function get_fb_validation_vars($user, $app_id, $others = array(), $logged_in_others = array(), $require_login = null) { global $DEMO_SESSION_KEY; $app_info = application_get_short_info($app_id); $secret = $app_info['secret']; $others['time'] = (string) microtime(true); if (is_array($user)) { $user = $user['user']; } if ($user) { $others['added'] = (int) is_platform_app_installed($app_id, $user); $session_key = $DEMO_SESSION_KEY; // FBOPEN:NOTE - stub: assume user session exists if ($session_key) { $others['user'] = $user; $others['session_key'] = $session_key; $session_info = api_session_get_info($session_key, $app_id); if ($app_info['desktop']) { // use the session secret instead of the normal one $secret = $session_info['session_secret']; } if ($session_info['session_timeout'] == 0) { $others['expires'] = 0; } else { $others['expires'] = $session_info['key_create_time'] + $session_info['session_timeout']; } $others += $logged_in_others; } elseif ($require_login) { $others['user'] = $user; } } $others['api_key'] = $app_info['apikey']; $vars = array(); foreach ($others as $n => $v) { $vars['fb_sig_' . $n] = $v; } $vars['fb_sig'] = api_generate_sig($others, $secret); return $vars; }
/** * Checks the syntax of the markup for a feed story, filtering and replacing as necessary * * @param string $title * @param string $body * @param string $image_1 * @param string $image_2 * @param string $image_3 * @param string $image_4 * @param string &$error - contains the error on an unsuccessful call * @return array if successful, error string or false if not * */ function application_create_feed_story($app_id, $user, $require_user_link, $title, $body, $image_1, $image_1_link, $image_2, $image_2_link, $image_3, $image_3_link, $image_4, $image_4_link, &$error) { // Get rid of nulls from input $title = str_replace("", '', $title); $body = str_replace("", '', $body); // Check title length if (strlen(strip_tags($title)) > $GLOBALS['API_FEED']['MAX_TITLE']) { $error = 'error_title_length'; return false; } $num_matches = preg_match_all('/<a /', $title, $matches); if ($num_matches > 1) { $error = 'error_title_link'; return false; } // FBOPEN:NOTE - you may with to create separate flavors here. /* if ($require_user_link) { $flavor = new FeedTitleWithNamesFBMLFlavor($env); } else { $flavor = new FeedTitleFBMLFlavor($env); } */ // Check for user links in title if necessary if ($require_user_link) { // FBOPEN:NOTE Add your checking here. } // Check body if ($body) { if (strlen(strip_tags($body)) > $GLOBALS['API_FEED']['MAX_BODY']) { $error = 'error_body_length'; return false; } // See how it renders to make sure it doesn't come out blank $env = array('user' => $user, 'app_id' => $app_id); // FBOPEN:NOTE - you may wish to use a different flavor or implementation here. // This is just a sample. $fbml_flavor = new FBMLCanvasPageFlavor($env); $fbml_impl = new FBJSEnabledFacebookImplementation($fbml_flavor); $html = fbml_sample_parse($body, $fbml_impl); if (!$html || need_illegal_story_check($app_id) && is_illegal_feed_story($app_id, $body)) { $error = 'error_illegal_content'; return false; } } $images = api_feed_validate_images($app_id, $image_1, $image_1_link, $image_2, $image_2_link, $image_3, $image_3_link, $image_4, $image_4_link, $do_proxy = true, $error); if (false === $images) { // error has been set by api_feed_validate_images return false; } $short_info = application_get_short_info($app_id); return array('title' => $title, 'body' => $body, 'images' => $images, 'allow_names' => $require_user_link); }