/**
* Request current application permissions for an authenticated Facebook user
*
* @since 1.1
* @return array user permissions as flat array
*/
public function get_current_user_permissions($current_user = '')
{
if (!$current_user) {
// load user functions
if (!class_exists('Facebook_User')) {
require_once dirname(dirname(dirname(__FILE__))) . '/facebook-user.php';
}
// simply verify a connection between user and app
$current_user = Facebook_User::get_current_user(array('id'));
if (!$current_user) {
return array();
}
}
try {
$response = $this->api('/me/permissions', 'GET', array('ref' => 'fbwpp'));
} catch (WP_FacebookApiException $e) {
$error_result = $e->getResult();
if ($error_result && isset($error_result['error_code'])) {
// try to extend access token if request failed
if ($error_result['error_code'] === 2500) {
$this->setExtendedAccessToken();
}
}
return array();
}
if (is_array($response) && isset($response['data'][0])) {
$permissions = array();
foreach ($response['data'][0] as $permission => $exists) {
$permissions[$permission] = true;
}
return $permissions;
}
return array();
}
/**
* Check if the current user has associated his or her Facebook profile with his or her WordPress account
* If the current user can edit posts and has not authorized Facebook then show a prompt encouraging action.
*
* @since 1.1
*/
public static function connect_facebook_account($verify_permissions = null)
{
global $facebook;
$profile_prompt = false;
// check for permission to publish Open Graph action (publish article)
// check for the superset permission: publish_stream
if (!is_array($verify_permissions)) {
$profile_prompt = true;
$verify_permissions = array('publish_actions', 'publish_stream');
}
$current_user = wp_get_current_user();
// no need to alert if he cannot create a post
if (!user_can($current_user, 'edit_posts')) {
return;
}
if (!class_exists('Facebook_User')) {
require_once dirname(__FILE__) . '/facebook-user.php';
}
$facebook_user_data_exists = false;
$facebook_user_data = Facebook_User::get_user_meta($current_user->ID, 'fb_data', true);
if (is_array($facebook_user_data) && isset($facebook_user_data['fb_uid'])) {
if (empty($verify_permissions)) {
return;
}
$facebook_user_data_exists = true;
}
// Facebook information not found
$facebook_user = Facebook_User::get_current_user(array('id', 'username'));
if ($facebook_user) {
$permissions = $facebook->get_current_user_permissions($facebook_user);
$all_permissions_exist = true;
foreach ($verify_permissions as $permission_to_verify) {
if (!isset($permissions[$permission_to_verify])) {
$all_permissions_exist = false;
break;
}
}
if ($all_permissions_exist) {
if (!$facebook_user_data_exists || $facebook_user_data['fb_uid'] != $facebook_user['id']) {
$facebook_user_data = array('fb_uid' => $facebook_user['id'], 'activation_time' => time());
if (!empty($facebook_user['username'])) {
$facebook_user_data['username'] = $facebook_user['username'];
}
Facebook_User::update_user_meta($current_user->ID, 'fb_data', $facebook_user_data);
}
return;
}
}
// priority before js sdk registration needed to add JS inside FbAsyncInit
add_action('admin_enqueue_scripts', array('Facebook_Admin_Login', 'add_async_load_javascript_filter'), -1, 0);
// add all others at P11 after scripts registered
add_action('admin_enqueue_scripts', array('Facebook_Admin_Login', 'enqueue_scripts'), 11);
if ($profile_prompt) {
add_action('admin_notices', array('Facebook_Admin_Login', 'admin_notice'), 1, 0);
}
// up top
}
/**
* Save submitted post after create / update
*
* @since 1.1
* @param int $post_id post identifier
*/
public static function save($post_id)
{
// verify if this is an auto save routine.
// If it is our form has not been submitted, so we dont want to do anything
if (defined('DOING_AUTOSAVE') && DOING_AUTOSAVE) {
return;
}
if (!class_exists('Facebook_User')) {
require_once dirname(dirname(dirname(dirname(__FILE__)))) . '/facebook-user.php';
}
$facebook_user = Facebook_User::get_current_user();
if (!$facebook_user) {
return;
}
// verify this came from the our screen and with proper authorization,
// because save_post can be triggered at other times
if (!isset($_POST[self::FIELD_AUTOCOMPLETE]) || empty($_POST[self::NONCE_NAME]) || !wp_verify_nonce($_POST[self::NONCE_NAME], plugin_basename(__FILE__))) {
return;
}
// Check permissions
$post_type = get_post_type($post_id);
if (!($post_type && post_type_supports($post_type, 'author'))) {
return;
}
if (!class_exists('Facebook_Social_Publisher')) {
require_once dirname(dirname(__FILE__)) . '/social_publisher.php';
}
$capability_singular_base = Facebook_Social_Publisher::post_type_capability_base($post_type);
if (!current_user_can('edit_' . $capability_singular_base, $post_id)) {
return;
}
// process data then save it
preg_match_all('/\\[(\\d*?)\\|(.*?)\\]/su', $_POST[self::FIELD_AUTOCOMPLETE], $friend_details, PREG_SET_ORDER);
$friends_details_meta = array();
foreach ($friend_details as $friend_detail) {
$friends_details_meta[] = array('id' => $friend_detail[1], 'name' => sanitize_text_field($friend_detail[2]));
}
if (!empty($friends_details_meta)) {
update_post_meta($post_id, self::POST_META_KEY_MENTIONS, $friends_details_meta);
}
$message = trim(sanitize_text_field($_POST[self::FIELD_MESSAGE]));
if ($message) {
update_post_meta($post_id, self::POST_META_KEY_MESSAGE, $message);
}
}
