• Nov 19, 2013

    v3.2.3

    Added ability to disable the signed_request parameter for non-canvas …
    …apps.
  • Jan 15, 2013

    v3.2.2

    Merge pull request #57 from kilotaras/vulnerability_bug
    Fixed a vulnerability with signed requests
  • Nov 27, 2012

    v3.2.1

    Bumping to 3.2.1 with updated cert bundle.
    
  • Sep 8, 2012
  • Aug 9, 2011

    v3.1.1

    Extract the `code` from the `signed_request` for JS SDK pairing
    
  • Aug 5, 2011

    v3.1.0

    Adding support for the JS cookie and its use in the PHP SDK
    
  • Jun 1, 2011

    v3.0.1

    Upgraded to version 3.0.1.
    Unit tests can be run from the command line using:
    
      phpunit --colors --coverage-html coverage --verbose --stderr --bootstrap tests/bootstrap.php tests/tests.php
    
    Changes:
    + Added a new bootstrap file (as bootstrap.php) that helps the unit tests run more smoothly.
    + Allow for the possibility that session_start has already been called prior to construction of a Facebook class.
    + Updated the app-secret unit test to confirm that Desktop applications require a user access token to get insights.
    + Make sure that current URLs like /example.php?a=b&c=&d retain their structure (don't strip or introduce an equals
      sign for valueless GET params), and added unit tests to exercise this.
    + CSRF state is now managed using the persistent store instead of cookies.
  • May 21, 2011

    v3.0.0

    Updated to use access tokens instead of sessions internally.
    This implies many changes to the storage scheme, which is
    why it is a major revision.
    
    Upgrading from a previous version should change most
    getSession() calls to getUser() which returns
    a User's ID instead of a session object.
    
    See: https://developers.facebook.com/blog/post/503
  • Sep 13, 2010

    v2.1.2

    Supported the new OAuth2 error format
    
  • Aug 5, 2010