• Nov 19, 2013


    Added ability to disable the signed_request parameter for non-canvas …
  • Jan 15, 2013


    Merge pull request #57 from kilotaras/vulnerability_bug
    Fixed a vulnerability with signed requests
  • Nov 27, 2012


    Bumping to 3.2.1 with updated cert bundle.
  • Sep 8, 2012
  • Aug 9, 2011


    Extract the `code` from the `signed_request` for JS SDK pairing
  • Aug 5, 2011


    Adding support for the JS cookie and its use in the PHP SDK
  • Jun 1, 2011


    Upgraded to version 3.0.1.
    Unit tests can be run from the command line using:
      phpunit --colors --coverage-html coverage --verbose --stderr --bootstrap tests/bootstrap.php tests/tests.php
    + Added a new bootstrap file (as bootstrap.php) that helps the unit tests run more smoothly.
    + Allow for the possibility that session_start has already been called prior to construction of a Facebook class.
    + Updated the app-secret unit test to confirm that Desktop applications require a user access token to get insights.
    + Make sure that current URLs like /example.php?a=b&c=&d retain their structure (don't strip or introduce an equals
      sign for valueless GET params), and added unit tests to exercise this.
    + CSRF state is now managed using the persistent store instead of cookies.
  • May 21, 2011


    Updated to use access tokens instead of sessions internally.
    This implies many changes to the storage scheme, which is
    why it is a major revision.
    Upgrading from a previous version should change most
    getSession() calls to getUser() which returns
    a User's ID instead of a session object.
    See: https://developers.facebook.com/blog/post/503
  • Sep 13, 2010


    Supported the new OAuth2 error format
  • Aug 5, 2010