private function authenticate() { //Try gaining access to the Facebook PHP SDK try { $accessToken = SDK::instance()->helper->getAccessToken(); } catch (Facebook\Exceptions\FacebookResponseException $e) { throw new Exception("Graph returned an error: " . $e->getMessage()); } catch (Facebok\Exceptions\FacebookSDKException $e) { throw new Exception("Facebook SDK returned an error: " . $e->getMessage()); } //Assuming it went well, let's process our login state if (!is_null($this->getToken()) || isset($accessToken)) { //This if statements means that it doesn't matter if the session token is set or not, //as long as we have the access token either by request or by session, we can use the session if (is_null($this->getToken())) { $this->setToken((string) $accessToken); header("Location: " . Engine::getRemoteAbsolutePath((new Analyse())->getURL())); } //Get basic user profile information such as user id, name and email to test whether the session works try { $this->importFromJson($this->getBasicUserProfile()->getGraphUser()); } catch (Facebook\Exceptions\FacebookResponseException $e) { if (strpos($e->getMessage(), "The user has not authorized application") > -1) { Engine::clearSession(); header("Location: " . Engine::getRemoteAbsolutePath((new Home())->getURL())); } else { throw $e; } exit; } return true; } else { return false; } }
private function deleteAccount($dbh) { $this->deleteResults($dbh); try { $sql = "DELETE FROM Users WHERE USER_ID='" . User::instance()->id . "'"; $stmt = $dbh->prepare($sql); $stmt->execute(); Engine::clearSession(); header('Location: ' . Engine::getRemoteAbsolutePath((new Home())->getURL())); } catch (PDOException $e) { throw new Exception(400, "Invalid request"); } }