- public function getAppId() {
- return $this->appId;
- }
-
- /**
- * Set the API Secret.
- *
- * @param String $appId the API Secret
- */
- public function setApiSecret($apiSecret) {
- $this->apiSecret = $apiSecret;
- return $this;
- }
-
- /**
- * Get the API Secret.
- *
- * @return String the API Secret
- */
- public function getApiSecret() {
- return $this->apiSecret;
- }
-
- /**
- * Set the Cookie Support status.
- *
- * @param Boolean $cookieSupport the Cookie Support status
- */
- public function setCookieSupport($cookieSupport) {
- $this->cookieSupport = $cookieSupport;
- return $this;
- }
-
- /**
- * Get the Cookie Support status.
- *
- * @return Boolean the Cookie Support status
- */
- public function useCookieSupport() {
- return $this->cookieSupport;
- }
-
- /**
- * Set the base domain for the Cookie.
- *
- * @param String $domain the base domain
- */
- public function setBaseDomain($domain) {
- $this->baseDomain = $domain;
- return $this;
- }
-
- /**
- * Get the base domain for the Cookie.
- *
- * @return String the base domain
- */
- public function getBaseDomain() {
- return $this->baseDomain;
- }
-
- /**
- * Set the file upload support status.
- *
- * @param String $domain the base domain
- */
- public function setFileUploadSupport($fileUploadSupport) {
- $this->fileUploadSupport = $fileUploadSupport;
- return $this;
- }
-
- /**
- * Get the file upload support status.
- *
- * @return String the base domain
- */
- public function useFileUploadSupport() {
- return $this->fileUploadSupport;
- }
-
- /**
- * Get the data from a signed_request token
- *
- * @return String the base domain
- */
- public function getSignedRequest() {
- if (!$this->signedRequest) {
- if (isset($_REQUEST['signed_request'])) {
- $this->signedRequest = $this->parseSignedRequest(
- $_REQUEST['signed_request']);
- }
- }
- return $this->signedRequest;
- }
-
- /**
- * Set the Session.
- *
- * @param Array $session the session
- * @param Boolean $write_cookie indicate if a cookie should be written. this
- * value is ignored if cookie support has been disabled.
- */
- public function setSession($session=null, $write_cookie=true) {
- $session = $this->validateSessionObject($session);
- $this->sessionLoaded = true;
- $this->session = $session;
- if ($write_cookie) {
- $this->setCookieFromSession($session);
- }
- return $this;
- }
-
- /**
- * Get the session object. This will automatically look for a signed session
- * sent via the signed_request, Cookie or Query Parameters if needed.
- *
- * @return Array the session
- */
- public function getSession() {
- if (!$this->sessionLoaded) {
- $session = null;
- $write_cookie = true;
-
- // try loading session from signed_request in $_REQUEST
- $signedRequest = $this->getSignedRequest();
- if ($signedRequest) {
- // sig is good, use the signedRequest
- $session = $this->createSessionFromSignedRequest($signedRequest);
- }
-
- // try loading session from $_REQUEST
- if (!$session && isset($_REQUEST['session'])) {
- $session = json_decode(
- get_magic_quotes_gpc()
- ? stripslashes($_REQUEST['session'])
- : $_REQUEST['session'],
- true
- );
- $session = $this->validateSessionObject($session);
- }
-
- // try loading session from cookie if necessary
- if (!$session && $this->useCookieSupport()) {
- $cookieName = $this->getSessionCookieName();
- if (isset($_COOKIE[$cookieName])) {
- $session = array();
- parse_str(trim(
- get_magic_quotes_gpc()
- ? stripslashes($_COOKIE[$cookieName])
- : $_COOKIE[$cookieName],
- '"'
- ), $session);
- $session = $this->validateSessionObject($session);
- // write only if we need to delete a invalid session cookie
- $write_cookie = empty($session);
- }
- }
-
- $this->setSession($session, $write_cookie);
- }
-
- return $this->session;
- }
-
- /**
- * Get the UID from the session.
- *
- * @return String the UID if available
- */
- public function getUser() {
- $session = $this->getSession();
- return $session ? $session['uid'] : null;
- }
-
- /**
- * Gets a OAuth access token.
- *
- * @return String the access token
- */
- public function getAccessToken() {
- $session = $this->getSession();
- // either user session signed, or app signed
- if ($session) {
- return $session['access_token'];
- } else {
- return $this->getAppId() .'|'. $this->getApiSecret();
- }
- }
-
- /**
- * Get a Login URL for use with redirects. By default, full page redirect is
- * assumed. If you are using the generated URL with a window.open() call in
- * JavaScript, you can pass in display=popup as part of the $params.
- *
- * The parameters:
- * - next: the url to go to after a successful login
- * - cancel_url: the url to go to after the user cancels
- * - req_perms: comma separated list of requested extended perms
- * - display: can be "page" (default, full page) or "popup"
- *
- * @param Array $params provide custom parameters
- * @return String the URL for the login flow
- */
- public function getLoginUrl($params=array()) {
- $currentUrl = $this->getCurrentUrl();
- return $this->getUrl(
- 'www',
- 'login.php',
- array_merge(array(
- 'api_key' => $this->getAppId(),
- 'cancel_url' => $currentUrl,
- 'display' => 'page',
- 'fbconnect' => 1,
- 'next' => $currentUrl,
- 'return_session' => 1,
- 'session_version' => 3,
- 'v' => '1.0',
- ), $params)
- );
- }
-
- /**
- * Get a Logout URL suitable for use with redirects.
- *
- * The parameters:
- * - next: the url to go to after a successful logout
- *
- * @param Array $params provide custom parameters
- * @return String the URL for the logout flow
- */
- public function getLogoutUrl($params=array()) {
- return $this->getUrl(
- 'www',
- 'logout.php',
- array_merge(array(
- 'next' => $this->getCurrentUrl(),
- 'access_token' => $this->getAccessToken(),
- ), $params)
- );
- }
-
- /**
- * Get a login status URL to fetch the status from facebook.
- *
- * The parameters:
- * - ok_session: the URL to go to if a session is found
- * - no_session: the URL to go to if the user is not connected
- * - no_user: the URL to go to if the user is not signed into facebook
- *
- * @param Array $params provide custom parameters
- * @return String the URL for the logout flow
- */
- public function getLoginStatusUrl($params=array()) {
- return $this->getUrl(
- 'www',
- 'extern/login_status.php',
- array_merge(array(
- 'api_key' => $this->getAppId(),
- 'no_session' => $this->getCurrentUrl(),
- 'no_user' => $this->getCurrentUrl(),
- 'ok_session' => $this->getCurrentUrl(),
- 'session_version' => 3,
- ), $params)
- );
- }
-
- /**
- * Make an API call.
- *
- * @param Array $params the API call parameters
- * @return the decoded response
- */
- public function api(/* polymorphic */) {
- $args = func_get_args();
- if (is_array($args[0])) {
- return $this->_restserver($args[0]);
- } else {
- return call_user_func_array(array($this, '_graph'), $args);
- }
- }
-
- /**
- * Invoke the old restserver.php endpoint.
- *
- * @param Array $params method call object
- * @return the decoded response object
- * @throws FacebookApiException
- */
- protected function _restserver($params) {
- // generic application level parameters
- $params['api_key'] = $this->getAppId();
- $params['format'] = 'json-strings';
-
- $result = json_decode($this->_oauthRequest(
- $this->getApiUrl($params['method']),
- $params
- ), true);
-
- // results are returned, errors are thrown
- if (is_array($result) && isset($result['error_code'])) {
- throw new FacebookApiException($result);
- }
- return $result;
- }
-
- /**
- * Invoke the Graph API.
- *
- * @param String $path the path (required)
- * @param String $method the http method (default 'GET')
- * @param Array $params the query/post data
- * @return the decoded response object
- * @throws FacebookApiException
- */
- protected function _graph($path, $method='GET', $params=array()) {
- if (is_array($method) && empty($params)) {
- $params = $method;
- $method = 'GET';
- }
- $params['method'] = $method; // method override as we always do a POST
-
- $result = json_decode($this->_oauthRequest(
- $this->getUrl('graph', $path),
- $params
- ), true);
-
- // results are returned, errors are thrown
- if (is_array($result) && isset($result['error'])) {
- $e = new FacebookApiException($result);
- switch ($e->getType()) {
- // OAuth 2.0 Draft 00 style
- case 'OAuthException':
- // OAuth 2.0 Draft 10 style
- case 'invalid_token':
- $this->setSession(null);
- }
- throw $e;
- }
- return $result;
- }
-
- /**
- * Make a OAuth Request
- *
- * @param String $path the path (required)
- * @param Array $params the query/post data
- * @return the decoded response object
- * @throws FacebookApiException
- */
- protected function _oauthRequest($url, $params) {
- if (!isset($params['access_token'])) {
- $params['access_token'] = $this->getAccessToken();
- }
-
- // json_encode all params values that are not strings
- foreach ($params as $key => $value) {
- if (!is_string($value)) {
- $params[$key] = json_encode($value);
- }
- }
- return $this->makeRequest($url, $params);
- }
-
- /**
- * Makes an HTTP request. This method can be overriden by subclasses if
- * developers want to do fancier things or use something other than curl to
- * make the request.
- *
- * @param String $url the URL to make the request to
- * @param Array $params the parameters to use for the POST body
- * @param CurlHandler $ch optional initialized curl handle
- * @return String the response text
- */
- protected function makeRequest($url, $params, $ch=null) {
- if (!$ch) {
- $ch = curl_init();
- }
-
- $opts = self::$CURL_OPTS;
- if ($this->useFileUploadSupport()) {
- $opts[CURLOPT_POSTFIELDS] = $params;
- } else {
- $opts[CURLOPT_POSTFIELDS] = http_build_query($params, null, '&');
- }
- $opts[CURLOPT_URL] = $url;
-
- // disable the 'Expect: 100-continue' behaviour. This causes CURL to wait
- // for 2 seconds if the server does not support this header.
- if (isset($opts[CURLOPT_HTTPHEADER])) {
- $existing_headers = $opts[CURLOPT_HTTPHEADER];
- $existing_headers[] = 'Expect:';
- $opts[CURLOPT_HTTPHEADER] = $existing_headers;
- } else {
- $opts[CURLOPT_HTTPHEADER] = array('Expect:');
- }
-
- curl_setopt_array($ch, $opts);
- $result = curl_exec($ch);
-
- if (curl_errno($ch) == 60) { // CURLE_SSL_CACERT
- self::errorLog('Invalid or no certificate authority found, using bundled information');
- curl_setopt($ch, CURLOPT_CAINFO,
- dirname(__FILE__) . '/fb_ca_chain_bundle.crt');
- $result = curl_exec($ch);
- }
-
- if ($result === false) {
- $e = new FacebookApiException(array(
- 'error_code' => curl_errno($ch),
- 'error' => array(
- 'message' => curl_error($ch),
- 'type' => 'CurlException',
- ),
- ));
- curl_close($ch);
- throw $e;
- }
- curl_close($ch);
- return $result;
- }
-
- /**
- * The name of the Cookie that contains the session.
- *
- * @return String the cookie name
- */
- protected function getSessionCookieName() {
- return 'fbs_' . $this->getAppId();
- }
-
- /**
- * Set a JS Cookie based on the _passed in_ session. It does not use the
- * currently stored session -- you need to explicitly pass it in.
- *
- * @param Array $session the session to use for setting the cookie
- */
- protected function setCookieFromSession($session=null) {
- if (!$this->useCookieSupport()) {