# STEP 2: Exchange the code that we have for an access token
$data = array();
$data['get'] = array(
'client_id' => $client_id,
'client_secret' => $client_secret,
'code' => $_GET['code'],
'redirect_uri' => $callbackURL,
);
$response = xhttp::fetch('https://graph.facebook.com/oauth/access_token', $data);
if($response['successful']) {
$data = xhttp::toQueryArray($response['body']);
$_SESSION['access_token'] = $data['access_token'];
$_SESSION['loggedin'] = true;
$data = array();
$data['get'] = array(
'access_token' => $_SESSION['access_token'],
'fields' => 'id,name,accounts'
);
$response = xhttp::fetch('https://graph.facebook.com/me', $data);
if($response['successful']) {
$_SESSION['user'] = json_decode($response['body'], true);
$_SESSION['user']['access_token'] = $_SESSION['access_token'];
} else {
