMAC-SHA256');
return null;
}
// check sig
$expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
if ($sig !== $expected_sig) {
error_log('Bad Signed JSON signature!');
return null;
}
return $data;
}
function base64_url_decode($input) {
return base64_decode(strtr($input, '-_', '+/'));
}
function isFBAdmin($uidIn){
if (stripos(FB_ADMIN_LIST, $uidIn) !== false){
return true;
}else{
return false;
}
}