/**
* Authenticates the current viewer of the app, prompting them to login and
* grant permissions if necessary. For more information, check the
* 'https://developers.facebook.com/docs/authentication/'
*
* @return app access token if login is successful
*/
public static function login($redirect)
{
$app_id = AppInfo::appID();
$app_secret = AppInfo::appSecret();
$home = AppInfo::getHome();
// Scope defines what permissions that we are asking the user to grant.
// In this example, we are asking for the ability to publish stories
// about using the app, access to what the user likes, and to be able
// to use their pictures. You should rewrite this scope with whatever
// permissions your app needs.
// See https://developers.facebook.com/docs/reference/api/permissions/
// for a full list of permissions
$scope = 'user_likes,user_photos,user_photo_video_tags';
session_start();
$code = $_REQUEST["code"];
// If we don't have a code returned from Facebook, the first step is to get
// that code
if (empty($code)) {
// CSRF protection - for more information, look at 'Security Considerations'
// at 'https://developers.facebook.com/docs/authentication/'
$state = md5(uniqid(rand(), TRUE));
setcookie(AppInfo::appID() . '-fb-app', $state, $expires = 0, $path = "", $domain = "", $secure = "", $httponly = true);
// Now form the login URL that you will use to authorize your app
$authorize_url = "https://www.facebook.com/dialog/oauth?client_id={$app_id}" . "&redirect_uri={$home}&state=" . $state . "&scope={$scope}";
// Now we redirect the user to the login page
echo "<script> top.location.href='" . $authorize_url . "'</script>";
return false;
// Once we have that code, we can now request an access-token. We check to
// ensure that the state has remained the same.
} else {
if ($_REQUEST['state'] === $_COOKIE[AppInfo::appID() . '-fb-app']) {
$ch = curl_init("https://graph.facebook.com/oauth/access_token");
curl_setopt($ch, CURLOPT_POSTFIELDS, "client_id={$app_id}&redirect_uri={$home}&client_secret={$app_secret}" . "&code={$code}&scope={$scope}");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$response = curl_exec($ch);
// Once we get a response, we then parse it to extract the access token
parse_str($response, $params);
$token = $params['access_token'];
return $token;
// In the event that the two states do not match, we return false to signify
// that something has gone wrong during authentication
} else {
echo "States do not match. CSRF?";
return false;
}
}
}
// Defined in 'AppInfo.php'
require_once dirname(__FILE__) . '/../AppInfo.php';
// This provides access to helper functions defined in 'utils.php'
require_once dirname(__FILE__) . '/../utils.php';
// Enforce https on production
if (substr(AppInfo::getUrl(), 0, 8) != 'https://' && !isLocalhost()) {
header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit;
}
// Load the Facebook PHP SDK
require_once 'facebook/src/facebook.php';
// Load our own libraries.
require 'pat-fb/PATFacebookUser.class.php';
require 'pat-fb/PATIncident.class.php';
require 'pat-fb/template_functions.inc.php';
$FB = new Facebook(array('appId' => AppInfo::appID(), 'secret' => AppInfo::appSecret(), 'trustForwarded' => true));
$user_id = $FB->getUser();
if ($user_id) {
try {
// Fetch the viewer's basic information
$me = new PATFacebookUser($FB);
$me->loadFriends('id,name,gender,picture.type(square),bio,installed');
$my_prefs = $me->getPreferences();
date_default_timezone_set($my_prefs['user_timezone_name']);
} catch (FacebookApiException $e) {
error_log('Failed to set global variable $me.');
error_log(serialize($e));
// If the call fails we check if we still have a user. The user will be
// cleared if the error is because of an invalid accesstoken
if (!$FB->getAccessToken()) {
header('Location: ' . AppInfo::getUrl($_SERVER['REQUEST_URI']));
<?php
//local
//putenv("FACEBOOK_APP_ID=303645853062039");
//putenv("FACEBOOK_SECRET=ecff0039038ebcaf7bfbc3760c2f90ea");
require_once 'AppInfo.php';
require_once 'utils.php';
require_once 'sdk/src/facebook.php';
$facebook = new Facebook(array('appId' => AppInfo::appID(), 'secret' => AppInfo::appSecret()));
$user_id = $facebook->getUser();
$likes_page = false;
$data = parse_signed_request($_REQUEST['signed_request'], AppInfo::appSecret());
if ($data != null && is_array($data)) {
$likes_page = $data['page']['liked'];
}
// Fetch the basic info of the app that they are using
$app_info = $facebook->api('/' . AppInfo::appID());
$app_name = idx($app_info, 'name', '');
?>
<!DOCTYPE html>
<html xmlns:fb="http://ogp.me/ns/fb#" lang="en">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=2.0, user-scalable=yes" />
<title><?php
echo he($app_name);
?>
</title>
<link rel="stylesheet" href="stylesheets/screen.css" media="Screen" type="text/css" />
<link href="stylesheets/lightbox.css" rel="stylesheet" />
<?php
error_reporting(E_ALL);
ini_set("display_errors", 1);
// Loading SLIM
require 'slim/Slim/Slim.php';
\Slim\Slim::registerAutoloader();
$app = new Slim\Slim();
require_once "src/AppInfo.php";
require_once "src/Utils.php";
// LOADING FACEBOOK
require_once 'sdk/src/facebook.php';
$facebook = new Facebook(array('appId' => AppInfo::appID(), 'secret' => AppInfo::appSecret(), 'sharedSession' => true, 'trustForwarded' => true));
$app->get('/hello/:name', function ($name) use($app) {
$app->render('show.php', array('title' => 'Sahara'));
echo "Hello, {$name}";
});
$app->get('/', function ($name = "Demo app Open graph") use($app, $facebook) {
$user_id = $facebook->getUser();
//$app_info = $facebook->api('/'. AppInfo::appID());
//$app_name = Utils::idx($app_info, 'name', '');
$app->render('main.php', array('user_id' => $user_id, "title" => "DEMO APP FB OG"));
});
$app->get("/maps/streetview", function () use($app, $facebook) {
$user_id = $facebook->getUser();
$app->render('map_streetview.php', array('user_id' => $user_id, "title" => "Street View"));
});
$app->get('/info', function () {
phpinfo();
});
$app->run();
if (substr(AppInfo::getUrl(), 0, 8) != 'https://' && $_SERVER['REMOTE_ADDR'] != '127.0.0.1') {
header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit;
}
// This provides access to helper functions defined in 'utils.php'
require_once '../utils.php';
/*****************************************************************************
*
* The content below provides examples of how to fetch Facebook data using the
* Graph API and FQL. It uses the helper functions defined in 'utils.php' to
* do so. You should change this section so that it prepares all of the
* information that you want to display to the user.
*
****************************************************************************/
require_once '../sdk/src/facebook.php';
$facebook = new Facebook(array('appId' => AppInfo::appID(), 'secret' => AppInfo::appSecret()));
$user_id = $facebook->getUser();
if ($user_id) {
try {
// Fetch the viewer's basic information
$basic = $facebook->api('/me');
} catch (FacebookApiException $e) {
// If the call fails we check if we still have a user. The user will be
// cleared if the error is because of an invalid accesstoken
if (!$facebook->getUser()) {
header('Location: ' . AppInfo::getUrl($_SERVER['REQUEST_URI']));
exit;
}
}
// This fetches some things that you like . 'limit=*" only returns * values.
// To see the format of the data you are retrieving, use the "Graph API