Pastebin launched a little side project called VERYVIRAL.com, check it out ;-) Want more features on Pastebin? Sign Up, it's FREE!
Guest

fb_login

By: a guest on Jan 26th, 2012  |  syntax: PHP  |  size: 4.14 KB  |  views: 35  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. <?php
  2. require 'libs/facebook.php';
  3.  
  4. function parse_signed_request($signed_request, $secret) {
  5.     list($encoded_sig, $payload) = explode('.', $signed_request, 2);
  6.  
  7.     // decode the data
  8.     $sig = base64_url_decode($encoded_sig);
  9.     $data = json_decode(base64_url_decode($payload), true);
  10.  
  11.     if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
  12.       error_log('Unknown algorithm. Expected HMAC-SHA256');
  13.       return null;
  14.     }
  15.  
  16.     // check sig
  17.     $expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
  18.     if ($sig !== $expected_sig) {
  19.       error_log('Bad Signed JSON signature!');
  20.       return null;
  21.     }
  22.  
  23.     return $data;
  24.   }
  25.     function base64_url_decode($input) {
  26.     return base64_decode(strtr($input, '-_', '+/'));
  27.   }
  28.  
  29.  
  30. $facebook = new Facebook(array(
  31.   'appId'  => 'MY_APP_ID', // Anwendungs ID
  32.   'secret' => 'MY_APP_SECRET', // Anwendungs-Geheimcode
  33.   'cookie' => true, // enable optional cookie support
  34. ));
  35. $APPLICATION_ID = "MY_APP_ID";
  36. $APPLICATION_SECRET = "MY_APP_SECRET";
  37. $app_url = 'http://apps.facebook.com/maya_calendar/Source_trial/';
  38. $my_url = 'http://apps.facebook.com/maya_calendar/Source_trial/';
  39. $canvas_base_url = "http://apps.facebook.com/maya_calendar/Source_trial/";
  40. $to_id = $facebook->getUser();
  41.  
  42. if ($session = $facebook->getSession()) { // Session vorhanden?
  43.   try {
  44.           $params = array('access_token' => $session['access_token']);          // hollt das access_token des users für die session
  45.         //$params2 = array('access_token' => $session['oder_info']);            // hollt das access_token des users für die session
  46.         $token=$facebook->getAccessToken();             // get user_access_token
  47.         //////////////////////////////////////////////////////////////////////  USER & APP AUTHORIZATION
  48.                 session_start();
  49.                 $code = $_REQUEST["code"];
  50.                 if(empty($code)) {
  51.                  $_SESSION['state'] = md5(uniqid(rand(), TRUE)); //CSRF protection
  52.                  $dialog_url = "http://www.facebook.com/dialog/oauth?client_id="
  53.                    . $APPLICATION_ID . "&redirect_uri=" . urlencode($my_url) . "&state="
  54.                    . $_SESSION['state']."&scope=email,read_stream,user_status,read_requests,offline_access,manage_pages,user_checkins,publish_stream,read_mailbox,publish_actions";
  55.  
  56.                  echo("<script> top.location.href='" . $dialog_url . "'</script>");
  57.            }
  58.                           if($_REQUEST['state'] == $_SESSION['state']) {
  59.                  $token_url = "https://graph.facebook.com/oauth/access_token?"
  60.                    . "client_id=" . $app_id . "&redirect_uri=" . urlencode($my_url)
  61.                    . "&client_secret=" . $app_secret . "&code=" . $code;
  62.  
  63.                  $response = @file_get_contents($token_url);
  64.                  $params = null;
  65.                  parse_str($response, $params);
  66.  
  67.                  $graph_url = "https://graph.facebook.com/me?access_token="
  68.                    . $params['access_token'];
  69.  
  70.                  $user = json_decode(file_get_contents($graph_url));
  71.                  //echo("Hallo " . $user->name);
  72.            }
  73.            else {
  74.                  echo("The state does not match. You may be a victim of CSRF.");
  75.            }
  76.         /////////////////////////////////////////////////////////////////////////////////
  77.         $token_url = "https://graph.facebook.com/oauth/access_token?".
  78.      "&client_id=".$APPLICATION_ID ."&client_secret=".$APPLICATION_SECRET.
  79.      "&grant_type=client_credentials";
  80.         $access_token = file_get_contents($token_url);
  81.  
  82.         $url = "https://graph.facebook.com/".$APPLICATION_ID."/payments?access_token=".$access_token;                  
  83.         $ret = file_get_contents($url);
  84.        
  85.         //echo"<pre>"; print_r($access_token); echo"</pre>";
  86.         echo"<pre>"; print_r($ret); echo"</pre>";
  87.  
  88.   } catch (FacebookApiException $e) {
  89.     print $e;
  90.   }
  91. } else { // Keine Session vorhanden.
  92.      //Get Access zu personal data from user
  93.      $loginUrl = $facebook->getLoginUrl(array('canvas' => 1,
  94.                                               'fbconnect' => 0,
  95.                                               'req_perms' => 'email,read_stream,user_status,read_requests,offline_access,manage_pages,publish_stream,publish_actions',
  96.                                               'next' => $canvas_base_url . 'index.html',
  97.                                               'cancel_url' => $canvas_base_url ));
  98.    
  99.      echo ('<script type="text/javascript">top.location.href=\''.$loginUrl.'\';</script>');
  100.        
  101.        
  102.  
  103. }
  104.  
  105.  
  106.  
  107.  
  108. ?>
clone this paste RAW Paste Data