signed request does not degrade gracefully if user modifies the signe…
1. ensure that signed_request has at least one "." character to avoid PHP notices.
2. fall back to COOKIE signed_request if REQUEST signed_request fails to parse.
I've signed the document listed here: https://developers.facebook.com/opensource/cla