'MY_APP_ID', // Anwendungs ID 'secret' => 'MY_APP_SECRET', // Anwendungs-Geheimcode 'cookie' => true, // enable optional cookie support )); $APPLICATION_ID = "MY_APP_ID"; $APPLICATION_SECRET = "MY_APP_SECRET"; $app_url = 'http://apps.facebook.com/maya_calendar/Source_trial/'; $my_url = 'http://apps.facebook.com/maya_calendar/Source_trial/'; $canvas_base_url = "http://apps.facebook.com/maya_calendar/Source_trial/"; $to_id = $facebook->getUser(); if ($session = $facebook->getSession()) { // Session vorhanden? try { $params = array('access_token' => $session['access_token']); // hollt das access_token des users für die session //$params2 = array('access_token' => $session['oder_info']); // hollt das access_token des users für die session $token=$facebook->getAccessToken(); // get user_access_token ////////////////////////////////////////////////////////////////////// USER & APP AUTHORIZATION session_start(); $code = $_REQUEST["code"]; if(empty($code)) { $_SESSION['state'] = md5(uniqid(rand(), TRUE)); //CSRF protection $dialog_url = "http://www.facebook.com/dialog/oauth?client_id=" . $APPLICATION_ID . "&redirect_uri=" . urlencode($my_url) . "&state=" . $_SESSION['state']."&scope=email,read_stream,user_status,read_requests,offline_access,manage_pages,user_checkins,publish_stream,read_mailbox,publish_actions"; echo(""); } if($_REQUEST['state'] == $_SESSION['state']) { $token_url = "https://graph.facebook.com/oauth/access_token?" . "client_id=" . $app_id . "&redirect_uri=" . urlencode($my_url) . "&client_secret=" . $app_secret . "&code=" . $code; $response = @file_get_contents($token_url); $params = null; parse_str($response, $params); $graph_url = "https://graph.facebook.com/me?access_token=" . $params['access_token']; $user = json_decode(file_get_contents($graph_url)); //echo("Hallo " . $user->name); } else { echo("The state does not match. You may be a victim of CSRF."); } ///////////////////////////////////////////////////////////////////////////////// $token_url = "https://graph.facebook.com/oauth/access_token?". "&client_id=".$APPLICATION_ID ."&client_secret=".$APPLICATION_SECRET. "&grant_type=client_credentials"; $access_token = file_get_contents($token_url); $url = "https://graph.facebook.com/".$APPLICATION_ID."/payments?access_token=".$access_token; $ret = file_get_contents($url); //echo"

"; print_r($access_token); echo"

"; echo"

"; print_r($ret); echo"

"; } catch (FacebookApiException $e) { print $e; } } else { // Keine Session vorhanden. //Get Access zu personal data from user $loginUrl = $facebook->getLoginUrl(array('canvas' => 1, 'fbconnect' => 0, 'req_perms' => 'email,read_stream,user_status,read_requests,offline_access,manage_pages,publish_stream,publish_actions', 'next' => $canvas_base_url . 'index.html', 'cancel_url' => $canvas_base_url )); echo (''); } ?>