function get_fb_validation_vars($user, $app_id, $others = array(), $logged_in_others = array(), $require_login = null)
{
global $DEMO_SESSION_KEY;
$app_info = application_get_short_info($app_id);
$secret = $app_info['secret'];
$others['time'] = (string) microtime(true);
if (is_array($user)) {
$user = $user['user'];
}
if ($user) {
$others['added'] = (int) is_platform_app_installed($app_id, $user);
$session_key = $DEMO_SESSION_KEY;
// FBOPEN:NOTE - stub: assume user session exists
if ($session_key) {
$others['user'] = $user;
$others['session_key'] = $session_key;
$session_info = api_session_get_info($session_key, $app_id);
if ($app_info['desktop']) {
// use the session secret instead of the normal one
$secret = $session_info['session_secret'];
}
if ($session_info['session_timeout'] == 0) {
$others['expires'] = 0;
} else {
$others['expires'] = $session_info['key_create_time'] + $session_info['session_timeout'];
}
$others += $logged_in_others;
} elseif ($require_login) {
$others['user'] = $user;
}
}
$others['api_key'] = $app_info['apikey'];
$vars = array();
foreach ($others as $n => $v) {
$vars['fb_sig_' . $n] = $v;
}
$vars['fb_sig'] = api_generate_sig($others, $secret);
return $vars;
}
/**
* Checks the syntax of the markup for a feed story, filtering and replacing as necessary
*
* @param string $title
* @param string $body
* @param string $image_1
* @param string $image_2
* @param string $image_3
* @param string $image_4
* @param string &$error - contains the error on an unsuccessful call
* @return array if successful, error string or false if not
*
*/
function application_create_feed_story($app_id, $user, $require_user_link, $title, $body, $image_1, $image_1_link, $image_2, $image_2_link, $image_3, $image_3_link, $image_4, $image_4_link, &$error)
{
// Get rid of nulls from input
$title = str_replace("", '', $title);
$body = str_replace("", '', $body);
// Check title length
if (strlen(strip_tags($title)) > $GLOBALS['API_FEED']['MAX_TITLE']) {
$error = 'error_title_length';
return false;
}
$num_matches = preg_match_all('/<a /', $title, $matches);
if ($num_matches > 1) {
$error = 'error_title_link';
return false;
}
// FBOPEN:NOTE - you may with to create separate flavors here.
/*
if ($require_user_link) {
$flavor = new FeedTitleWithNamesFBMLFlavor($env);
} else {
$flavor = new FeedTitleFBMLFlavor($env);
}
*/
// Check for user links in title if necessary
if ($require_user_link) {
// FBOPEN:NOTE Add your checking here.
}
// Check body
if ($body) {
if (strlen(strip_tags($body)) > $GLOBALS['API_FEED']['MAX_BODY']) {
$error = 'error_body_length';
return false;
}
// See how it renders to make sure it doesn't come out blank
$env = array('user' => $user, 'app_id' => $app_id);
// FBOPEN:NOTE - you may wish to use a different flavor or implementation here.
// This is just a sample.
$fbml_flavor = new FBMLCanvasPageFlavor($env);
$fbml_impl = new FBJSEnabledFacebookImplementation($fbml_flavor);
$html = fbml_sample_parse($body, $fbml_impl);
if (!$html || need_illegal_story_check($app_id) && is_illegal_feed_story($app_id, $body)) {
$error = 'error_illegal_content';
return false;
}
}
$images = api_feed_validate_images($app_id, $image_1, $image_1_link, $image_2, $image_2_link, $image_3, $image_3_link, $image_4, $image_4_link, $do_proxy = true, $error);
if (false === $images) {
// error has been set by api_feed_validate_images
return false;
}
$short_info = application_get_short_info($app_id);
return array('title' => $title, 'body' => $body, 'images' => $images, 'allow_names' => $require_user_link);
}
