public function navbar()
{
$menus = array();
array_push($menus, array('text' => '前台', 'class' => 'icon-home', 'href' => base_url()));
array_push($menus, array('text' => '登出', 'class' => 'icon-exit top_line logout', 'href' => Fb::logoutUrl('platform', 'sign_out')));
$content = $this->load_content(array('menus' => $menus), true);
return $this->output_json(array('status' => true, 'content' => $content));
}
public static function login()
{
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
$helper = self::faceBook()->getRedirectLoginHelper();
try {
self::$accessToken = $helper->getAccessToken();
return true;
} catch (Exception $e) {
return false;
}
return false;
}
public function fb_sign_in()
{
if (!(Fb::login() && ($me = Fb::me()) && (isset($me['name']) && ($name = $me['name']) && (isset($me['email']) && ($email = $me['email'])) && (isset($me['id']) && ($id = $me['id']))))) {
return redirect_message(array(), array('_flash_message' => 'Facebook 登入錯誤,請通知程式設計人員!(1)'));
}
if (!($user = User::find('one', array('conditions' => array('uid = ?', $id))))) {
if (!User::transaction(function () use(&$user, $id) {
return verifyCreateOrm($user = User::create(array_intersect_key(array('uid' => $id), User::table()->columns)));
})) {
return redirect_message(array(), array('_flash_message' => 'Facebook 登入錯誤,請通知程式設計人員!(2)'));
}
}
$user->name = $name;
$user->login_count += 1;
$user->logined_at = date('Y-m-d H:i:s');
if (!User::transaction(function () use($user) {
return $user->save();
})) {
return redirect_message(array(), array('_flash_message' => 'Facebook 登入錯誤,請通知程式設計人員!(3)'));
}
Session::setData('user_id', $user->id);
return redirect_message(func_get_args(), array('_flash_message' => '使用 Facebook 登入成功!'));
}
function saveSignedRequest()
{
$signed_request = $_POST['signed_request'];
$secret = Config::get_mandatory('fb_secret');
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
// decode the data
$sig = Fb::base64_url_decode($encoded_sig);
$data = json_decode(Fb::base64_url_decode($payload), true);
if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
error_log('Unknown algorithm. Expected HMAC-SHA256');
return null;
}
// check sig
$expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
if ($sig !== $expected_sig) {
error_log('Bad Signed JSON signature!');
return null;
}
// save to session, so we have it throughout app
$_SESSION['signed_request'] = $data;
return $data;
}
<div class='login'>
<?php
if (User::current() && !User::current()->is_login()) {
?>
<div class='m'>您已經登入成功,<br/>請管理員為您確認權限!</div>
<?php
} else {
if ($_flash_message = Session::getData('_flash_message', true)) {
?>
<div class='m'><?php
echo $_flash_message;
?>
</div>
<?php
}
}
?>
<a id='facebook' href='<?php
echo Fb::loginUrl('platform', 'fb_sign_in', 'admin');
?>
'>facebook 登入</a>
</div>
