fb-callback.php

1. <?php
2. //require_once 'init.php';
3. require_once '../usersc/init.php';
4.  
5. $db=DB::getInstance();
6.  
7. $settingsQ=$db->query("SELECT * FROM settings");
8. $settings=$settingsQ->first();
9.  
10. if(!isset($_SESSION)){session_start();}
11.  
12. $appID=$settings->fbid;
13. $secret=$settings->fbsecret;
14. $version=$settings->graph_ver;
15. $whereNext=$settings->finalredir;
16.  
17. //require_once("/src/Facebook/autoload.php");
18. require_once $abs_us_root.$us_url_root.'users/src/Facebook/autoload.php';
19. $fb = new Facebook\Facebook([
20. 'app_id' => $appID, // Replace {app-id} with your app id
21. 'app_secret' => $secret,
22. 'default_graph_version' => $version,
23. ]);
24.  
25. $helper = $fb->getRedirectLoginHelper();
26.  
27. try {
28. $accessToken = $helper->getAccessToken();
29. } catch(Facebook\Exceptions\FacebookResponseException $e) {
30. // When Graph returns an error
31. echo 'Graph returned an error: ' . $e->getMessage();
32. exit;
33. } catch(Facebook\Exceptions\FacebookSDKException $e) {
34. // When validation fails or other local issues
35. echo 'Facebook SDK returned an error: ' . $e->getMessage();
36. exit;
37. }
38.  
39. if (! isset($accessToken)) {
40. if ($helper->getError()) {
41. header('HTTP/1.0 401 Unauthorized');
42. echo "Error: " . $helper->getError() . "\n";
43. echo "Error Code: " . $helper->getErrorCode() . "\n";
44. echo "Error Reason: " . $helper->getErrorReason() . "\n";
45. echo "Error Description: " . $helper->getErrorDescription() . "\n";
46. } else {
47. header('HTTP/1.0 400 Bad Request');
48. echo 'Bad request';
49. }
50. exit;
51. }
52.  
53. // Logged in
54. //echo '<h3>Access Token</h3>';
55. //var_dump($accessToken->getValue());
56.  
57. // The OAuth 2.0 client handler helps us manage access tokens
58. $oAuth2Client = $fb->getOAuth2Client();
59.  
60. // Get the access token metadata from /debug_token
61. $tokenMetadata = $oAuth2Client->debugToken($accessToken);
62. //echo '<h3>Metadata</h3>';
63. //var_dump($tokenMetadata);
64.  
65. // Validation (these will throw FacebookSDKException's when they fail)
66. $tokenMetadata->validateAppId($appID); // Replace {app-id} with your app id
67. // If you know the user ID this access token belongs to, you can validate it here
68. //$tokenMetadata->validateUserId('123');
69. $tokenMetadata->validateExpiration();
70.  
71. if (! $accessToken->isLongLived()) {
72. // Exchanges a short-lived access token for a long-lived one
73. try {
74. $accessToken = $oAuth2Client->getLongLivedAccessToken($accessToken);
75. } catch (Facebook\Exceptions\FacebookSDKException $e) {
76. echo "<p>Error getting long-lived access token: " . $helper->getMessage() . "</p>\n\n";
77. exit;
78. }
79.  
80. echo '<h3>Long-lived</h3>';
81. var_dump($accessToken->getValue());
82. }
83.  
84. $_SESSION['fb_access_token'] = (string) $accessToken;
85.  
86. // User is logged in with a long-lived access token.
87. // You can redirect them to a members-only page.
88. //header('Location: https://example.com/members.php');
89. try {
90. // Returns a `Facebook\FacebookResponse` object
91. $response = $fb->get('/me?fields=id,name,email', $_SESSION['fb_access_token']);
92. } catch(Facebook\Exceptions\FacebookResponseException $e) {
93. echo 'Graph returned an error: ' . $e->getMessage();
94. exit;
95. } catch(Facebook\Exceptions\FacebookSDKException $e) {
96. echo 'Facebook SDK returned an error: ' . $e->getMessage();
97. exit;
98. }
99.  
100. $fbuser = $response->getGraphUser();
101.  
102. //In case you want to test what you get back from FriendFace
103. // var_dump($user);
104. // echo 'Name: ' . $fbuser['name'];
105. // echo '<br>email: ' . $fbuser['email'];
106. // echo '<br>id: ' . $fbuser['id'];
107.  
108. //Facebook Authenticated - Let's do something with that info
109.  
110. //Check to see if the user has an account
111. $fbEmail = $fbuser['email'];
112.  
113.  
114. $checkExistingQ = $db->query("SELECT * FROM users WHERE email = ?",array ($fbEmail));
115.  
116. $CEQCount = $checkExistingQ->count();
117.  
118. //Existing UserSpice User Found
119. if ($CEQCount>0){
120. $checkExisting = $checkExistingQ->first();
121. $newLoginCount = $checkExisting->logins+1;
122. $newLastLogin = date("Y-m-d H:i:s");
123.  
124. $fields=array('fb_uid'=>$fbuser['id'], 'logins'=>$newLoginCount, 'last_login'=>$newLastLogin);
125.  
126. $db->update('users',$checkExisting->id,$fields);
127. $_SESSION["user"] = $checkExisting->id;
128.  
129. Redirect::to('account.php');
130. }else{
131. // //No Existing UserSpice User Found
132. // if ($CEQCount<0){
133. $fbpassword = password_hash(Token::generate(),PASSWORD_BCRYPT,array('cost' => 12));
134. $date = date("Y-m-d H:i:s");
135. $fbname = $fbuser['name'];
136. $fields=array('email'=>$fbEmail,'username'=>$fbEmail,'fname'=>$fbname,'lname'=>'','permissions'=>1,'logins'=>1,'company'=>'none','join_date'=>$date,'last_login'=>$date,'email_verified'=>1,'password'=>$fbpassword,'fb_uid'=>$fbuser['id']);
137.  
138. $db->insert('users',$fields);
139. $lastID = $db->lastId();
140.  
141. $insert2 = $db->query("INSERT INTO user_permission_matches SET user_id = $lastID, permission_id = 1");
142. $insert3 = $db->query("INSERT INTO profiles SET user_id = $lastID, bio = 'This is your bio'");
143.  
144. $_SESSION["user"] = $lastID;
145. Redirect::to($whereNext);
146. }
147.  
148.  
149. ?>