Recent Facebook Posts - Version 1.0.5

Version Description

Added: More user-friendly error message when cURL is not enabled on your server.

Release Info

Developer	DvanKooten
Plugin	Recent Facebook Posts
Version	1.0.5
Comparing to
See all releases

Version 1.0.5

Files changed (14) hide show

classes/class-rfb-admin.php +107 -0
classes/class-rfb-widget.php +163 -0
classes/class-rfb.php +166 -0
classes/facebook-php-sdk/base_facebook.php +1425 -0
classes/facebook-php-sdk/facebook.php +160 -0
classes/facebook-php-sdk/fb_ca_chain_bundle.crt +121 -0
css/admin.css +27 -0
css/rfb.css +14 -0
img/fb-sprite.png +0 -0
readme.txt +114 -0
recent-facebook-posts.php +39 -0
screenshot-1.png +0 -0
screenshot-2.png +0 -0
views/settings_page.html.php +132 -0

classes/class-rfb-admin.php ADDED Viewed

	@@ -0,0 +1,107 @@


1	+ <?php
2	+
3	+ class RFB_Admin {
4	+
5	+ public function __construct($RFB) {
6	+ global $pagenow;
7	+
8	+ add_action('admin_init', array(&$this, 'register_settings'));
9	+ add_action('admin_menu', array(&$this, 'build_menu'));
10	+
11	+ add_filter("plugin_action_links_recent-facebook-posts/recent-facebook-posts.php", array(&$this, 'add_settings_link'));
12	+
13	+ $this->RFB = $RFB;
14	+
15	+ if(isset($_GET['rfb_renew_access_token'])) {
16	+ $this->renew_access_token();
17	+ }
18	+
19	+ if(isset($_GET['page']) && $_GET['page'] == 'rfb-settings') {
20	+ $this->handle_requests();
21	+ }
22	+ }
23	+
24	+ private function renew_access_token() {
25	+ $fb = $this->RFB->get_fb_instance();
26	+
27	+ // Get Facebook User ID
28	+ $user = $fb->getUser();
29	+
30	+ if($user) {
31	+ $access_token = $fb->getAccessToken();
32	+ // store access token for later usage
33	+ update_option('rfb_access_token', $access_token);
34	+ }
35	+ }
36	+
37	+ public function register_settings() {
38	+ register_setting('rfb_settings_group', 'rfb_settings');
39	+ }
40	+
41	+ public function build_menu() {
42	+ $page = add_options_page('Recent Facebook Posts - Settings','Recent Facebook Posts','manage_options','rfb-settings',array($this, 'settings_page'));
43	+ add_action( 'admin_print_styles-' . $page, array(&$this, 'load_css') );
44	+ }
45	+
46	+ public function load_css() {
47	+ wp_enqueue_style( 'rfb_admin_css', plugins_url('recent-facebook-posts/css/admin.css') );
48	+ }
49	+
50	+ public function settings_page () {
51	+
52	+ $opts = $this->RFB->get_options();
53	+ $curl = extension_loaded('curl');
54	+ $fb = $this->RFB->get_fb_instance();
55	+ //update_option('rfb_access_token', '');
56	+ $access_token = get_option('rfb_access_token');
57	+ $connected = false;
58	+
59	+ // try to fetch a test post
60	+ if($curl && $access_token) {
61	+ $fb->setAccessToken($access_token);
62	+
63	+ $connected = $fb->getUser();
64	+
65	+ if($connected) {
66	+ try {
67	+ $try = $fb->api('/' . $opts['fb_id'] . '/posts?limit=1');
68	+ } catch(Exception $e) {
69	+ $connected = false;
70	+ $error = $e;
71	+ }
72	+ }
73	+ }
74	+
75	+ // check if cache directory is writable
76	+ $cache_dir = dirname(__FILE__) . '/../cache/';
77	+ $cache_file = dirname(__FILE__) . '/../cache/posts.cache';
78	+
79	+ if(!is_writable($cache_dir)) {
80	+ $cache_error = 'The cache directory (<i>'. ABSPATH . 'wp-content/plugins/recent-facebook-posts/cache/</i>) is not writable.';
81	+ } elseif(file_exists($cache_file) && !is_writable($cache_file)) {
82	+ $cache_error = 'The cache directory (<i>'. ABSPATH . 'wp-content/plugins/recent-facebook-posts/cache/posts.cache</i>) exists but is not writable.';
83	+ }
84	+
85	+
86	+ require dirname(__FILE__) . '/../views/settings_page.html.php';
87	+ }
88	+
89	+ public function handle_requests() {
90	+ if(isset($_POST['renew_cache'])) {
91	+ add_action('init', array($this->RFB, 'renew_cache_file'));
92	+ }
93	+ }
94	+
95	+
96	+ /**
97	+ * Adds the settings link on the plugin's overview page
98	+ * @param array $links Array containing all the settings links for the various plugins.
99	+ * @return array The new array containing all the settings links
100	+ */
101	+ function add_settings_link($links) {
102	+ $settings_link = '<a href="options-general.php?page=rfb-settings">Settings</a>';
103	+ array_unshift($links, $settings_link);
104	+
105	+ return $links;
106	+ }
107	+ }

classes/class-rfb-widget.php ADDED Viewed

	@@ -0,0 +1,163 @@


1	+ <?php
2	+
3	+ class RFB_Widget extends WP_Widget {
4	+
5	+ private $defaults = array(
6	+ 'title' => 'Recent Facebook posts',
7	+ 'number_of_posts' => 5,
8	+ 'excerpt_length' => 140,
9	+ 'show_comment_count' => false,
10	+ 'show_like_count' => false,
11	+ 'show_link' => false
12	+ );
13	+
14	+ public function __construct() {
15	+ parent::__construct(
16	+ 'rfb_widget', // Base ID
17	+ 'Recent Facebook Posts', // Name
18	+ array( 'description' => 'Lists a number of your most recent Facebook posts.' )
19	+ );
20	+ }
21	+
22	+ public function form( $instance ) {
23	+
24	+ $instance = array_merge($this->defaults, $instance);
25	+ extract($instance);
26	+
27	+ global $RFB;
28	+ $rfb_options = $RFB->get_options();
29	+
30	+ if(empty($rfb_options['app_id'])) { ?>
31	+ <p style="color:red;">You'll need to <a href="<?php echo get_admin_url(null, 'options-general.php?page=rfb-settings'); ?>">configure Recent Facebook Posts</a> in order for it to work.</p>
32	+ <?php } ?>
33	+ <p>
34	+ <label for="<?php echo $this->get_field_id( 'title' ); ?>"><?php _e( 'Title:' ); ?></label>
35	+ <input class="widefat" id="<?php echo $this->get_field_id( 'title' ); ?>" name="<?php echo $this->get_field_name( 'title' ); ?>" type="text" value="<?php echo esc_attr( $title ); ?>" />
36	+ </p>
37	+
38	+ <p>
39	+ <label for="<?php echo $this->get_field_id( 'number_of_posts' ); ?>"><?php _e( 'Number of posts:' ); ?></label>
40	+ <input class="widefat" id="<?php echo $this->get_field_id( 'number_of_posts' ); ?>" name="<?php echo $this->get_field_name( 'number_of_posts' ); ?>" type="text" value="<?php echo esc_attr( $number_of_posts ); ?>" />
41	+ </p>
42	+
43	+ <p>
44	+ <label for="<?php echo $this->get_field_id( 'excerpt_length' ); ?>"><?php _e( 'Excerpt length:' ); ?></label>
45	+ <input class="widefat" id="<?php echo $this->get_field_id( 'excerpt_length' ); ?>" name="<?php echo $this->get_field_name( 'excerpt_length' ); ?>" type="text" value="<?php echo esc_attr( $excerpt_length ); ?>" />
46	+ </p>
47	+
48	+ <p>
49	+ <input type="checkbox" id="<?php echo $this->get_field_id( 'show_like_count' ); ?>" name="<?php echo $this->get_field_name( 'show_like_count' ); ?>" value="1" <?php if($show_like_count) { ?>checked="1"<?php } ?> />
50	+ <label for="<?php echo $this->get_field_id( 'show_like_count' ); ?>"><?php _e( 'Show Like count?' ); ?></label>
51	+ </p>
52	+
53	+ <p>
54	+ <input type="checkbox" id="<?php echo $this->get_field_id( 'show_comment_count' ); ?>" name="<?php echo $this->get_field_name( 'show_comment_count' ); ?>" value="1" <?php if($show_comment_count) { ?>checked="1"<?php } ?> />
55	+ <label for="<?php echo $this->get_field_id( 'show_comment_count' ); ?>"><?php _e( 'Show Comment count?' ); ?></label>
56	+ </p>
57	+
58	+ <p>
59	+ <input type="checkbox" id="<?php echo $this->get_field_id( 'show_link' ); ?>" name="<?php echo $this->get_field_name( 'show_link' ); ?>" value="1" <?php if($show_link) { ?>checked="1"<?php } ?> />
60	+ <label for="<?php echo $this->get_field_id( 'show_link' ); ?>"><?php _e( 'Show a link to Facebook page?' ); ?></label>
61	+ </p>
62	+
63	+ <p style="border: 2px solid green; font-weight:bold; background: #CFC; padding:5px; ">I spent countless hours developing (and offering support) for this plugin for FREE. If you like it, consider <a href="http://dannyvankooten.com/donate/">donating $10, $20 or $50</a> as a token of your appreciation.</p>
64	+
65	+ <?php
66	+ }
67	+
68	+ public function update( $new_instance, $old_instance ) {
69	+ $instance = array();
70	+ $instance['title'] = strip_tags( $new_instance['title'] );
71	+ $instance['number_of_posts'] = (int) strip_tags( $new_instance['number_of_posts'] );
72	+ $instance['excerpt_length'] = (int) strip_tags($new_instance['excerpt_length']);
73	+ $instance['show_like_count'] = isset($new_instance['show_like_count']);
74	+ $instance['show_comment_count'] = isset($new_instance['show_comment_count']);
75	+ $instance['show_link'] = isset($new_instance['show_link']);
76	+ return $instance;
77	+ }
78	+
79	+ public function widget( $args, $instance ) {
80	+ global $RFB;
81	+
82	+ $opts = $RFB->get_options();
83	+ $posts = $RFB->get_posts();
84	+ $posts = array_slice($posts, 0, $instance['number_of_posts']);
85	+
86	+ extract( $args );
87	+ $instance = array_merge($this->defaults, $instance);
88	+ extract($instance);
89	+
90	+ $title = apply_filters( 'widget_title', $instance['title'] );
91	+
92	+ echo $before_widget;
93	+ if ( ! empty( $title ) )
94	+ echo $before_title . $title . $after_title; ?>
95	+ <ul class="rfb_posts">
96	+ <?php foreach($posts as $post) { ?>
97	+ <?php
98	+ $content = $post['content'];
99	+ $shortened = false;
100	+
101	+ if(strlen($content) > $instance['excerpt_length']) {
102	+ $limit = strpos($post['content'], ' ',$instance['excerpt_length']);
103	+ if($limit) {
104	+ $content = substr($post['content'], 0, $limit);
105	+ $shortened = true;
106	+ }
107	+ }
108	+
109	+ ?>
110	+ <li>
111	+ <p class="rfb_text"><?php echo nl2br(make_clickable($content)); if($shortened) echo '..'; ?></p>
112	+ <?php if(isset($post['image']) && $post['image']) { ?><p class="rfb_image"><a target="_blank" href="<?php echo $post['link']; ?>" rel="nofollow"><img src="<?php echo $post['image']; ?>" alt="" /></a></p><?php } ?>
113	+ <p><a target="_blank" class="rfb_link" href="<?php echo $post['link']; ?>" rel="nofollow">
114	+ <?php if($show_like_count \|\| $show_comment_count) { ?><span class="like_count_and_comment_count"><?php } ?>
115	+ <?php if($show_like_count) { ?><span class="like_count"><?php echo $post['like_count']; ?> <span>likes</span></span> <?php } ?>
116	+ <?php if($show_comment_count) { ?><span class="comment_count"><?php echo $post['comment_count']; ?> <span>comments</span></span> <?php } ?>
117	+ <?php if($show_like_count \|\| $show_comment_count) { ?></span><?php } ?>
118	+ <span class="timestamp" title="<?php echo date('l, F j, Y', $post['timestamp']) . ' at ' . date('G:i', $post['timestamp']); ?>" ><?php if($show_like_count \|\| $show_comment_count) { ?> · <?php } ?><span><?php echo $this->time_ago($post['timestamp']); ?></span></span>
119	+ </a></p>
120	+ </li>
121	+ <?php }
122	+
123	+ if(empty($posts)) { ?>
124	+ <li>
125	+ <p>No recent Facebook status updates to show.</p>
126	+ <?php if(current_user_can('manage_options')) { ?><p><strong>Admins only notice:</strong> Did you <a href="<?php echo get_admin_url(null,'options-general.php?page=rfb-settings'); ?>">configure the plugin</a> properly?<?php } ?></p>
127	+ </li>
128	+
129	+ <?php } ?>
130	+ </ul>
131	+
132	+ <?php if($show_link) { ?>
133	+ <p><a href="http://www.facebook.com/<?php echo $opts['fb_id']; ?>/" rel="external nofollow"><?php echo strip_tags($opts['link_text']); ?></a>.</p>
134	+ <?php } ?>
135	+
136	+ <?php
137	+
138	+ echo $after_widget;
139	+ }
140	+
141	+ private function time_ago($timestamp) {
142	+ $diff = time() - (int) $timestamp;
143	+
144	+ if ($diff == 0)
145	+ return 'just now';
146	+
147	+ $intervals = array
148	+ (
149	+ 1 => array('year', 31556926),
150	+ $diff < 31556926 => array('month', 2628000),
151	+ $diff < 2629744 => array('week', 604800),
152	+ $diff < 604800 => array('day', 86400),
153	+ $diff < 86400 => array('hour', 3600),
154	+ $diff < 3600 => array('minute', 60),
155	+ $diff < 60 => array('second', 1)
156	+ );
157	+
158	+ $value = floor($diff/$intervals[1][1]);
159	+ return $value.' '.$intervals[1][0].($value > 1 ? 's' : '').' ago';
160	+
161	+ }
162	+
163	+ }

classes/class-rfb.php ADDED Viewed

	@@ -0,0 +1,166 @@


1	+ <?php
2	+
3	+ class RFB {
4	+
5	+ private static $instance;
6	+ private static $fb_instance;
7	+ private $defaults = array(
8	+ 'app_id' => '',
9	+ 'app_secret' => '',
10	+ 'fb_id' => 'DannyvanKootenCOM',
11	+ 'cache_time' => 1800,
12	+ 'load_css' => 0,
13	+ 'link_text' => 'Find us on Facebook'
14	+ );
15	+ private $options;
16	+
17	+ public static function get_instance() {
18	+ if(!self::$instance) self::$instance = new RFB();
19	+ return self::$instance;
20	+ }
21	+
22	+ public function __construct() {
23	+ add_action('wp_login', array($this, 'renew_access_token'));
24	+ add_action('init', array(&$this, 'on_init'));
25	+
26	+ // only on frontend
27	+ if(!is_admin()) {
28	+ $opts = $this->get_options();
29	+ if($opts['load_css']) {
30	+ add_action( 'wp_enqueue_scripts', array(&$this, 'load_css'));
31	+ }
32	+ }
33	+ }
34	+
35	+ public function on_init() {
36	+ if(!session_id() && !headers_sent()) {
37	+ session_start();
38	+ }
39	+ }
40	+
41	+ public function load_css() {
42	+ wp_register_style('rfb_css', plugins_url('recent-facebook-posts/css/rfb.css') );
43	+ wp_enqueue_style('rfb_css' );
44	+ }
45	+
46	+ public function get_options() {
47	+ if(!$this->options) {
48	+ $this->options = array_merge($this->defaults, (array) get_option('rfb_settings'));
49	+ }
50	+
51	+ return $this->options;
52	+ }
53	+
54	+ public function renew_access_token() {
55	+ // only run if this is an administrator.
56	+ $user = wp_get_current_user();
57	+
58	+ if(!user_can($user, 'manage_options')) return false;
59	+
60	+ $fb = $this->get_fb_instance();
61	+
62	+ // Get Facebook User ID
63	+ $fb_user = $fb->getUser();
64	+
65	+ if(!$fb_user) {
66	+
67	+ if(!headers_sent()) {
68	+ header("Location: ".$fb->getLoginUrl(array('redirect_uri' => get_admin_url() . '?rfb_renew_access_token')));
69	+ exit;
70	+ } else {
71	+ echo '<script type="text/javascript">window.location = \''. $fb->getLoginUrl(array('redirect_uri' => get_admin_url() . '?rfb_renew_access_token')) .'\';</script>';
72	+ exit;
73	+ }
74	+ }
75	+
76	+ return;
77	+ }
78	+
79	+ public function get_fb_instance() {
80	+ if(!self::$fb_instance) {
81	+ require dirname(__FILE__) . '/facebook-php-sdk/facebook.php';
82	+ $opts = $this->get_options();
83	+ self::$fb_instance = new Facebook(array(
84	+ 'appId' => $opts['app_id'],
85	+ 'secret' => $opts['app_secret'],
86	+ ));
87	+ }
88	+ return self::$fb_instance;
89	+ }
90	+
91	+ public function get_posts() {
92	+ $cache_file = dirname(__FILE__) . '/../cache/posts.cache';
93	+ $opts = $this->get_options();
94	+
95	+ // check if cache file exists
96	+ // check if cache file is exists for longer then the given expiration time
97	+ if(!file_exists($cache_file) \|\| (filemtime($cache_file) < (time() - $opts['cache_time']))) {
98	+ $this->renew_cache_file();
99	+
100	+ if(!file_exists($cache_file)) return array();
101	+ }
102	+
103	+ $posts = json_decode(file_get_contents($cache_file), true);
104	+ return $posts;
105	+ }
106	+
107	+ public function renew_cache_file() {
108	+ $opts = $this->get_options();
109	+ if(empty($opts['app_id']) \|\| empty($opts['fb_id'])) return false;
110	+
111	+ $access_token = get_option('rfb_access_token');
112	+ if(!$access_token) {
113	+
114	+ $access_token = $this->renew_access_token();
115	+ if(!$access_token) return false;
116	+ }
117	+
118	+ $fb = $this->get_fb_instance();
119	+ $fb->setAccessToken($access_token);
120	+
121	+ if(!$fb->getUser()) return false;
122	+
123	+ $apiResult = $fb->api($opts['fb_id'].'/posts', "GET", array(
124	+ 'limit' => 250
125	+ )
126	+ );
127	+
128	+ if(!$apiResult or !is_array($apiResult) or !isset($apiResult['data']) or !is_array($apiResult['data'])) { return false; }
129	+
130	+ $data = array();
131	+ foreach($apiResult['data'] as $p) {
132	+ if(!isset($p['message']) \|\| empty($p['message'])) continue;
133	+
134	+ //split user and post ID (userID_postID)
135	+ $idArray = explode("_", $p['id']);
136	+
137	+ $post = array();
138	+ $post['author'] = $p['from'];
139	+ $post['content'] = $p['message'];
140	+
141	+
142	+ if($p['type'] == 'photo') {
143	+ $post['image'] = $p['picture'];
144	+ } else {
145	+ $post['image'] = null;
146	+ }
147	+
148	+ $post['timestamp'] = strtotime($p['created_time']);
149	+ $post['like_count'] = (isset($p['likes'])) ? $p['likes']['count'] : 0;
150	+ $post['comment_count'] = (isset($p['comments'])) ? $p['comments']['count'] : 0;
151	+ $post['link'] = "http://www.facebook.com/".$opts['fb_id']."/posts/".$idArray[1];
152	+ $data[] = $post;
153	+
154	+ }
155	+
156	+ $data = json_encode($data);
157	+ $cache_file = dirname(__FILE__) . '/../cache/posts.cache';
158	+
159	+ if(!is_writable(dirname(__FILE__) . '/../cache/')) return false;
160	+
161	+ file_put_contents($cache_file, $data);
162	+
163	+ return true;
164	+ }
165	+
166	+ }

classes/facebook-php-sdk/base_facebook.php ADDED Viewed

	@@ -0,0 +1,1425 @@


1	+ <?php
2	+ /**
3	+ * Copyright 2011 Facebook, Inc.
4	+ *
5	+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
6	+ * not use this file except in compliance with the License. You may obtain
7	+ * a copy of the License at
8	+ *
9	+ * http://www.apache.org/licenses/LICENSE-2.0
10	+ *
11	+ * Unless required by applicable law or agreed to in writing, software
12	+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
13	+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
14	+ * License for the specific language governing permissions and limitations
15	+ * under the License.
16	+ */
17	+
18	+ if (!function_exists('curl_init')) {
19	+ throw new Exception('Facebook needs the CURL PHP extension.');
20	+ }
21	+ if (!function_exists('json_decode')) {
22	+ throw new Exception('Facebook needs the JSON PHP extension.');
23	+ }
24	+
25	+ /**
26	+ * Thrown when an API call returns an exception.
27	+ *
28	+ * @author Naitik Shah <naitik@facebook.com>
29	+ */
30	+ class FacebookApiException extends Exception
31	+ {
32	+ /**
33	+ * The result from the API server that represents the exception information.
34	+ */
35	+ protected $result;
36	+
37	+ /**
38	+ * Make a new API Exception with the given result.
39	+ *
40	+ * @param array $result The result from the API server
41	+ */
42	+ public function __construct($result) {
43	+ $this->result = $result;
44	+
45	+ $code = isset($result['error_code']) ? $result['error_code'] : 0;
46	+
47	+ if (isset($result['error_description'])) {
48	+ // OAuth 2.0 Draft 10 style
49	+ $msg = $result['error_description'];
50	+ } else if (isset($result['error']) && is_array($result['error'])) {
51	+ // OAuth 2.0 Draft 00 style
52	+ $msg = $result['error']['message'];
53	+ } else if (isset($result['error_msg'])) {
54	+ // Rest server style
55	+ $msg = $result['error_msg'];
56	+ } else {
57	+ $msg = 'Unknown Error. Check getResult()';
58	+ }
59	+
60	+ parent::__construct($msg, $code);
61	+ }
62	+
63	+ /**
64	+ * Return the associated result object returned by the API server.
65	+ *
66	+ * @return array The result from the API server
67	+ */
68	+ public function getResult() {
69	+ return $this->result;
70	+ }
71	+
72	+ /**
73	+ * Returns the associated type for the error. This will default to
74	+ * 'Exception' when a type is not available.
75	+ *
76	+ * @return string
77	+ */
78	+ public function getType() {
79	+ if (isset($this->result['error'])) {
80	+ $error = $this->result['error'];
81	+ if (is_string($error)) {
82	+ // OAuth 2.0 Draft 10 style
83	+ return $error;
84	+ } else if (is_array($error)) {
85	+ // OAuth 2.0 Draft 00 style
86	+ if (isset($error['type'])) {
87	+ return $error['type'];
88	+ }
89	+ }
90	+ }
91	+
92	+ return 'Exception';
93	+ }
94	+
95	+ /**
96	+ * To make debugging easier.
97	+ *
98	+ * @return string The string representation of the error
99	+ */
100	+ public function __toString() {
101	+ $str = $this->getType() . ': ';
102	+ if ($this->code != 0) {
103	+ $str .= $this->code . ': ';
104	+ }
105	+ return $str . $this->message;
106	+ }
107	+ }
108	+
109	+ /**
110	+ * Provides access to the Facebook Platform. This class provides
111	+ * a majority of the functionality needed, but the class is abstract
112	+ * because it is designed to be sub-classed. The subclass must
113	+ * implement the four abstract methods listed at the bottom of
114	+ * the file.
115	+ *
116	+ * @author Naitik Shah <naitik@facebook.com>
117	+ */
118	+ abstract class BaseFacebook
119	+ {
120	+ /**
121	+ * Version.
122	+ */
123	+ const VERSION = '3.2.0';
124	+
125	+ /**
126	+ * Signed Request Algorithm.
127	+ */
128	+ const SIGNED_REQUEST_ALGORITHM = 'HMAC-SHA256';
129	+
130	+ /**
131	+ * Default options for curl.
132	+ */
133	+ public static $CURL_OPTS = array(
134	+ CURLOPT_CONNECTTIMEOUT => 10,
135	+ CURLOPT_RETURNTRANSFER => true,
136	+ CURLOPT_TIMEOUT => 60,
137	+ CURLOPT_USERAGENT => 'facebook-php-3.2',
138	+ );
139	+
140	+ /**
141	+ * List of query parameters that get automatically dropped when rebuilding
142	+ * the current URL.
143	+ */
144	+ protected static $DROP_QUERY_PARAMS = array(
145	+ 'code',
146	+ 'state',
147	+ 'signed_request',
148	+ );
149	+
150	+ /**
151	+ * Maps aliases to Facebook domains.
152	+ */
153	+ public static $DOMAIN_MAP = array(
154	+ 'api' => 'https://api.facebook.com/',
155	+ 'api_video' => 'https://api-video.facebook.com/',
156	+ 'api_read' => 'https://api-read.facebook.com/',
157	+ 'graph' => 'https://graph.facebook.com/',
158	+ 'graph_video' => 'https://graph-video.facebook.com/',
159	+ 'www' => 'https://www.facebook.com/',
160	+ );
161	+
162	+ /**
163	+ * The Application ID.
164	+ *
165	+ * @var string
166	+ */
167	+ protected $appId;
168	+
169	+ /**
170	+ * The Application App Secret.
171	+ *
172	+ * @var string
173	+ */
174	+ protected $appSecret;
175	+
176	+ /**
177	+ * The ID of the Facebook user, or 0 if the user is logged out.
178	+ *
179	+ * @var integer
180	+ */
181	+ protected $user;
182	+
183	+ /**
184	+ * The data from the signed_request token.
185	+ */
186	+ protected $signedRequest;
187	+
188	+ /**
189	+ * A CSRF state variable to assist in the defense against CSRF attacks.
190	+ */
191	+ protected $state;
192	+
193	+ /**
194	+ * The OAuth access token received in exchange for a valid authorization
195	+ * code. null means the access token has yet to be determined.
196	+ *
197	+ * @var string
198	+ */
199	+ protected $accessToken = null;
200	+
201	+ /**
202	+ * Indicates if the CURL based @ syntax for file uploads is enabled.
203	+ *
204	+ * @var boolean
205	+ */
206	+ protected $fileUploadSupport = false;
207	+
208	+ /**
209	+ * Indicates if we trust HTTP_X_FORWARDED_* headers.
210	+ *
211	+ * @var boolean
212	+ */
213	+ protected $trustForwarded = false;
214	+
215	+ /**
216	+ * Initialize a Facebook Application.
217	+ *
218	+ * The configuration:
219	+ * - appId: the application ID
220	+ * - secret: the application secret
221	+ * - fileUpload: (optional) boolean indicating if file uploads are enabled
222	+ *
223	+ * @param array $config The application configuration
224	+ */
225	+ public function __construct($config) {
226	+ $this->setAppId($config['appId']);
227	+ $this->setAppSecret($config['secret']);
228	+ if (isset($config['fileUpload'])) {
229	+ $this->setFileUploadSupport($config['fileUpload']);
230	+ }
231	+ if (isset($config['trustForwarded']) && $config['trustForwarded']) {
232	+ $this->trustForwarded = true;
233	+ }
234	+ $state = $this->getPersistentData('state');
235	+ if (!empty($state)) {
236	+ $this->state = $state;
237	+ }
238	+ }
239	+
240	+ /**
241	+ * Set the Application ID.
242	+ *
243	+ * @param string $appId The Application ID
244	+ * @return BaseFacebook
245	+ */
246	+ public function setAppId($appId) {
247	+ $this->appId = $appId;
248	+ return $this;
249	+ }
250	+
251	+ /**
252	+ * Get the Application ID.
253	+ *
254	+ * @return string the Application ID
255	+ */
256	+ public function getAppId() {
257	+ return $this->appId;
258	+ }
259	+
260	+ /**
261	+ * Set the App Secret.
262	+ *
263	+ * @param string $apiSecret The App Secret
264	+ * @return BaseFacebook
265	+ * @deprecated
266	+ */
267	+ public function setApiSecret($apiSecret) {
268	+ $this->setAppSecret($apiSecret);
269	+ return $this;
270	+ }
271	+
272	+ /**
273	+ * Set the App Secret.
274	+ *
275	+ * @param string $appSecret The App Secret
276	+ * @return BaseFacebook
277	+ */
278	+ public function setAppSecret($appSecret) {
279	+ $this->appSecret = $appSecret;
280	+ return $this;
281	+ }
282	+
283	+ /**
284	+ * Get the App Secret.
285	+ *
286	+ * @return string the App Secret
287	+ * @deprecated
288	+ */
289	+ public function getApiSecret() {
290	+ return $this->getAppSecret();
291	+ }
292	+
293	+ /**
294	+ * Get the App Secret.
295	+ *
296	+ * @return string the App Secret
297	+ */
298	+ public function getAppSecret() {
299	+ return $this->appSecret;
300	+ }
301	+
302	+ /**
303	+ * Set the file upload support status.
304	+ *
305	+ * @param boolean $fileUploadSupport The file upload support status.
306	+ * @return BaseFacebook
307	+ */
308	+ public function setFileUploadSupport($fileUploadSupport) {
309	+ $this->fileUploadSupport = $fileUploadSupport;
310	+ return $this;
311	+ }
312	+
313	+ /**
314	+ * Get the file upload support status.
315	+ *
316	+ * @return boolean true if and only if the server supports file upload.
317	+ */
318	+ public function getFileUploadSupport() {
319	+ return $this->fileUploadSupport;
320	+ }
321	+
322	+ /**
323	+ * DEPRECATED! Please use getFileUploadSupport instead.
324	+ *
325	+ * Get the file upload support status.
326	+ *
327	+ * @return boolean true if and only if the server supports file upload.
328	+ */
329	+ public function useFileUploadSupport() {
330	+ return $this->getFileUploadSupport();
331	+ }
332	+
333	+ /**
334	+ * Sets the access token for api calls. Use this if you get
335	+ * your access token by other means and just want the SDK
336	+ * to use it.
337	+ *
338	+ * @param string $access_token an access token.
339	+ * @return BaseFacebook
340	+ */
341	+ public function setAccessToken($access_token) {
342	+ $this->accessToken = $access_token;
343	+ return $this;
344	+ }
345	+
346	+ /**
347	+ * Extend an access token, while removing the short-lived token that might
348	+ * have been generated via client-side flow. Thanks to http://bit.ly/b0Pt0H
349	+ * for the workaround.
350	+ */
351	+ public function setExtendedAccessToken() {
352	+ try {
353	+ // need to circumvent json_decode by calling _oauthRequest
354	+ // directly, since response isn't JSON format.
355	+ $access_token_response = $this->_oauthRequest(
356	+ $this->getUrl('graph', '/oauth/access_token'),
357	+ $params = array(
358	+ 'client_id' => $this->getAppId(),
359	+ 'client_secret' => $this->getAppSecret(),
360	+ 'grant_type' => 'fb_exchange_token',
361	+ 'fb_exchange_token' => $this->getAccessToken(),
362	+ )
363	+ );
364	+ }
365	+ catch (FacebookApiException $e) {
366	+ // most likely that user very recently revoked authorization.
367	+ // In any event, we don't have an access token, so say so.
368	+ return false;
369	+ }
370	+
371	+ if (empty($access_token_response)) {
372	+ return false;
373	+ }
374	+
375	+ $response_params = array();
376	+ parse_str($access_token_response, $response_params);
377	+
378	+ if (!isset($response_params['access_token'])) {
379	+ return false;
380	+ }
381	+
382	+ $this->destroySession();
383	+
384	+ $this->setPersistentData(
385	+ 'access_token', $response_params['access_token']
386	+ );
387	+ }
388	+
389	+ /**
390	+ * Determines the access token that should be used for API calls.
391	+ * The first time this is called, $this->accessToken is set equal
392	+ * to either a valid user access token, or it's set to the application
393	+ * access token if a valid user access token wasn't available. Subsequent
394	+ * calls return whatever the first call returned.
395	+ *
396	+ * @return string The access token
397	+ */
398	+ public function getAccessToken() {
399	+ if ($this->accessToken !== null) {
400	+ // we've done this already and cached it. Just return.
401	+ return $this->accessToken;
402	+ }
403	+
404	+ // first establish access token to be the application
405	+ // access token, in case we navigate to the /oauth/access_token
406	+ // endpoint, where SOME access token is required.
407	+ $this->setAccessToken($this->getApplicationAccessToken());
408	+ $user_access_token = $this->getUserAccessToken();
409	+ if ($user_access_token) {
410	+ $this->setAccessToken($user_access_token);
411	+ }
412	+
413	+ return $this->accessToken;
414	+ }
415	+
416	+ /**
417	+ * Determines and returns the user access token, first using
418	+ * the signed request if present, and then falling back on
419	+ * the authorization code if present. The intent is to
420	+ * return a valid user access token, or false if one is determined
421	+ * to not be available.
422	+ *
423	+ * @return string A valid user access token, or false if one
424	+ * could not be determined.
425	+ */
426	+ protected function getUserAccessToken() {
427	+ // first, consider a signed request if it's supplied.
428	+ // if there is a signed request, then it alone determines
429	+ // the access token.
430	+ $signed_request = $this->getSignedRequest();
431	+ if ($signed_request) {
432	+ // apps.facebook.com hands the access_token in the signed_request
433	+ if (array_key_exists('oauth_token', $signed_request)) {
434	+ $access_token = $signed_request['oauth_token'];
435	+ $this->setPersistentData('access_token', $access_token);
436	+ return $access_token;
437	+ }
438	+
439	+ // the JS SDK puts a code in with the redirect_uri of ''
440	+ if (array_key_exists('code', $signed_request)) {
441	+ $code = $signed_request['code'];
442	+ $access_token = $this->getAccessTokenFromCode($code, '');
443	+ if ($access_token) {
444	+ $this->setPersistentData('code', $code);
445	+ $this->setPersistentData('access_token', $access_token);
446	+ return $access_token;
447	+ }
448	+ }
449	+
450	+ // signed request states there's no access token, so anything
451	+ // stored should be cleared.
452	+ $this->clearAllPersistentData();
453	+ return false; // respect the signed request's data, even
454	+ // if there's an authorization code or something else
455	+ }
456	+
457	+ $code = $this->getCode();
458	+ if ($code && $code != $this->getPersistentData('code')) {
459	+ $access_token = $this->getAccessTokenFromCode($code);
460	+ if ($access_token) {
461	+ $this->setPersistentData('code', $code);
462	+ $this->setPersistentData('access_token', $access_token);
463	+ return $access_token;
464	+ }
465	+
466	+ // code was bogus, so everything based on it should be invalidated.
467	+ $this->clearAllPersistentData();
468	+ return false;
469	+ }
470	+
471	+ // as a fallback, just return whatever is in the persistent
472	+ // store, knowing nothing explicit (signed request, authorization
473	+ // code, etc.) was present to shadow it (or we saw a code in $_REQUEST,
474	+ // but it's the same as what's in the persistent store)
475	+ return $this->getPersistentData('access_token');
476	+ }
477	+
478	+ /**
479	+ * Retrieve the signed request, either from a request parameter or,
480	+ * if not present, from a cookie.
481	+ *
482	+ * @return string the signed request, if available, or null otherwise.
483	+ */
484	+ public function getSignedRequest() {
485	+ if (!$this->signedRequest) {
486	+ if (isset($_REQUEST['signed_request'])) {
487	+ $this->signedRequest = $this->parseSignedRequest(
488	+ $_REQUEST['signed_request']);
489	+ } else if (isset($_COOKIE[$this->getSignedRequestCookieName()])) {
490	+ $this->signedRequest = $this->parseSignedRequest(
491	+ $_COOKIE[$this->getSignedRequestCookieName()]);
492	+ }
493	+ }
494	+ return $this->signedRequest;
495	+ }
496	+
497	+ /**
498	+ * Get the UID of the connected user, or 0
499	+ * if the Facebook user is not connected.
500	+ *
501	+ * @return string the UID if available.
502	+ */
503	+ public function getUser() {
504	+ if ($this->user !== null) {
505	+ // we've already determined this and cached the value.
506	+ return $this->user;
507	+ }
508	+
509	+ return $this->user = $this->getUserFromAvailableData();
510	+ }
511	+
512	+ /**
513	+ * Determines the connected user by first examining any signed
514	+ * requests, then considering an authorization code, and then
515	+ * falling back to any persistent store storing the user.
516	+ *
517	+ * @return integer The id of the connected Facebook user,
518	+ * or 0 if no such user exists.
519	+ */
520	+ protected function getUserFromAvailableData() {
521	+ // if a signed request is supplied, then it solely determines
522	+ // who the user is.
523	+ $signed_request = $this->getSignedRequest();
524	+ if ($signed_request) {
525	+ if (array_key_exists('user_id', $signed_request)) {
526	+ $user = $signed_request['user_id'];
527	+ $this->setPersistentData('user_id', $signed_request['user_id']);
528	+ return $user;
529	+ }
530	+
531	+ // if the signed request didn't present a user id, then invalidate
532	+ // all entries in any persistent store.
533	+ $this->clearAllPersistentData();
534	+ return 0;
535	+ }
536	+
537	+ $user = $this->getPersistentData('user_id', $default = 0);
538	+ $persisted_access_token = $this->getPersistentData('access_token');
539	+
540	+ // use access_token to fetch user id if we have a user access_token, or if
541	+ // the cached access token has changed.
542	+ $access_token = $this->getAccessToken();
543	+ if ($access_token &&
544	+ $access_token != $this->getApplicationAccessToken() &&
545	+ !($user && $persisted_access_token == $access_token)) {
546	+ $user = $this->getUserFromAccessToken();
547	+ if ($user) {
548	+ $this->setPersistentData('user_id', $user);
549	+ } else {
550	+ $this->clearAllPersistentData();
551	+ }
552	+ }
553	+
554	+ return $user;
555	+ }
556	+
557	+ /**
558	+ * Get a Login URL for use with redirects. By default, full page redirect is
559	+ * assumed. If you are using the generated URL with a window.open() call in
560	+ * JavaScript, you can pass in display=popup as part of the $params.
561	+ *
562	+ * The parameters:
563	+ * - redirect_uri: the url to go to after a successful login
564	+ * - scope: comma separated list of requested extended perms
565	+ *
566	+ * @param array $params Provide custom parameters
567	+ * @return string The URL for the login flow
568	+ */
569	+ public function getLoginUrl($params=array()) {
570	+ $this->establishCSRFTokenState();
571	+ $currentUrl = $this->getCurrentUrl();
572	+
573	+ // if 'scope' is passed as an array, convert to comma separated list
574	+ $scopeParams = isset($params['scope']) ? $params['scope'] : null;
575	+ if ($scopeParams && is_array($scopeParams)) {
576	+ $params['scope'] = implode(',', $scopeParams);
577	+ }
578	+
579	+ return $this->getUrl(
580	+ 'www',
581	+ 'dialog/oauth',
582	+ array_merge(array(
583	+ 'client_id' => $this->getAppId(),
584	+ 'redirect_uri' => $currentUrl, // possibly overwritten
585	+ 'state' => $this->state),
586	+ $params));
587	+ }
588	+
589	+ /**
590	+ * Get a Logout URL suitable for use with redirects.
591	+ *
592	+ * The parameters:
593	+ * - next: the url to go to after a successful logout
594	+ *
595	+ * @param array $params Provide custom parameters
596	+ * @return string The URL for the logout flow
597	+ */
598	+ public function getLogoutUrl($params=array()) {
599	+ return $this->getUrl(
600	+ 'www',
601	+ 'logout.php',
602	+ array_merge(array(
603	+ 'next' => $this->getCurrentUrl(),
604	+ 'access_token' => $this->getUserAccessToken(),
605	+ ), $params)
606	+ );
607	+ }
608	+
609	+ /**
610	+ * Get a login status URL to fetch the status from Facebook.
611	+ *
612	+ * The parameters:
613	+ * - ok_session: the URL to go to if a session is found
614	+ * - no_session: the URL to go to if the user is not connected
615	+ * - no_user: the URL to go to if the user is not signed into facebook
616	+ *
617	+ * @param array $params Provide custom parameters
618	+ * @return string The URL for the logout flow
619	+ */
620	+ public function getLoginStatusUrl($params=array()) {
621	+ return $this->getUrl(
622	+ 'www',
623	+ 'extern/login_status.php',
624	+ array_merge(array(
625	+ 'api_key' => $this->getAppId(),
626	+ 'no_session' => $this->getCurrentUrl(),
627	+ 'no_user' => $this->getCurrentUrl(),
628	+ 'ok_session' => $this->getCurrentUrl(),
629	+ 'session_version' => 3,
630	+ ), $params)
631	+ );
632	+ }
633	+
634	+ /**
635	+ * Make an API call.
636	+ *
637	+ * @return mixed The decoded response
638	+ */
639	+ public function api(/* polymorphic */) {
640	+ $args = func_get_args();
641	+ if (is_array($args[0])) {
642	+ return $this->_restserver($args[0]);
643	+ } else {
644	+ return call_user_func_array(array($this, '_graph'), $args);
645	+ }
646	+ }
647	+
648	+ /**
649	+ * Constructs and returns the name of the cookie that
650	+ * potentially houses the signed request for the app user.
651	+ * The cookie is not set by the BaseFacebook class, but
652	+ * it may be set by the JavaScript SDK.
653	+ *
654	+ * @return string the name of the cookie that would house
655	+ * the signed request value.
656	+ */
657	+ protected function getSignedRequestCookieName() {
658	+ return 'fbsr_'.$this->getAppId();
659	+ }
660	+
661	+ /**
662	+ * Constructs and returns the name of the coookie that potentially contain
663	+ * metadata. The cookie is not set by the BaseFacebook class, but it may be
664	+ * set by the JavaScript SDK.
665	+ *
666	+ * @return string the name of the cookie that would house metadata.
667	+ */
668	+ protected function getMetadataCookieName() {
669	+ return 'fbm_'.$this->getAppId();
670	+ }
671	+
672	+ /**
673	+ * Get the authorization code from the query parameters, if it exists,
674	+ * and otherwise return false to signal no authorization code was
675	+ * discoverable.
676	+ *
677	+ * @return mixed The authorization code, or false if the authorization
678	+ * code could not be determined.
679	+ */
680	+ protected function getCode() {
681	+ if (isset($_REQUEST['code'])) {
682	+ if ($this->state !== null &&
683	+ isset($_REQUEST['state']) &&
684	+ $this->state === $_REQUEST['state']) {
685	+
686	+ // CSRF state has done its job, so clear it
687	+ $this->state = null;
688	+ $this->clearPersistentData('state');
689	+ return $_REQUEST['code'];
690	+ } else {
691	+ self::errorLog('CSRF state token does not match one provided.');
692	+ return false;
693	+ }
694	+ }
695	+
696	+ return false;
697	+ }
698	+
699	+ /**
700	+ * Retrieves the UID with the understanding that
701	+ * $this->accessToken has already been set and is
702	+ * seemingly legitimate. It relies on Facebook's Graph API
703	+ * to retrieve user information and then extract
704	+ * the user ID.
705	+ *
706	+ * @return integer Returns the UID of the Facebook user, or 0
707	+ * if the Facebook user could not be determined.
708	+ */
709	+ protected function getUserFromAccessToken() {
710	+ try {
711	+ $user_info = $this->api('/me');
712	+ return $user_info['id'];
713	+ } catch (FacebookApiException $e) {
714	+ return 0;
715	+ }
716	+ }
717	+
718	+ /**
719	+ * Returns the access token that should be used for logged out
720	+ * users when no authorization code is available.
721	+ *
722	+ * @return string The application access token, useful for gathering
723	+ * public information about users and applications.
724	+ */
725	+ protected function getApplicationAccessToken() {
726	+ return $this->appId.'\|'.$this->appSecret;
727	+ }
728	+
729	+ /**
730	+ * Lays down a CSRF state token for this process.
731	+ *
732	+ * @return void
733	+ */
734	+ protected function establishCSRFTokenState() {
735	+ if ($this->state === null) {
736	+ $this->state = md5(uniqid(mt_rand(), true));
737	+ $this->setPersistentData('state', $this->state);
738	+ }
739	+ }
740	+
741	+ /**
742	+ * Retrieves an access token for the given authorization code
743	+ * (previously generated from www.facebook.com on behalf of
744	+ * a specific user). The authorization code is sent to graph.facebook.com
745	+ * and a legitimate access token is generated provided the access token
746	+ * and the user for which it was generated all match, and the user is
747	+ * either logged in to Facebook or has granted an offline access permission.
748	+ *
749	+ * @param string $code An authorization code.
750	+ * @return mixed An access token exchanged for the authorization code, or
751	+ * false if an access token could not be generated.
752	+ */
753	+ protected function getAccessTokenFromCode($code, $redirect_uri = null) {
754	+ if (empty($code)) {
755	+ return false;
756	+ }
757	+
758	+ if ($redirect_uri === null) {
759	+ $redirect_uri = $this->getCurrentUrl();
760	+ }
761	+
762	+ try {
763	+ // need to circumvent json_decode by calling _oauthRequest
764	+ // directly, since response isn't JSON format.
765	+ $access_token_response =
766	+ $this->_oauthRequest(
767	+ $this->getUrl('graph', '/oauth/access_token'),
768	+ $params = array('client_id' => $this->getAppId(),
769	+ 'client_secret' => $this->getAppSecret(),
770	+ 'redirect_uri' => $redirect_uri,
771	+ 'code' => $code));
772	+ } catch (FacebookApiException $e) {
773	+ // most likely that user very recently revoked authorization.
774	+ // In any event, we don't have an access token, so say so.
775	+ return false;
776	+ }
777	+
778	+ if (empty($access_token_response)) {
779	+ return false;
780	+ }
781	+
782	+ $response_params = array();
783	+ parse_str($access_token_response, $response_params);
784	+ if (!isset($response_params['access_token'])) {
785	+ return false;
786	+ }
787	+
788	+ return $response_params['access_token'];
789	+ }
790	+
791	+ /**
792	+ * Invoke the old restserver.php endpoint.
793	+ *
794	+ * @param array $params Method call object
795	+ *
796	+ * @return mixed The decoded response object
797	+ * @throws FacebookApiException
798	+ */
799	+ protected function _restserver($params) {
800	+ // generic application level parameters
801	+ $params['api_key'] = $this->getAppId();
802	+ $params['format'] = 'json-strings';
803	+
804	+ $result = json_decode($this->_oauthRequest(
805	+ $this->getApiUrl($params['method']),
806	+ $params
807	+ ), true);
808	+
809	+ // results are returned, errors are thrown
810	+ if (is_array($result) && isset($result['error_code'])) {
811	+ $this->throwAPIException($result);
812	+ // @codeCoverageIgnoreStart
813	+ }
814	+ // @codeCoverageIgnoreEnd
815	+
816	+ $method = strtolower($params['method']);
817	+ if ($method === 'auth.expiresession' \|\|
818	+ $method === 'auth.revokeauthorization') {
819	+ $this->destroySession();
820	+ }
821	+
822	+ return $result;
823	+ }
824	+
825	+ /**
826	+ * Return true if this is video post.
827	+ *
828	+ * @param string $path The path
829	+ * @param string $method The http method (default 'GET')
830	+ *
831	+ * @return boolean true if this is video post
832	+ */
833	+ protected function isVideoPost($path, $method = 'GET') {
834	+ if ($method == 'POST' && preg_match("/^(\/)(.+)(\/)(videos)$/", $path)) {
835	+ return true;
836	+ }
837	+ return false;
838	+ }
839	+
840	+ /**
841	+ * Invoke the Graph API.
842	+ *
843	+ * @param string $path The path (required)
844	+ * @param string $method The http method (default 'GET')
845	+ * @param array $params The query/post data
846	+ *
847	+ * @return mixed The decoded response object
848	+ * @throws FacebookApiException
849	+ */
850	+ protected function _graph($path, $method = 'GET', $params = array()) {
851	+ if (is_array($method) && empty($params)) {
852	+ $params = $method;
853	+ $method = 'GET';
854	+ }
855	+ $params['method'] = $method; // method override as we always do a POST
856	+
857	+ if ($this->isVideoPost($path, $method)) {
858	+ $domainKey = 'graph_video';
859	+ } else {
860	+ $domainKey = 'graph';
861	+ }
862	+
863	+ $result = json_decode($this->_oauthRequest(
864	+ $this->getUrl($domainKey, $path),
865	+ $params
866	+ ), true);
867	+
868	+ // results are returned, errors are thrown
869	+ if (is_array($result) && isset($result['error'])) {
870	+ $this->throwAPIException($result);
871	+ // @codeCoverageIgnoreStart
872	+ }
873	+ // @codeCoverageIgnoreEnd
874	+
875	+ return $result;
876	+ }
877	+
878	+ /**
879	+ * Make a OAuth Request.
880	+ *
881	+ * @param string $url The path (required)
882	+ * @param array $params The query/post data
883	+ *
884	+ * @return string The decoded response object
885	+ * @throws FacebookApiException
886	+ */
887	+ protected function _oauthRequest($url, $params) {
888	+ if (!isset($params['access_token'])) {
889	+ $params['access_token'] = $this->getAccessToken();
890	+ }
891	+
892	+ // json_encode all params values that are not strings
893	+ foreach ($params as $key => $value) {
894	+ if (!is_string($value)) {
895	+ $params[$key] = json_encode($value);
896	+ }
897	+ }
898	+
899	+ return $this->makeRequest($url, $params);
900	+ }
901	+
902	+ /**
903	+ * Makes an HTTP request. This method can be overridden by subclasses if
904	+ * developers want to do fancier things or use something other than curl to
905	+ * make the request.
906	+ *
907	+ * @param string $url The URL to make the request to
908	+ * @param array $params The parameters to use for the POST body
909	+ * @param CurlHandler $ch Initialized curl handle
910	+ *
911	+ * @return string The response text
912	+ */
913	+ protected function makeRequest($url, $params, $ch=null) {
914	+ if (!$ch) {
915	+ $ch = curl_init();
916	+ }
917	+
918	+ $opts = self::$CURL_OPTS;
919	+ if ($this->getFileUploadSupport()) {
920	+ $opts[CURLOPT_POSTFIELDS] = $params;
921	+ } else {
922	+ $opts[CURLOPT_POSTFIELDS] = http_build_query($params, null, '&');
923	+ }
924	+ $opts[CURLOPT_URL] = $url;
925	+
926	+ // disable the 'Expect: 100-continue' behaviour. This causes CURL to wait
927	+ // for 2 seconds if the server does not support this header.
928	+ if (isset($opts[CURLOPT_HTTPHEADER])) {
929	+ $existing_headers = $opts[CURLOPT_HTTPHEADER];
930	+ $existing_headers[] = 'Expect:';
931	+ $opts[CURLOPT_HTTPHEADER] = $existing_headers;
932	+ } else {
933	+ $opts[CURLOPT_HTTPHEADER] = array('Expect:');
934	+ }
935	+
936	+ curl_setopt_array($ch, $opts);
937	+ $result = curl_exec($ch);
938	+
939	+ if (curl_errno($ch) == 60) { // CURLE_SSL_CACERT
940	+ self::errorLog('Invalid or no certificate authority found, '.
941	+ 'using bundled information');
942	+ curl_setopt($ch, CURLOPT_CAINFO,
943	+ dirname(__FILE__) . '/fb_ca_chain_bundle.crt');
944	+ $result = curl_exec($ch);
945	+ }
946	+
947	+ // With dual stacked DNS responses, it's possible for a server to
948	+ // have IPv6 enabled but not have IPv6 connectivity. If this is
949	+ // the case, curl will try IPv4 first and if that fails, then it will
950	+ // fall back to IPv6 and the error EHOSTUNREACH is returned by the
951	+ // operating system.
952	+ if ($result === false && empty($opts[CURLOPT_IPRESOLVE])) {
953	+ $matches = array();
954	+ $regex = '/Failed to connect to ([^:].*): Network is unreachable/';
955	+ if (preg_match($regex, curl_error($ch), $matches)) {
956	+ if (strlen(@inet_pton($matches[1])) === 16) {
957	+ self::errorLog('Invalid IPv6 configuration on server, '.
958	+ 'Please disable or get native IPv6 on your server.');
959	+ self::$CURL_OPTS[CURLOPT_IPRESOLVE] = CURL_IPRESOLVE_V4;
960	+ curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);
961	+ $result = curl_exec($ch);
962	+ }
963	+ }
964	+ }
965	+
966	+ if ($result === false) {
967	+ $e = new FacebookApiException(array(
968	+ 'error_code' => curl_errno($ch),
969	+ 'error' => array(
970	+ 'message' => curl_error($ch),
971	+ 'type' => 'CurlException',
972	+ ),
973	+ ));
974	+ curl_close($ch);
975	+ throw $e;
976	+ }
977	+ curl_close($ch);
978	+ return $result;
979	+ }
980	+
981	+ /**
982	+ * Parses a signed_request and validates the signature.
983	+ *
984	+ * @param string $signed_request A signed token
985	+ * @return array The payload inside it or null if the sig is wrong
986	+ */
987	+ protected function parseSignedRequest($signed_request) {
988	+ list($encoded_sig, $payload) = explode('.', $signed_request, 2);
989	+
990	+ // decode the data
991	+ $sig = self::base64UrlDecode($encoded_sig);
992	+ $data = json_decode(self::base64UrlDecode($payload), true);
993	+
994	+ if (strtoupper($data['algorithm']) !== self::SIGNED_REQUEST_ALGORITHM) {
995	+ self::errorLog(
996	+ 'Unknown algorithm. Expected ' . self::SIGNED_REQUEST_ALGORITHM);
997	+ return null;
998	+ }
999	+
1000	+ // check sig
1001	+ $expected_sig = hash_hmac('sha256', $payload,
1002	+ $this->getAppSecret(), $raw = true);
1003	+ if ($sig !== $expected_sig) {
1004	+ self::errorLog('Bad Signed JSON signature!');
1005	+ return null;
1006	+ }
1007	+
1008	+ return $data;
1009	+ }
1010	+
1011	+ /**
1012	+ * Makes a signed_request blob using the given data.
1013	+ *
1014	+ * @param array The data array.
1015	+ * @return string The signed request.
1016	+ */
1017	+ protected function makeSignedRequest($data) {
1018	+ if (!is_array($data)) {
1019	+ throw new InvalidArgumentException(
1020	+ 'makeSignedRequest expects an array. Got: ' . print_r($data, true));
1021	+ }
1022	+ $data['algorithm'] = self::SIGNED_REQUEST_ALGORITHM;
1023	+ $data['issued_at'] = time();
1024	+ $json = json_encode($data);
1025	+ $b64 = self::base64UrlEncode($json);
1026	+ $raw_sig = hash_hmac('sha256', $b64, $this->getAppSecret(), $raw = true);
1027	+ $sig = self::base64UrlEncode($raw_sig);
1028	+ return $sig.'.'.$b64;
1029	+ }
1030	+
1031	+ /**
1032	+ * Build the URL for api given parameters.
1033	+ *
1034	+ * @param $method String the method name.
1035	+ * @return string The URL for the given parameters
1036	+ */
1037	+ protected function getApiUrl($method) {
1038	+ static $READ_ONLY_CALLS =
1039	+ array('admin.getallocation' => 1,
1040	+ 'admin.getappproperties' => 1,
1041	+ 'admin.getbannedusers' => 1,
1042	+ 'admin.getlivestreamvialink' => 1,
1043	+ 'admin.getmetrics' => 1,
1044	+ 'admin.getrestrictioninfo' => 1,
1045	+ 'application.getpublicinfo' => 1,
1046	+ 'auth.getapppublickey' => 1,
1047	+ 'auth.getsession' => 1,
1048	+ 'auth.getsignedpublicsessiondata' => 1,
1049	+ 'comments.get' => 1,
1050	+ 'connect.getunconnectedfriendscount' => 1,
1051	+ 'dashboard.getactivity' => 1,
1052	+ 'dashboard.getcount' => 1,
1053	+ 'dashboard.getglobalnews' => 1,
1054	+ 'dashboard.getnews' => 1,
1055	+ 'dashboard.multigetcount' => 1,
1056	+ 'dashboard.multigetnews' => 1,
1057	+ 'data.getcookies' => 1,
1058	+ 'events.get' => 1,
1059	+ 'events.getmembers' => 1,
1060	+ 'fbml.getcustomtags' => 1,
1061	+ 'feed.getappfriendstories' => 1,
1062	+ 'feed.getregisteredtemplatebundlebyid' => 1,
1063	+ 'feed.getregisteredtemplatebundles' => 1,
1064	+ 'fql.multiquery' => 1,
1065	+ 'fql.query' => 1,
1066	+ 'friends.arefriends' => 1,
1067	+ 'friends.get' => 1,
1068	+ 'friends.getappusers' => 1,
1069	+ 'friends.getlists' => 1,
1070	+ 'friends.getmutualfriends' => 1,
1071	+ 'gifts.get' => 1,
1072	+ 'groups.get' => 1,
1073	+ 'groups.getmembers' => 1,
1074	+ 'intl.gettranslations' => 1,
1075	+ 'links.get' => 1,
1076	+ 'notes.get' => 1,
1077	+ 'notifications.get' => 1,
1078	+ 'pages.getinfo' => 1,
1079	+ 'pages.isadmin' => 1,
1080	+ 'pages.isappadded' => 1,
1081	+ 'pages.isfan' => 1,
1082	+ 'permissions.checkavailableapiaccess' => 1,
1083	+ 'permissions.checkgrantedapiaccess' => 1,
1084	+ 'photos.get' => 1,
1085	+ 'photos.getalbums' => 1,
1086	+ 'photos.gettags' => 1,
1087	+ 'profile.getinfo' => 1,
1088	+ 'profile.getinfooptions' => 1,
1089	+ 'stream.get' => 1,
1090	+ 'stream.getcomments' => 1,
1091	+ 'stream.getfilters' => 1,
1092	+ 'users.getinfo' => 1,
1093	+ 'users.getloggedinuser' => 1,
1094	+ 'users.getstandardinfo' => 1,
1095	+ 'users.hasapppermission' => 1,
1096	+ 'users.isappuser' => 1,
1097	+ 'users.isverified' => 1,
1098	+ 'video.getuploadlimits' => 1);
1099	+ $name = 'api';
1100	+ if (isset($READ_ONLY_CALLS[strtolower($method)])) {
1101	+ $name = 'api_read';
1102	+ } else if (strtolower($method) == 'video.upload') {
1103	+ $name = 'api_video';
1104	+ }
1105	+ return self::getUrl($name, 'restserver.php');
1106	+ }
1107	+
1108	+ /**
1109	+ * Build the URL for given domain alias, path and parameters.
1110	+ *
1111	+ * @param $name string The name of the domain
1112	+ * @param $path string Optional path (without a leading slash)
1113	+ * @param $params array Optional query parameters
1114	+ *
1115	+ * @return string The URL for the given parameters
1116	+ */
1117	+ protected function getUrl($name, $path='', $params=array()) {
1118	+ $url = self::$DOMAIN_MAP[$name];
1119	+ if ($path) {
1120	+ if ($path[0] === '/') {
1121	+ $path = substr($path, 1);
1122	+ }
1123	+ $url .= $path;
1124	+ }
1125	+ if ($params) {
1126	+ $url .= '?' . http_build_query($params, null, '&');
1127	+ }
1128	+
1129	+ return $url;
1130	+ }
1131	+
1132	+ protected function getHttpHost() {
1133	+ if ($this->trustForwarded && isset($_SERVER['HTTP_X_FORWARDED_HOST'])) {
1134	+ return $_SERVER['HTTP_X_FORWARDED_HOST'];
1135	+ }
1136	+ return $_SERVER['HTTP_HOST'];
1137	+ }
1138	+
1139	+ protected function getHttpProtocol() {
1140	+ if ($this->trustForwarded && isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
1141	+ if ($_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') {
1142	+ return 'https';
1143	+ }
1144	+ return 'http';
1145	+ }
1146	+ if (isset($_SERVER['HTTPS']) &&
1147	+ ($_SERVER['HTTPS'] === 'on' \|\| $_SERVER['HTTPS'] == 1)) {
1148	+ return 'https';
1149	+ }
1150	+ return 'http';
1151	+ }
1152	+
1153	+ /**
1154	+ * Get the base domain used for the cookie.
1155	+ */
1156	+ protected function getBaseDomain() {
1157	+ // The base domain is stored in the metadata cookie if not we fallback
1158	+ // to the current hostname
1159	+ $metadata = $this->getMetadataCookie();
1160	+ if (array_key_exists('base_domain', $metadata) &&
1161	+ !empty($metadata['base_domain'])) {
1162	+ return trim($metadata['base_domain'], '.');
1163	+ }
1164	+ return $this->getHttpHost();
1165	+ }
1166	+
1167	+ /**
1168	+
1169	+ /**
1170	+ * Returns the Current URL, stripping it of known FB parameters that should
1171	+ * not persist.
1172	+ *
1173	+ * @return string The current URL
1174	+ */
1175	+ protected function getCurrentUrl() {
1176	+ $protocol = $this->getHttpProtocol() . '://';
1177	+ $host = $this->getHttpHost();
1178	+ $currentUrl = $protocol.$host.$_SERVER['REQUEST_URI'];
1179	+ $parts = parse_url($currentUrl);
1180	+
1181	+ $query = '';
1182	+ if (!empty($parts['query'])) {
1183	+ // drop known fb params
1184	+ $params = explode('&', $parts['query']);
1185	+ $retained_params = array();
1186	+ foreach ($params as $param) {
1187	+ if ($this->shouldRetainParam($param)) {
1188	+ $retained_params[] = $param;
1189	+ }
1190	+ }
1191	+
1192	+ if (!empty($retained_params)) {
1193	+ $query = '?'.implode($retained_params, '&');
1194	+ }
1195	+ }
1196	+
1197	+ // use port if non default
1198	+ $port =
1199	+ isset($parts['port']) &&
1200	+ (($protocol === 'http://' && $parts['port'] !== 80) \|\|
1201	+ ($protocol === 'https://' && $parts['port'] !== 443))
1202	+ ? ':' . $parts['port'] : '';
1203	+
1204	+ // rebuild
1205	+ return $protocol . $parts['host'] . $port . $parts['path'] . $query;
1206	+ }
1207	+
1208	+ /**
1209	+ * Returns true if and only if the key or key/value pair should
1210	+ * be retained as part of the query string. This amounts to
1211	+ * a brute-force search of the very small list of Facebook-specific
1212	+ * params that should be stripped out.
1213	+ *
1214	+ * @param string $param A key or key/value pair within a URL's query (e.g.
1215	+ * 'foo=a', 'foo=', or 'foo'.
1216	+ *
1217	+ * @return boolean
1218	+ */
1219	+ protected function shouldRetainParam($param) {
1220	+ foreach (self::$DROP_QUERY_PARAMS as $drop_query_param) {
1221	+ if (strpos($param, $drop_query_param.'=') === 0) {
1222	+ return false;
1223	+ }
1224	+ }
1225	+
1226	+ return true;
1227	+ }
1228	+
1229	+ /**
1230	+ * Analyzes the supplied result to see if it was thrown
1231	+ * because the access token is no longer valid. If that is
1232	+ * the case, then we destroy the session.
1233	+ *
1234	+ * @param $result array A record storing the error message returned
1235	+ * by a failed API call.
1236	+ */
1237	+ protected function throwAPIException($result) {
1238	+ $e = new FacebookApiException($result);
1239	+ switch ($e->getType()) {
1240	+ // OAuth 2.0 Draft 00 style
1241	+ case 'OAuthException':
1242	+ // OAuth 2.0 Draft 10 style
1243	+ case 'invalid_token':
1244	+ // REST server errors are just Exceptions
1245	+ case 'Exception':
1246	+ $message = $e->getMessage();
1247	+ if ((strpos($message, 'Error validating access token') !== false) \|\|
1248	+ (strpos($message, 'Invalid OAuth access token') !== false) \|\|
1249	+ (strpos($message, 'An active access token must be used') !== false)
1250	+ ) {
1251	+ $this->destroySession();
1252	+ }
1253	+ break;
1254	+ }
1255	+
1256	+ throw $e;
1257	+ }
1258	+
1259	+
1260	+ /**
1261	+ * Prints to the error log if you aren't in command line mode.
1262	+ *
1263	+ * @param string $msg Log message
1264	+ */
1265	+ protected static function errorLog($msg) {
1266	+ // disable error log if we are running in a CLI environment
1267	+ // @codeCoverageIgnoreStart
1268	+ if (php_sapi_name() != 'cli') {
1269	+ error_log($msg);
1270	+ }
1271	+ // uncomment this if you want to see the errors on the page
1272	+ // print 'error_log: '.$msg."\n";
1273	+ // @codeCoverageIgnoreEnd
1274	+ }
1275	+
1276	+ /**
1277	+ * Base64 encoding that doesn't need to be urlencode()ed.
1278	+ * Exactly the same as base64_encode except it uses
1279	+ * - instead of +
1280	+ * _ instead of /
1281	+ * No padded =
1282	+ *
1283	+ * @param string $input base64UrlEncoded string
1284	+ * @return string
1285	+ */
1286	+ protected static function base64UrlDecode($input) {
1287	+ return base64_decode(strtr($input, '-_', '+/'));
1288	+ }
1289	+
1290	+ /**
1291	+ * Base64 encoding that doesn't need to be urlencode()ed.
1292	+ * Exactly the same as base64_encode except it uses
1293	+ * - instead of +
1294	+ * _ instead of /
1295	+ *
1296	+ * @param string $input string
1297	+ * @return string base64Url encoded string
1298	+ */
1299	+ protected static function base64UrlEncode($input) {
1300	+ $str = strtr(base64_encode($input), '+/', '-_');
1301	+ $str = str_replace('=', '', $str);
1302	+ return $str;
1303	+ }
1304	+
1305	+ /**
1306	+ * Destroy the current session
1307	+ */
1308	+ public function destroySession() {
1309	+ $this->accessToken = null;
1310	+ $this->signedRequest = null;
1311	+ $this->user = null;
1312	+ $this->clearAllPersistentData();
1313	+
1314	+ // Javascript sets a cookie that will be used in getSignedRequest that we
1315	+ // need to clear if we can
1316	+ $cookie_name = $this->getSignedRequestCookieName();
1317	+ if (array_key_exists($cookie_name, $_COOKIE)) {
1318	+ unset($_COOKIE[$cookie_name]);
1319	+ if (!headers_sent()) {
1320	+ $base_domain = $this->getBaseDomain();
1321	+ setcookie($cookie_name, '', 1, '/', '.'.$base_domain);
1322	+ } else {
1323	+ // @codeCoverageIgnoreStart
1324	+ self::errorLog(
1325	+ 'There exists a cookie that we wanted to clear that we couldn\'t '.
1326	+ 'clear because headers was already sent. Make sure to do the first '.
1327	+ 'API call before outputing anything.'
1328	+ );
1329	+ // @codeCoverageIgnoreEnd
1330	+ }
1331	+ }
1332	+ }
1333	+
1334	+ /**
1335	+ * Parses the metadata cookie that our Javascript API set
1336	+ *
1337	+ * @return an array mapping key to value
1338	+ */
1339	+ protected function getMetadataCookie() {
1340	+ $cookie_name = $this->getMetadataCookieName();
1341	+ if (!array_key_exists($cookie_name, $_COOKIE)) {
1342	+ return array();
1343	+ }
1344	+
1345	+ // The cookie value can be wrapped in "-characters so remove them
1346	+ $cookie_value = trim($_COOKIE[$cookie_name], '"');
1347	+
1348	+ if (empty($cookie_value)) {
1349	+ return array();
1350	+ }
1351	+
1352	+ $parts = explode('&', $cookie_value);
1353	+ $metadata = array();
1354	+ foreach ($parts as $part) {
1355	+ $pair = explode('=', $part, 2);
1356	+ if (!empty($pair[0])) {
1357	+ $metadata[urldecode($pair[0])] =
1358	+ (count($pair) > 1) ? urldecode($pair[1]) : '';
1359	+ }
1360	+ }
1361	+
1362	+ return $metadata;
1363	+ }
1364	+
1365	+ protected static function isAllowedDomain($big, $small) {
1366	+ if ($big === $small) {
1367	+ return true;
1368	+ }
1369	+ return self::endsWith($big, '.'.$small);
1370	+ }
1371	+
1372	+ protected static function endsWith($big, $small) {
1373	+ $len = strlen($small);
1374	+ if ($len === 0) {
1375	+ return true;
1376	+ }
1377	+ return substr($big, -$len) === $small;
1378	+ }
1379	+
1380	+ /**
1381	+ * Each of the following four methods should be overridden in
1382	+ * a concrete subclass, as they are in the provided Facebook class.
1383	+ * The Facebook class uses PHP sessions to provide a primitive
1384	+ * persistent store, but another subclass--one that you implement--
1385	+ * might use a database, memcache, or an in-memory cache.
1386	+ *
1387	+ * @see Facebook
1388	+ */
1389	+
1390	+ /**
1391	+ * Stores the given ($key, $value) pair, so that future calls to
1392	+ * getPersistentData($key) return $value. This call may be in another request.
1393	+ *
1394	+ * @param string $key
1395	+ * @param array $value
1396	+ *
1397	+ * @return void
1398	+ */
1399	+ abstract protected function setPersistentData($key, $value);
1400	+
1401	+ /**
1402	+ * Get the data for $key, persisted by BaseFacebook::setPersistentData()
1403	+ *
1404	+ * @param string $key The key of the data to retrieve
1405	+ * @param boolean $default The default value to return if $key is not found
1406	+ *
1407	+ * @return mixed
1408	+ */
1409	+ abstract protected function getPersistentData($key, $default = false);
1410	+
1411	+ /**
1412	+ * Clear the data with $key from the persistent storage
1413	+ *
1414	+ * @param string $key
1415	+ * @return void
1416	+ */
1417	+ abstract protected function clearPersistentData($key);
1418	+
1419	+ /**
1420	+ * Clear all data from the persistent storage
1421	+ *
1422	+ * @return void
1423	+ */
1424	+ abstract protected function clearAllPersistentData();
1425	+ }

classes/facebook-php-sdk/facebook.php ADDED Viewed

	@@ -0,0 +1,160 @@


1	+ <?php
2	+ /**
3	+ * Copyright 2011 Facebook, Inc.
4	+ *
5	+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
6	+ * not use this file except in compliance with the License. You may obtain
7	+ * a copy of the License at
8	+ *
9	+ * http://www.apache.org/licenses/LICENSE-2.0
10	+ *
11	+ * Unless required by applicable law or agreed to in writing, software
12	+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
13	+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
14	+ * License for the specific language governing permissions and limitations
15	+ * under the License.
16	+ */
17	+
18	+ require_once "base_facebook.php";
19	+
20	+ /**
21	+ * Extends the BaseFacebook class with the intent of using
22	+ * PHP sessions to store user ids and access tokens.
23	+ */
24	+ class Facebook extends BaseFacebook
25	+ {
26	+ const FBSS_COOKIE_NAME = 'fbss';
27	+
28	+ // We can set this to a high number because the main session
29	+ // expiration will trump this.
30	+ const FBSS_COOKIE_EXPIRE = 31556926; // 1 year
31	+
32	+ // Stores the shared session ID if one is set.
33	+ protected $sharedSessionID;
34	+
35	+ /**
36	+ * Identical to the parent constructor, except that
37	+ * we start a PHP session to store the user ID and
38	+ * access token if during the course of execution
39	+ * we discover them.
40	+ *
41	+ * @param Array $config the application configuration. Additionally
42	+ * accepts "sharedSession" as a boolean to turn on a secondary
43	+ * cookie for environments with a shared session (that is, your app
44	+ * shares the domain with other apps).
45	+ * @see BaseFacebook::__construct in facebook.php
46	+ */
47	+ public function __construct($config) {
48	+ if (!session_id() && !headers_sent()) {
49	+ session_start();
50	+ }
51	+ parent::__construct($config);
52	+ if (!empty($config['sharedSession'])) {
53	+ $this->initSharedSession();
54	+ }
55	+ }
56	+
57	+ protected static $kSupportedKeys =
58	+ array('state', 'code', 'access_token', 'user_id');
59	+
60	+ protected function initSharedSession() {
61	+ $cookie_name = $this->getSharedSessionCookieName();
62	+ if (isset($_COOKIE[$cookie_name])) {
63	+ $data = $this->parseSignedRequest($_COOKIE[$cookie_name]);
64	+ if ($data && !empty($data['domain']) &&
65	+ self::isAllowedDomain($this->getHttpHost(), $data['domain'])) {
66	+ // good case
67	+ $this->sharedSessionID = $data['id'];
68	+ return;
69	+ }
70	+ // ignoring potentially unreachable data
71	+ }
72	+ // evil/corrupt/missing case
73	+ $base_domain = $this->getBaseDomain();
74	+ $this->sharedSessionID = md5(uniqid(mt_rand(), true));
75	+ $cookie_value = $this->makeSignedRequest(
76	+ array(
77	+ 'domain' => $base_domain,
78	+ 'id' => $this->sharedSessionID,
79	+ )
80	+ );
81	+ $_COOKIE[$cookie_name] = $cookie_value;
82	+ if (!headers_sent()) {
83	+ $expire = time() + self::FBSS_COOKIE_EXPIRE;
84	+ setcookie($cookie_name, $cookie_value, $expire, '/', '.'.$base_domain);
85	+ } else {
86	+ // @codeCoverageIgnoreStart
87	+ self::errorLog(
88	+ 'Shared session ID cookie could not be set! You must ensure you '.
89	+ 'create the Facebook instance before headers have been sent. This '.
90	+ 'will cause authentication issues after the first request.'
91	+ );
92	+ // @codeCoverageIgnoreEnd
93	+ }
94	+ }
95	+
96	+ /**
97	+ * Provides the implementations of the inherited abstract
98	+ * methods. The implementation uses PHP sessions to maintain
99	+ * a store for authorization codes, user ids, CSRF states, and
100	+ * access tokens.
101	+ */
102	+ protected function setPersistentData($key, $value) {
103	+ if (!in_array($key, self::$kSupportedKeys)) {
104	+ self::errorLog('Unsupported key passed to setPersistentData.');
105	+ return;
106	+ }
107	+
108	+ $session_var_name = $this->constructSessionVariableName($key);
109	+ $_SESSION[$session_var_name] = $value;
110	+ }
111	+
112	+ protected function getPersistentData($key, $default = false) {
113	+ if (!in_array($key, self::$kSupportedKeys)) {
114	+ self::errorLog('Unsupported key passed to getPersistentData.');
115	+ return $default;
116	+ }
117	+
118	+ $session_var_name = $this->constructSessionVariableName($key);
119	+ return isset($_SESSION[$session_var_name]) ?
120	+ $_SESSION[$session_var_name] : $default;
121	+ }
122	+
123	+ protected function clearPersistentData($key) {
124	+ if (!in_array($key, self::$kSupportedKeys)) {
125	+ self::errorLog('Unsupported key passed to clearPersistentData.');
126	+ return;
127	+ }
128	+
129	+ $session_var_name = $this->constructSessionVariableName($key);
130	+ unset($_SESSION[$session_var_name]);
131	+ }
132	+
133	+ protected function clearAllPersistentData() {
134	+ foreach (self::$kSupportedKeys as $key) {
135	+ $this->clearPersistentData($key);
136	+ }
137	+ if ($this->sharedSessionID) {
138	+ $this->deleteSharedSessionCookie();
139	+ }
140	+ }
141	+
142	+ protected function deleteSharedSessionCookie() {
143	+ $cookie_name = $this->getSharedSessionCookieName();
144	+ unset($_COOKIE[$cookie_name]);
145	+ $base_domain = $this->getBaseDomain();
146	+ setcookie($cookie_name, '', 1, '/', '.'.$base_domain);
147	+ }
148	+
149	+ protected function getSharedSessionCookieName() {
150	+ return self::FBSS_COOKIE_NAME . '_' . $this->getAppId();
151	+ }
152	+
153	+ protected function constructSessionVariableName($key) {
154	+ $parts = array('fb', $this->getAppId(), $key);
155	+ if ($this->sharedSessionID) {
156	+ array_unshift($parts, $this->sharedSessionID);
157	+ }
158	+ return implode('_', $parts);
159	+ }
160	+ }

classes/facebook-php-sdk/fb_ca_chain_bundle.crt ADDED Viewed

	@@ -0,0 +1,121 @@


1	+ -----BEGIN CERTIFICATE-----
2	+ MIIFgjCCBGqgAwIBAgIQDKKbZcnESGaLDuEaVk6fQjANBgkqhkiG9w0BAQUFADBm
3	+ MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
4	+ d3cuZGlnaWNlcnQuY29tMSUwIwYDVQQDExxEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
5	+ ZSBDQS0zMB4XDTEwMDExMzAwMDAwMFoXDTEzMDQxMTIzNTk1OVowaDELMAkGA1UE
6	+ BhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExEjAQBgNVBAcTCVBhbG8gQWx0bzEX
7	+ MBUGA1UEChMORmFjZWJvb2ssIEluYy4xFzAVBgNVBAMUDiouZmFjZWJvb2suY29t
8	+ MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9rzj7QIuLM3sdHu1HcI1VcR3g
9	+ b5FExKNV646agxSle1aQ/sJev1mh/u91ynwqd2BQmM0brZ1Hc3QrfYyAaiGGgEkp
10	+ xbhezyfeYhAyO0TKAYxPnm2cTjB5HICzk6xEIwFbA7SBJ2fSyW1CFhYZyo3tIBjj
11	+ 19VjKyBfpRaPkzLmRwIDAQABo4ICrDCCAqgwHwYDVR0jBBgwFoAUUOpzidsp+xCP
12	+ nuUBINTeeZlIg/cwHQYDVR0OBBYEFPp+tsFBozkjrHlEnZ9J4cFj2eM0MA4GA1Ud
13	+ DwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMF8GA1UdHwRYMFYwKaAnoCWGI2h0dHA6
14	+ Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9jYTMtZmIuY3JsMCmgJ6AlhiNodHRwOi8vY3Js
15	+ NC5kaWdpY2VydC5jb20vY2EzLWZiLmNybDCCAcYGA1UdIASCAb0wggG5MIIBtQYL
16	+ YIZIAYb9bAEDAAEwggGkMDoGCCsGAQUFBwIBFi5odHRwOi8vd3d3LmRpZ2ljZXJ0
17	+ LmNvbS9zc2wtY3BzLXJlcG9zaXRvcnkuaHRtMIIBZAYIKwYBBQUHAgIwggFWHoIB
18	+ UgBBAG4AeQAgAHUAcwBlACAAbwBmACAAdABoAGkAcwAgAEMAZQByAHQAaQBmAGkA
19	+ YwBhAHQAZQAgAGMAbwBuAHMAdABpAHQAdQB0AGUAcwAgAGEAYwBjAGUAcAB0AGEA
20	+ bgBjAGUAIABvAGYAIAB0AGgAZQAgAEQAaQBnAGkAQwBlAHIAdAAgAEMAUAAvAEMA
21	+ UABTACAAYQBuAGQAIAB0AGgAZQAgAFIAZQBsAHkAaQBuAGcAIABQAGEAcgB0AHkA
22	+ IABBAGcAcgBlAGUAbQBlAG4AdAAgAHcAaABpAGMAaAAgAGwAaQBtAGkAdAAgAGwA
23	+ aQBhAGIAaQBsAGkAdAB5ACAAYQBuAGQAIABhAHIAZQAgAGkAbgBjAG8AcgBwAG8A
24	+ cgBhAHQAZQBkACAAaABlAHIAZQBpAG4AIABiAHkAIAByAGUAZgBlAHIAZQBuAGMA
25	+ ZQAuMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQUF
26	+ AAOCAQEACOkTIdxMy11+CKrbGNLBSg5xHaTvu/v1wbyn3dO/mf68pPfJnX6ShPYy
27	+ 4XM4Vk0x4uaFaU4wAGke+nCKGi5dyg0Esg7nemLNKEJaFAJZ9enxZm334lSCeARy
28	+ wlDtxULGOFRyGIZZPmbV2eNq5xdU/g3IuBEhL722mTpAye9FU/J8Wsnw54/gANyO
29	+ Gzkewigua8ip8Lbs9Cht399yAfbfhUP1DrAm/xEcnHrzPr3cdCtOyJaM6SRPpRqH
30	+ ITK5Nc06tat9lXVosSinT3KqydzxBYua9gCFFiR3x3DgZfvXkC6KDdUlDrNcJUub
31	+ a1BHnLLP4mxTHL6faAXYd05IxNn/IA==
32	+ -----END CERTIFICATE-----
33	+ -----BEGIN CERTIFICATE-----
34	+ MIIGVTCCBT2gAwIBAgIQCFH5WYFBRcq94CTiEsnCDjANBgkqhkiG9w0BAQUFADBs
35	+ MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
36	+ d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
37	+ ZSBFViBSb290IENBMB4XDTA3MDQwMzAwMDAwMFoXDTIyMDQwMzAwMDAwMFowZjEL
38	+ MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
39	+ LmRpZ2ljZXJ0LmNvbTElMCMGA1UEAxMcRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug
40	+ Q0EtMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL9hCikQH17+NDdR
41	+ CPge+yLtYb4LDXBMUGMmdRW5QYiXtvCgFbsIYOBC6AUpEIc2iihlqO8xB3RtNpcv
42	+ KEZmBMcqeSZ6mdWOw21PoF6tvD2Rwll7XjZswFPPAAgyPhBkWBATaccM7pxCUQD5
43	+ BUTuJM56H+2MEb0SqPMV9Bx6MWkBG6fmXcCabH4JnudSREoQOiPkm7YDr6ictFuf
44	+ 1EutkozOtREqqjcYjbTCuNhcBoz4/yO9NV7UfD5+gw6RlgWYw7If48hl66l7XaAs
45	+ zPw82W3tzPpLQ4zJ1LilYRyyQLYoEt+5+F/+07LJ7z20Hkt8HEyZNp496+ynaF4d
46	+ 32duXvsCAwEAAaOCAvcwggLzMA4GA1UdDwEB/wQEAwIBhjCCAcYGA1UdIASCAb0w
47	+ ggG5MIIBtQYLYIZIAYb9bAEDAAIwggGkMDoGCCsGAQUFBwIBFi5odHRwOi8vd3d3
48	+ LmRpZ2ljZXJ0LmNvbS9zc2wtY3BzLXJlcG9zaXRvcnkuaHRtMIIBZAYIKwYBBQUH
49	+ AgIwggFWHoIBUgBBAG4AeQAgAHUAcwBlACAAbwBmACAAdABoAGkAcwAgAEMAZQBy
50	+ AHQAaQBmAGkAYwBhAHQAZQAgAGMAbwBuAHMAdABpAHQAdQB0AGUAcwAgAGEAYwBj
51	+ AGUAcAB0AGEAbgBjAGUAIABvAGYAIAB0AGgAZQAgAEQAaQBnAGkAQwBlAHIAdAAg
52	+ AEMAUAAvAEMAUABTACAAYQBuAGQAIAB0AGgAZQAgAFIAZQBsAHkAaQBuAGcAIABQ
53	+ AGEAcgB0AHkAIABBAGcAcgBlAGUAbQBlAG4AdAAgAHcAaABpAGMAaAAgAGwAaQBt
54	+ AGkAdAAgAGwAaQBhAGIAaQBsAGkAdAB5ACAAYQBuAGQAIABhAHIAZQAgAGkAbgBj
55	+ AG8AcgBwAG8AcgBhAHQAZQBkACAAaABlAHIAZQBpAG4AIABiAHkAIAByAGUAZgBl
56	+ AHIAZQBuAGMAZQAuMA8GA1UdEwEB/wQFMAMBAf8wNAYIKwYBBQUHAQEEKDAmMCQG
57	+ CCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wgY8GA1UdHwSBhzCB
58	+ hDBAoD6gPIY6aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFz
59	+ c3VyYW5jZUVWUm9vdENBLmNybDBAoD6gPIY6aHR0cDovL2NybDQuZGlnaWNlcnQu
60	+ Y29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDAfBgNVHSMEGDAW
61	+ gBSxPsNpA/i/RwHUmCYaCALvY2QrwzAdBgNVHQ4EFgQUUOpzidsp+xCPnuUBINTe
62	+ eZlIg/cwDQYJKoZIhvcNAQEFBQADggEBAF1PhPGoiNOjsrycbeUpSXfh59bcqdg1
63	+ rslx3OXb3J0kIZCmz7cBHJvUV5eR13UWpRLXuT0uiT05aYrWNTf58SHEW0CtWakv
64	+ XzoAKUMncQPkvTAyVab+hA4LmzgZLEN8rEO/dTHlIxxFVbdpCJG1z9fVsV7un5Tk
65	+ 1nq5GMO41lJjHBC6iy9tXcwFOPRWBW3vnuzoYTYMFEuFFFoMg08iXFnLjIpx2vrF
66	+ EIRYzwfu45DC9fkpx1ojcflZtGQriLCnNseaIGHr+k61rmsb5OPs4tk8QUmoIKRU
67	+ 9ZKNu8BVIASm2LAXFszj0Mi0PeXZhMbT9m5teMl5Q+h6N/9cNUm/ocU=
68	+ -----END CERTIFICATE-----
69	+ -----BEGIN CERTIFICATE-----
70	+ MIIEQjCCA6ugAwIBAgIEQoclDjANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
71	+ VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
72	+ ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
73	+ KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u
74	+ ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEy
75	+ MjIxNTI3MjdaFw0xNDA3MjIxNTU3MjdaMGwxCzAJBgNVBAYTAlVTMRUwEwYDVQQK
76	+ EwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xKzApBgNV
77	+ BAMTIkRpZ2lDZXJ0IEhpZ2ggQXNzdXJhbmNlIEVWIFJvb3QgQ0EwggEiMA0GCSqG
78	+ SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGzOVz5vvUu+UtLTKm3+WBP8nNJUm2cSrD
79	+ 1ZQ0Z6IKHLBfaaZAscS3so/QmKSpQVk609yU1jzbdDikSsxNJYL3SqVTEjju80lt
80	+ cZF+Y7arpl/DpIT4T2JRvvjF7Ns4kuMG5QiRDMQoQVX7y1qJFX5x6DW/TXIJPb46
81	+ OFBbdzEbjbPHJEWap6xtABRaBLe6E+tRCphBQSJOZWGHgUFQpnlcid4ZSlfVLuZd
82	+ HFMsfpjNGgYWpGhz0DQEE1yhcdNafFXbXmThN4cwVgTlEbQpgBLxeTmIogIRfCdm
83	+ t4i3ePLKCqg4qwpkwr9mXZWEwaElHoddGlALIBLMQbtuC1E4uEvLAgMBAAGjggET
84	+ MIIBDzASBgNVHRMBAf8ECDAGAQH/AgEBMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggr
85	+ BgEFBQcDAgYIKwYBBQUHAwQwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdo
86	+ dHRwOi8vb2NzcC5lbnRydXN0Lm5ldDAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8v
87	+ Y3JsLmVudHJ1c3QubmV0L3NlcnZlcjEuY3JsMB0GA1UdDgQWBBSxPsNpA/i/RwHU
88	+ mCYaCALvY2QrwzALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAU8BdiE1U9s/8KAGv7
89	+ UISX8+1i0BowGQYJKoZIhvZ9B0EABAwwChsEVjcuMQMCAIEwDQYJKoZIhvcNAQEF
90	+ BQADgYEAUuVY7HCc/9EvhaYzC1rAIo348LtGIiMduEl5Xa24G8tmJnDioD2GU06r
91	+ 1kjLX/ktCdpdBgXadbjtdrZXTP59uN0AXlsdaTiFufsqVLPvkp5yMnqnuI3E2o6p
92	+ NpAkoQSbB6kUCNnXcW26valgOjDLZFOnr241QiwdBAJAAE/rRa8=
93	+ -----END CERTIFICATE-----
94	+ -----BEGIN CERTIFICATE-----
95	+ MIIE2DCCBEGgAwIBAgIEN0rSQzANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
96	+ VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
97	+ ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
98	+ KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u
99	+ ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05OTA1
100	+ MjUxNjA5NDBaFw0xOTA1MjUxNjM5NDBaMIHDMQswCQYDVQQGEwJVUzEUMBIGA1UE
101	+ ChMLRW50cnVzdC5uZXQxOzA5BgNVBAsTMnd3dy5lbnRydXN0Lm5ldC9DUFMgaW5j
102	+ b3JwLiBieSByZWYuIChsaW1pdHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMTk5OSBF
103	+ bnRydXN0Lm5ldCBMaW1pdGVkMTowOAYDVQQDEzFFbnRydXN0Lm5ldCBTZWN1cmUg
104	+ U2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGdMA0GCSqGSIb3DQEBAQUA
105	+ A4GLADCBhwKBgQDNKIM0VBuJ8w+vN5Ex/68xYMmo6LIQaO2f55M28Qpku0f1BBc/
106	+ I0dNxScZgSYMVHINiC3ZH5oSn7yzcdOAGT9HZnuMNSjSuQrfJNqc1lB5gXpa0zf3
107	+ wkrYKZImZNHkmGw6AIr1NJtl+O3jEP/9uElY3KDegjlrgbEWGWG5VLbmQwIBA6OC
108	+ AdcwggHTMBEGCWCGSAGG+EIBAQQEAwIABzCCARkGA1UdHwSCARAwggEMMIHeoIHb
109	+ oIHYpIHVMIHSMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50cnVzdC5uZXQxOzA5
110	+ BgNVBAsTMnd3dy5lbnRydXN0Lm5ldC9DUFMgaW5jb3JwLiBieSByZWYuIChsaW1p
111	+ dHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMTk5OSBFbnRydXN0Lm5ldCBMaW1pdGVk
112	+ MTowOAYDVQQDEzFFbnRydXN0Lm5ldCBTZWN1cmUgU2VydmVyIENlcnRpZmljYXRp
113	+ b24gQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMCmgJ6AlhiNodHRwOi8vd3d3LmVu
114	+ dHJ1c3QubmV0L0NSTC9uZXQxLmNybDArBgNVHRAEJDAigA8xOTk5MDUyNTE2MDk0
115	+ MFqBDzIwMTkwNTI1MTYwOTQwWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAU8Bdi
116	+ E1U9s/8KAGv7UISX8+1i0BowHQYDVR0OBBYEFPAXYhNVPbP/CgBr+1CEl/PtYtAa
117	+ MAwGA1UdEwQFMAMBAf8wGQYJKoZIhvZ9B0EABAwwChsEVjQuMAMCBJAwDQYJKoZI
118	+ hvcNAQEFBQADgYEAkNwwAvpkdMKnCqV8IY00F6j7Rw7/JXyNEwr75Ji174z4xRAN
119	+ 95K+8cPV1ZVqBLssziY2ZcgxxufuP+NXdYR6Ee9GTxj005i7qIcyunL2POI9n9cd
120	+ 2cNgQ4xYDiKWL2KjLB+6rQXvqzJ4h6BUcxm1XAX5Uj5tLUUL9wqT6u0G+bI=
121	+ -----END CERTIFICATE-----

css/admin.css ADDED Viewed

	@@ -0,0 +1,27 @@


1	+
2	+ #rfb{ clear:both; }
3	+ #rfb div.column{ float:left; }
4	+ #rfb label.error{ color:red; }
5	+
6	+ #rfb div.box{ padding:5px; }
7	+ #rfb div.box ul{ list-style:square; margin-left:25px; }
8	+ #rfb div.box li{ margin:0; }
9	+
10	+ #rfb-donatebox{ border:2px solid green; background:#CFC; }
11	+ #rfb-donatebox h3{ color:green; margin:0; }
12	+ #rfb-donatebox li{ line-height:22px; }
13	+ #rfb p.status{ font-weight:bold;}
14	+ #rfb span.connected, #rfb span.disconnected{ font-weight:bold; display:inline-block; color:white; padding:3px; }
15	+ #rfb span.connected{ background:green; }
16	+ #rfb span.disconnected{ background:lightGrey; }
17	+
18	+ #rfb .clearfix:after {
19	+ visibility: hidden;
20	+ display: block;
21	+ font-size: 0;
22	+ content: " ";
23	+ clear: both;
24	+ height: 0;
25	+ }
26	+ * html #rfb .clearfix { zoom: 1; } /* IE6 */
27	+ :first-child+html #rfb .clearfix { zoom: 1; } / IE7 */

css/rfb.css ADDED Viewed

	@@ -0,0 +1,14 @@


1	+ .rfb_posts a.rfb_link{ display:block; clear:both; float:none; font-weight:normal; background:none; border:0; padding:1px 0; margin:0; cursor:pointer; text-decoration:none; font-size:11px; line-height:15px; height:15px; }
2	+ .rfb_posts a.rfb_link:hover{ text-decoration:none; }
3	+ .rfb_posts .rfb_text a{ word-break:break-all; }
4	+ .rfb_posts .rfb_image img{ max-width:100%; }
5	+
6	+ .rfb_posts span.like_count, .rfb_posts span.comment_count{ margin-right:3px; background:url("../img/fb-sprite.png") no-repeat 0 0; padding-left:18px; color: #3B5998 !important; display:inline-block; }
7	+ .rfb_posts span.like_count_and_comment_count:hover{ background-color: #ECEFF5; }
8	+ .rfb_posts span.like_count{ background-position:0 -52px; }
9	+ .rfb_posts span.comment_count{ background-position:0 -18px; }
10	+ .rfb_posts span.timestamp{ color:#999; }
11	+ .rfb_posts span.timestamp:hover span{ text-decoration:underline; }
12	+ .rfb_posts span.like_count span{ display:none; }
13	+ .rfb_posts span.comment_count span{ display:none; }
14	+

img/fb-sprite.png ADDED Viewed

Binary file

readme.txt ADDED Viewed

	@@ -0,0 +1,114 @@


1	+ === Plugin Name ===
2	+ Contributors: DvanKooten
3	+ Donate link: http://dannyvankooten.com/donate/
4	+ Tags: facebook,posts,fanpage,recent posts,fb,like box alternative,widget,facebook widget,widgets,facebook updates,like button,fb posts
5	+ Requires at least: 3.0.1
6	+ Tested up to: 3.4.2
7	+ Stable tag: 1.0.5
8	+ License: GPLv2 or later
9	+ License URI: http://www.gnu.org/licenses/gpl-2.0.html
10	+
11	+ Widget that lists your recent Facebook page or profile updates / posts. A faster/prettier/more customizable alternative to Facebooks Like Box.
12	+
13	+ == Description ==
14	+
15	+ This plugin adds a widget to your WordPress installation which you can use to list your recent Facebook posts / updates. This can be either posts from your personal profile or posts from your fanpage.
16	+
17	+ Benefits of using Recent Facebook Posts
18	+
19	+ * More freedom then Facebooks Like Box, easier to customize and/or style by using plain old CSS.
20	+ * Outputs valid HTML, no more iframes.
21	+ * Faster then Facebooks like box, because the result is properly cached on your server.
22	+ * SEO friendly, your Facebook page / profile content becomes part of your website content. No iframes or JavaScript is involved.
23	+
24	+ Demo
25	+
26	+ [Recent FB Posts demo](http://wpdemo.dannyvankooten.com/), the widget is located in the right sidebar. As you can see, you can make the widget blend in with your theme perfectly.
27	+
28	+ Coming up
29	+
30	+ * Option to show a Like button
31	+ * Option to show "photo" updates
32	+ * Suggestions, anyone? Drop me a line if you do.
33	+
34	+ More info:
35	+
36	+ * [Recent Facebook Posts for WordPress](http://dannyvankooten.com/wordpress-plugins/recent-facebook-posts/)
37	+ * Check out more [WordPress plugins](http://dannyvankooten.com/wordpress-plugins/) by Danny van Kooten
38	+ * You should follow [Danny on Twitter](http://twitter.com/DannyvanKooten) for lightning fast support and updates.
39	+
40	+ == Installation ==
41	+
42	+ 1. Upload the contents of the .zip-file to the `/wp-content/plugins/` directory
43	+ 1. Activate the plugin through the 'Plugins' menu in WordPress
44	+ 1. [Create a new Facebook application here](http://developers.facebook.com/apps). Fill in ANY name you'd like (it won't be visible to the public), leave the namespace field blank and the hosting checkbox unchecked.
45	+ 1. Select "Website with Facebook login" and set your `Site URL`
46	+ 1. Copy your `App ID` and `App Secret` (see screenshot 1)
47	+ 1. Go to your WordPress Admin panel and open the Recent Facebook Posts options screen. (Settings > Recent Facebook Posts)
48	+ 1. Paste your Facebook `App id` and `App Secret`.
49	+ 1. Test your configuration by clicking the button "Renew access token".
50	+ 1. Drag the 'Recent FB Posts Widget' to one of your widget areas.
51	+ 1. (optional) Apply some custom CSS rules to style your recent FB posts widget. Just add them to your theme's CSS file.
52	+
53	+ If you're still in doubt, have a look at the [screenshots](http://wordpress.org/extend/plugins/recent-facebook-posts/screenshots/).
54	+
55	+ == Frequently Asked Questions ==
56	+
57	+ = What does this plugin do? =
58	+ This plugin adds a widget to your WordPress installation which you can use to list your X most recent Facebook posts. This can be either posts from your personal profile or from one of your fanpages. An example of the widget can be found [here](http://wpdemo.dannyvankooten.com/).
59	+
60	+ = Why not simply use FB's likebox? =
61	+ This plugin gives you the freedom to style your most recent facebook posts using plain old CSS, thus giving you much more freedom. Also, this plugin outputs valid HTML. Iframes are a thing of the past. Your Facebook posts are cached on your server so it is somewhat faster too.
62	+
63	+ = How to configure this plugin? =
64	+ Create a new Facebook application and fill in the field where it asks for your website URL. Then go to the configuration page of Recent Facebook Posts and copy-paste your App ID and App Secret. Have a look at the screenshots if you're not clear about which fields you need.
65	+
66	+ = Why do I need to create a Facebook application? =
67	+ In order to query content on Facebook an application is needed. Facebook doesn't allow their content publicly to anyone, they want to know "who is asking". You don't need to submit your app to the App Center in order for it to work though.
68	+
69	+ = Do you have a working demo I can take a look at? =
70	+ Sure, [here](http://wpdemo.dannyvankooten.com/). The widget is located in the right sidebar and shows posts from [my Facebook page](http://www.facebook.com/DannyvanKootenCOM). "Like" it, while you're at it!
71	+
72	+ = Facebook gives me this error when renewing the access token: The specified URL is not owned by the application =
73	+ You are running the plugin on a different (sub)domain then specified in your FB app configuration. Fix it by correctly setting your "Site URL" or by adding an App Domain if you are running the plugin on a subdomain.
74	+
75	+ = The plugin says it is connected, renewing my access token works but still there are no status updates to be shown. =
76	+ Please check if the page you are trying to fetch posts from has publicly available posts. The privacy setting of your status updates has to be "everyone" in order for the plugin to "see" your posts.
77	+
78	+ = Where to add custom CSS =
79	+ IMO, appearance should be handled by the theme you are using. This is why your custom CSS rules should be added to your theme's stylesheet file. You can find this file by browsing (over FTP) to `/wp-content/themes/your-theme-name/style.css`, or you can just use the WP Editor under Appearance > Editor.
80	+
81	+ == Screenshots ==
82	+
83	+ 1. The black bordered circles are the fields you'll need to provide to Facebook, at a minimum. The green circled fields are the values you'll need to provide to Recent Facebook Posts.
84	+ 2. The green circled fields are the fields where you'll need to provide your Facebook app id and app secret (as shown in screenshot 1).
85	+
86	+ == Changelog ==
87	+ = 1.0.5 =
88	+ * Added: More user-friendly error message when cURL is not enabled on your server.
89	+
90	+ = 1.0.4 =
91	+ * Improved: The way the excerpt is created, words (or links) won't be cut off now
92	+ * Fixed: FB API Error for unknown fields.
93	+ * Added: Images from FB will now be shown too. Drop me a line if you think this should be optional.
94	+
95	+ = 1.0.3 =
96	+ * Improved the way the link to the actual status update is created (thanks Nepumuk84).
97	+ * Improved: upped the limit of the call to Facebooks servers.
98	+
99	+ = 1.0.2 =
100	+ * Fixed a PHP notice in the backend area when renewing cache and fetching shared status updates.
101	+ * Added option to show link to Facebook page, with customizable text.
102	+
103	+ = 1.0.1 =
104	+ * Added error messages for easier debugging.
105	+
106	+ = 1.0 =
107	+ * Added option to load some default CSS
108	+ * Added option to show like count
109	+ * Added option to show comment count
110	+ * Improved usability. Configuring Recent Facebook Posts should be much easier now due to testing options.
111	+
112	+ = 0.1 =
113	+ * Initial release
114	+

recent-facebook-posts.php ADDED Viewed

	@@ -0,0 +1,39 @@


1	+ <?php
2	+ /*
3	+ Plugin Name: Recent Facebook Posts
4	+ Plugin URI: http://dannyvankooten.com/wordpress-plugins/recent-facebook-posts/
5	+ Description: Widget that lists your X most recent Facebook posts.
6	+ Version: 1.0.5
7	+ Author: Danny van Kooten
8	+ Author URI: http://dannyvankooten.com/
9	+ License: GPL2
10	+ */
11	+
12	+ /* Copyright 2012 Danny van Kooten (email : hi@dannyvankooten.com)
13	+
14	+ This program is free software; you can redistribute it and/or modify
15	+ it under the terms of the GNU General Public License, version 2, as
16	+ published by the Free Software Foundation.
17	+
18	+ This program is distributed in the hope that it will be useful,
19	+ but WITHOUT ANY WARRANTY; without even the implied warranty of
20	+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21	+ GNU General Public License for more details.
22	+
23	+ You should have received a copy of the GNU General Public License
24	+ along with this program; if not, write to the Free Software
25	+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
26	+ */
27	+
28	+ require_once dirname(__FILE__) . '/classes/class-rfb.php';
29	+ require_once dirname(__FILE__) . '/classes/class-rfb-widget.php';
30	+
31	+ $RFB = RFB::get_instance();
32	+ add_action( 'widgets_init', create_function( '', 'register_widget( "RFB_Widget" );' ) );
33	+
34	+ if(is_admin()) {
35	+ require_once dirname(__FILE__) . '/classes/class-rfb-admin.php';
36	+ $RFB_Admin = new RFB_Admin($RFB);
37	+ }
38	+
39	+

screenshot-1.png ADDED Viewed

Binary file

screenshot-2.png ADDED Viewed

Binary file

views/settings_page.html.php ADDED Viewed

	@@ -0,0 +1,132 @@


1	+ <h1>Recent Facebook Posts</h1>
2	+
3	+ <div id="rfb" class="wrap">
4	+ <div class="column" style="width:70%;">
5	+
6	+ <?php if($fb->getUser() && !$access_token) { ?>
7	+ <div id="setting-error-settings_updated" class="updated settings-error">
8	+ <p>
9	+ <strong>Your API settings seem fine but there is no valid access token available. </strong>
10	+ <a class="button-primary" href="<?php echo $fb->getLoginUrl(array('redirect_uri' => get_admin_url() . 'options-general.php?page=rfb-settings&rfb_renew_access_token')); ?>">Request Access Token</a>
11	+ </p>
12	+ </div>
13	+ <?php }
14	+
15	+ if(!$curl) { ?>
16	+ <div id="setting-error" class="error settings-error">
17	+ <p>
18	+ <strong>Error:</strong> Recent Facebook Posts needs the PHP cURL extension to be installed on your server.
19	+ </p>
20	+ </div>
21	+ <?php }
22	+
23	+ if(!$connected && isset($error)) { ?>
24	+ <div id="setting-error" class="error settings-error">
25	+ <p>The following error occured when trying to fetch a test post from <a target="_blank" href="http://www.facebook.com/<?php echo $opts['fb_id']; ?>">facebook.com/<?php echo $opts['fb_id']; ?></a></p>
26	+ <p>
27	+ <strong><?php echo $error->getType(); ?>:</strong>
28	+ <?php echo $error->getMessage(); ?>
29	+ </p>
30	+ </div>
31	+ <?php }
32	+
33	+ if(isset($cache_error)) { ?>
34	+ <div id="setting-error" class="error settings-error">
35	+ <p>
36	+ <strong>Cache error:</strong>
37	+ <?php echo $cache_error; ?>
38	+ </p>
39	+ </div>
40	+ <?php } ?>
41	+
42	+ <h3>Configuration</h3>
43	+ <form method="post" action="options.php">
44	+ <?php settings_fields( 'rfb_settings_group' ); ?>
45	+
46	+ <p class="status">Facebook API status: <span class="<?php echo ($connected) ? 'connected' : 'disconnected'; ?>"><?php echo ($connected) ? 'Connected' : 'Not Connected'; ?></span></p>
47	+
48	+ <table class="form-table">
49	+
50	+ <tr valign="top">
51	+ <th scope="row"><label for="rfb_app_id" <?php if(empty($opts['app_id'])) echo 'class="error"'; ?>>App ID</label></th>
52	+ <td><input type="text" size="50" id="rfb_app_id" name="rfb_settings[app_id]" value="<?php echo $opts['app_id']; ?>" /></td>
53	+ </tr>
54	+
55	+ <tr valign="top">
56	+ <th scope="row"><label for="rfb_app_secret" <?php if(empty($opts['app_secret'])) echo 'class="error"'; ?>>App Secret</label></th>
57	+ <td><input type="text" size="50" id="rfb_app_secret" name="rfb_settings[app_secret]" value="<?php echo $opts['app_secret']; ?>" /></td>
58	+ </tr>
59	+
60	+ <tr valign="top">
61	+ <th scope="row"><label for="rfb_fb_id" <?php if(empty($opts['fb_id'])) echo 'class="error"'; ?>>Facebook user id, page id or slug</label></th>
62	+ <td><input type="text" size="50" id="rfb_fb_id" name="rfb_settings[fb_id]" value="<?php echo $opts['fb_id']; ?>" /></td>
63	+ </tr>
64	+
65	+ <tr valign="top">
66	+ <th scope="row"><label for="rfb_cache_time">Cache expiry time <small>(in seconds)</small></label></th>
67	+ <td><input type="text" size="50" id="rfb_cache_time" name="rfb_settings[cache_time]" value="<?php echo $opts['cache_time']; ?>" /></td>
68	+ </tr>
69	+
70	+ <tr valign="top">
71	+ <th scope="row"><label for="rfb_link_text">Link text</label></th>
72	+ <td><input type="text" size="50" id="rfb_link_text" name="rfb_settings[link_text]" value="<?php echo $opts['link_text']; ?>" /></td>
73	+ </tr>
74	+
75	+ <tr valign="top">
76	+ <th scope="row"><label for="rfb_load_css">Load some default CSS?</label></th>
77	+ <td><input type="checkbox" id="rfb_load_css" name="rfb_settings[load_css]" value="1" <?php if(isset($opts['load_css']) && $opts['load_css']) { ?>checked="1" <?php } ?>/></td>
78	+ </tr>
79	+
80	+
81	+
82	+ </table>
83	+
84	+ <p class="submit">
85	+ <input type="submit" class="button-primary" value="<?php _e('Save Changes') ?>" />
86	+ </p>
87	+
88	+ </form>
89	+
90	+ <h3 title="<?php echo get_option('rfb_access_token'); ?>">Access Token</h3>
91	+ <p>Use this button to test your configuration. It also won't hurt to hit this button once in a month or so to renew your access token, although this should be taken care of automatically everytime you log into WordPress.</p>
92	+ <a class="button-primary" href="<?php echo $fb->getLoginUrl(array('redirect_uri' => get_admin_url() . 'options-general.php?page=rfb-settings&rfb_renew_access_token')); ?>">Test / Renew Access Token</a>
93	+
94	+ <h3>Cache</h3>
95	+ <p>Because fetching posts from Facebook is "expensive", this will only happen every <?php echo $opts['cache_time']; ?> seconds (as configured above). You can manually renew the cache using the button below.</p>
96	+ <form action="" method="post"><input type="submit" name="renew_cache" class="button-primary" value="<?php _e('Renew Cache'); ?>" /></form>
97	+ </div>
98	+
99	+ <div class="column clearfix" style="width:26%; margin-left:3%;">
100	+
101	+ <div id="rfb-donatebox" class="box">
102	+ <h3>Donate $10, $20 or $50</h3>
103	+ <p>I spent countless hours developing this plugin for <b>FREE</b>. If you like it, consider donating a token of your appreciation.</p>
104	+
105	+ <form action="https://www.paypal.com/cgi-bin/webscr" method="post">
106	+ <input type="hidden" name="cmd" value="_s-xclick">
107	+ <input type="hidden" name="encrypted" value="-----BEGIN PKCS7-----MIIHVwYJKoZIhvcNAQcEoIIHSDCCB0QCAQExggEwMIIBLAIBADCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEgYCT0Lls0OHcadQPQYia2dXZvq5rcZoIJYFsQ+hi7hkeIfew8hVWTmXNm0Ozm4+QsmPge4dQB0kxne5sPYthMNi+Z2H7JhxYSusg2zE8EmZ5emuKuJJUXpOvy6isBrDI/bO5jLiaWfRY6m7MptgNFTmAk5aLJ38pndiC4d2HI7DgmDELMAkGBSsOAwIaBQAwgdQGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQIcG/KgGJG4+CAgbAZAk1u0H3M6NrQ2UlHx8riGOe7ude8UWx1uTc5Lz+xhxuFyrQTrqJxFeAiwE/3x255YytoqcpjqIk8DGeyG7pRCB9umy19b0msl6f+9jVucP964tYbQ5+yIyMNyG6qio31tTLHIQJlZr3Z/bMxcQVF0NGNdjLhz+tyzBKfEO6dw9zp+LrGYEeD2WtqjBOESvd4qxIG0sSbAeHWL+Kvv1LlrmfHcP54iNs0gX0A7vgnA6CCA4cwggODMIIC7KADAgECAgEAMA0GCSqGSIb3DQEBBQUAMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbTAeFw0wNDAyMTMxMDEzMTVaFw0zNTAyMTMxMDEzMTVaMIGOMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC1BheVBhbCBJbmMuMRMwEQYDVQQLFApsaXZlX2NlcnRzMREwDwYDVQQDFAhsaXZlX2FwaTEcMBoGCSqGSIb3DQEJARYNcmVAcGF5cGFsLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwUdO3fxEzEtcnI7ZKZL412XvZPugoni7i7D7prCe0AtaHTc97CYgm7NsAtJyxNLixmhLV8pyIEaiHXWAh8fPKW+R017+EmXrr9EaquPmsVvTywAAE1PMNOKqo2kl4Gxiz9zZqIajOm1fZGWcGS0f5JQ2kBqNbvbg2/Za+GJ/qwUCAwEAAaOB7jCB6zAdBgNVHQ4EFgQUlp98u8ZvF71ZP1LXChvsENZklGswgbsGA1UdIwSBszCBsIAUlp98u8ZvF71ZP1LXChvsENZklGuhgZSkgZEwgY4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLUGF5UGFsIEluYy4xEzARBgNVBAsUCmxpdmVfY2VydHMxETAPBgNVBAMUCGxpdmVfYXBpMRwwGgYJKoZIhvcNAQkBFg1yZUBwYXlwYWwuY29tggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAgV86VpqAWuXvX6Oro4qJ1tYVIT5DgWpE692Ag422H7yRIr/9j/iKG4Thia/Oflx4TdL+IFJBAyPK9v6zZNZtBgPBynXb048hsP16l2vi0k5Q2JKiPDsEfBhGI+HnxLXEaUWAcVfCsQFvd2A1sxRr67ip5y2wwBelUecP3AjJ+YcxggGaMIIBlgIBATCBlDCBjjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtQYXlQYWwgSW5jLjETMBEGA1UECxQKbGl2ZV9jZXJ0czERMA8GA1UEAxQIbGl2ZV9hcGkxHDAaBgkqhkiG9w0BCQEWDXJlQHBheXBhbC5jb20CAQAwCQYFKw4DAhoFAKBdMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTEyMDkyNjE0NTA1NlowIwYJKoZIhvcNAQkEMRYEFNb+ez+3/yYAFKTTJDenMAGeJ9wFMA0GCSqGSIb3DQEBAQUABIGACgD62tdwUiZEHvxXah0PD5Uhm7bczijYxM30zo2Yuidfsdx9au55zSS+Pps6gg0tfT513yekvaR2LKJv1fnOUZPAfe15/kOhD5HS8Xj+rtGW9ZZmVIFSEWMJSeU/22s3gNy8t0bUFjyFvYGkubhhskQ2KtEaZ9ixgW1VmvuORBY=-----END PKCS7-----
108	+ ">
109	+ <input type="image" src="https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
110	+ <img alt="" border="0" src="https://www.paypalobjects.com/nl_NL/i/scr/pixel.gif" width="1" height="1">
111	+ </form>
112	+
113	+ <p>Or you can: </p>
114	+ <ul>
115	+ <li><a href="http://wordpress.org/extend/plugins/recent-facebook-posts/">Give a 5★ rating on WordPress.org</a></li>
116	+ <li><a href="http://dannyvankooten.com/wordpress-plugins/recent-facebook-posts/">Blog about it and link to the plugin page</a></li>
117	+ <li style="vertical-align:bottom;"><a href="http://twitter.com/share" class="twitter-share-button" data-url="http://dannyvankooten.com/wordpress-plugins/recent-facebook-posts/" data-text="Showing my appreciation to @DannyvanKooten for his #WordPress plugin: Recent Facebook Posts" data-count="none">Tweet</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script></li>
118	+ </ul>
119	+ </div>
120	+
121	+ <div class="box">
122	+ <h3>Looking for support?</h3>
123	+ <p>Having trouble configuring Recent Facebook Posts? Experiencing an error or just having a great idea on how to further
124	+ improve the plugin? Please post your question / idea / problem in the <a href="http://wordpress.org/support/plugin/recent-facebook-posts">support forums</a> on WordPress.org.</p>
125	+ </div>
126	+
127	+ <div class="box">
128	+ <h3>Looking for more WordPress goodness?</h3>
129	+ <p>Have a look around on my personal website, <a href="http://dannyvankooten.com/">DannyvanKooten.com</a>.</p>
130	+ </div>
131	+ </div>
132	+ </div>