Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Comparing changes

Choose two branches to see what's changed or to start a new pull request. If you need to, you can also compare across forks.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also compare across forks.
base fork: jeherve/WP-Facebook-applications
base: 7cf9f3c483
...
head fork: jeherve/WP-Facebook-applications
compare: ac0a53d98f
Checking mergeability… Don't worry, you can still create the pull request.
  • 13 commits
  • 7 files changed
  • 0 commit comments
  • 1 contributor
View
7 css/fblayout.css
@@ -151,9 +151,4 @@ h4 {
padding: 10px;
font-size: 13px;
font-weight: bold;
-}
-
-/* Hide WordPress admin bar at all times */
-.show-admin-bar {
- display: none;
-}
+}
View
184 lib/base_facebook.php
@@ -150,6 +150,7 @@ public function __toString() {
'api_video' => 'https://api-video.facebook.com/',
'api_read' => 'https://api-read.facebook.com/',
'graph' => 'https://graph.facebook.com/',
+ 'graph_video' => 'https://graph-video.facebook.com/',
'www' => 'https://www.facebook.com/',
);
@@ -161,11 +162,11 @@ public function __toString() {
protected $appId;
/**
- * The Application API Secret.
+ * The Application App Secret.
*
* @var string
*/
- protected $apiSecret;
+ protected $appSecret;
/**
* The ID of the Facebook user, or 0 if the user is logged out.
@@ -211,7 +212,7 @@ public function __toString() {
*/
public function __construct($config) {
$this->setAppId($config['appId']);
- $this->setApiSecret($config['secret']);
+ $this->setAppSecret($config['secret']);
if (isset($config['fileUpload'])) {
$this->setFileUploadSupport($config['fileUpload']);
}
@@ -243,23 +244,45 @@ public function getAppId() {
}
/**
- * Set the API Secret.
+ * Set the App Secret.
*
- * @param string $apiSecret The API Secret
+ * @param string $apiSecret The App Secret
* @return BaseFacebook
+ * @deprecated
*/
public function setApiSecret($apiSecret) {
- $this->apiSecret = $apiSecret;
+ $this->setAppSecret($apiSecret);
return $this;
}
/**
- * Get the API Secret.
+ * Set the App Secret.
*
- * @return string the API Secret
+ * @param string $appSecret The App Secret
+ * @return BaseFacebook
+ */
+ public function setAppSecret($appSecret) {
+ $this->appSecret = $appSecret;
+ return $this;
+ }
+
+ /**
+ * Get the App Secret.
+ *
+ * @return string the App Secret
+ * @deprecated
*/
public function getApiSecret() {
- return $this->apiSecret;
+ return $this->getAppSecret();
+ }
+
+ /**
+ * Get the App Secret.
+ *
+ * @return string the App Secret
+ */
+ public function getAppSecret() {
+ return $this->appSecret;
}
/**
@@ -278,11 +301,22 @@ public function setFileUploadSupport($fileUploadSupport) {
*
* @return boolean true if and only if the server supports file upload.
*/
- public function useFileUploadSupport() {
+ public function getFileUploadSupport() {
return $this->fileUploadSupport;
}
/**
+ * DEPRECATED! Please use getFileUploadSupport instead.
+ *
+ * Get the file upload support status.
+ *
+ * @return boolean true if and only if the server supports file upload.
+ */
+ public function useFileUploadSupport() {
+ return $this->getFileUploadSupport();
+ }
+
+ /**
* Sets the access token for api calls. Use this if you get
* your access token by other means and just want the SDK
* to use it.
@@ -568,6 +602,17 @@ protected function getSignedRequestCookieName() {
}
/**
+ * Constructs and returns the name of the coookie that potentially contain
+ * metadata. The cookie is not set by the BaseFacebook class, but it may be
+ * set by the JavaScript SDK.
+ *
+ * @return string the name of the cookie that would house metadata.
+ */
+ protected function getMetadataCookieName() {
+ return 'fbm_'.$this->getAppId();
+ }
+
+ /**
* Get the authorization code from the query parameters, if it exists,
* and otherwise return false to signal no authorization code was
* discoverable.
@@ -621,7 +666,7 @@ protected function getUserFromAccessToken() {
* public information about users and applications.
*/
protected function getApplicationAccessToken() {
- return $this->appId.'|'.$this->apiSecret;
+ return $this->appId.'|'.$this->appSecret;
}
/**
@@ -664,7 +709,7 @@ protected function getAccessTokenFromCode($code, $redirect_uri = null) {
$this->_oauthRequest(
$this->getUrl('graph', '/oauth/access_token'),
$params = array('client_id' => $this->getAppId(),
- 'client_secret' => $this->getApiSecret(),
+ 'client_secret' => $this->getAppSecret(),
'redirect_uri' => $redirect_uri,
'code' => $code));
} catch (FacebookApiException $e) {
@@ -718,6 +763,21 @@ protected function _restserver($params) {
}
/**
+ * Return true if this is video post.
+ *
+ * @param string $path The path
+ * @param string $method The http method (default 'GET')
+ *
+ * @return boolean true if this is video post
+ */
+ protected function isVideoPost($path, $method = 'GET') {
+ if ($method == 'POST' && preg_match("/^(\/)(.+)(\/)(videos)$/", $path)) {
+ return true;
+ }
+ return false;
+ }
+
+ /**
* Invoke the Graph API.
*
* @param string $path The path (required)
@@ -734,8 +794,14 @@ protected function _graph($path, $method = 'GET', $params = array()) {
}
$params['method'] = $method; // method override as we always do a POST
+ if ($this->isVideoPost($path, $method)) {
+ $domainKey = 'graph_video';
+ } else {
+ $domainKey = 'graph';
+ }
+
$result = json_decode($this->_oauthRequest(
- $this->getUrl('graph', $path),
+ $this->getUrl($domainKey, $path),
$params
), true);
@@ -788,7 +854,7 @@ protected function makeRequest($url, $params, $ch=null) {
}
$opts = self::$CURL_OPTS;
- if ($this->useFileUploadSupport()) {
+ if ($this->getFileUploadSupport()) {
$opts[CURLOPT_POSTFIELDS] = $params;
} else {
$opts[CURLOPT_POSTFIELDS] = http_build_query($params, null, '&');
@@ -851,7 +917,7 @@ protected function parseSignedRequest($signed_request) {
// check sig
$expected_sig = hash_hmac('sha256', $payload,
- $this->getApiSecret(), $raw = true);
+ $this->getAppSecret(), $raw = true);
if ($sig !== $expected_sig) {
self::errorLog('Bad Signed JSON signature!');
return null;
@@ -968,9 +1034,10 @@ protected function getUrl($name, $path='', $params=array()) {
* @return string The current URL
*/
protected function getCurrentUrl() {
- if (isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] == 1)
- || isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'
- ) {
+ if (isset($_SERVER['HTTPS']) &&
+ ($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] == 1) ||
+ isset($_SERVER['HTTP_X_FORWARDED_PROTO']) &&
+ $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
$protocol = 'https://';
}
else {
@@ -1030,7 +1097,7 @@ protected function shouldRetainParam($param) {
/**
* Analyzes the supplied result to see if it was thrown
* because the access token is no longer valid. If that is
- * the case, then the persistent store is cleared.
+ * the case, then we destroy the session.
*
* @param $result array A record storing the error message returned
* by a failed API call.
@@ -1042,13 +1109,16 @@ protected function throwAPIException($result) {
case 'OAuthException':
// OAuth 2.0 Draft 10 style
case 'invalid_token':
+ // REST server errors are just Exceptions
+ case 'Exception':
$message = $e->getMessage();
- if ((strpos($message, 'Error validating access token') !== false) ||
- (strpos($message, 'Invalid OAuth access token') !== false)) {
- $this->setAccessToken(null);
- $this->user = 0;
- $this->clearAllPersistentData();
- }
+ if ((strpos($message, 'Error validating access token') !== false) ||
+ (strpos($message, 'Invalid OAuth access token') !== false) ||
+ (strpos($message, 'An active access token must be used') !== false)
+ ) {
+ $this->destroySession();
+ }
+ break;
}
throw $e;
@@ -1088,9 +1158,67 @@ protected static function base64UrlDecode($input) {
* Destroy the current session
*/
public function destroySession() {
- $this->setAccessToken(null);
- $this->user = 0;
+ $this->accessToken = null;
+ $this->signedRequest = null;
+ $this->user = null;
$this->clearAllPersistentData();
+
+ // Javascript sets a cookie that will be used in getSignedRequest that we
+ // need to clear if we can
+ $cookie_name = $this->getSignedRequestCookieName();
+ if (array_key_exists($cookie_name, $_COOKIE)) {
+ unset($_COOKIE[$cookie_name]);
+ if (!headers_sent()) {
+ // The base domain is stored in the metadata cookie if not we fallback
+ // to the current hostname
+ $base_domain = '.'. $_SERVER['HTTP_HOST'];
+
+ $metadata = $this->getMetadataCookie();
+ if (array_key_exists('base_domain', $metadata) &&
+ !empty($metadata['base_domain'])) {
+ $base_domain = $metadata['base_domain'];
+ }
+
+ setcookie($cookie_name, '', 0, '/', $base_domain);
+ } else {
+ self::errorLog(
+ 'There exists a cookie that we wanted to clear that we couldn\'t '.
+ 'clear because headers was already sent. Make sure to do the first '.
+ 'API call before outputing anything'
+ );
+ }
+ }
+ }
+
+ /**
+ * Parses the metadata cookie that our Javascript API set
+ *
+ * @return an array mapping key to value
+ */
+ protected function getMetadataCookie() {
+ $cookie_name = $this->getMetadataCookieName();
+ if (!array_key_exists($cookie_name, $_COOKIE)) {
+ return array();
+ }
+
+ // The cookie value can be wrapped in "-characters so remove them
+ $cookie_value = trim($_COOKIE[$cookie_name], '"');
+
+ if (empty($cookie_value)) {
+ return array();
+ }
+
+ $parts = explode('&', $cookie_value);
+ $metadata = array();
+ foreach ($parts as $part) {
+ $pair = explode('=', $part, 2);
+ if (!empty($pair[0])) {
+ $metadata[urldecode($pair[0])] =
+ (count($pair) > 1) ? urldecode($pair[1]) : '';
+ }
+ }
+
+ return $metadata;
}
/**
@@ -1138,4 +1266,4 @@ public function destroySession() {
* @return void
*/
abstract protected function clearAllPersistentData();
-}
+}
View
7 lib/channel.php
@@ -0,0 +1,7 @@
+<?php
+ $cache_expire = 60*60*24*365;
+ header("Pragma: public");
+ header("Cache-Control: max-age=".$cache_expire);
+ header('Expires: ' . gmdate('D, d M Y H:i:s', time()+$cache_expire) . ' GMT');
+ ?>
+ <script src="//connect.facebook.net/en_US/all.js"></script>
View
4 lib/facebook.php
@@ -33,9 +33,7 @@ class Facebook extends BaseFacebook
* @see BaseFacebook::__construct in facebook.php
*/
public function __construct($config) {
- if (!session_id()) {
- session_start();
- }
+ @session_start();
parent::__construct($config);
}
View
22 readme.txt
@@ -1,10 +1,10 @@
=== WP-Facebook applications ===
-Contributors: hd-J
-Donate link: http://jeremy.tagada.hu
+Contributors: jeherve, hd-J
+Donate link: http://jeremyherve.com
Tags: facebook, application, campaign, tab, custom post type, custom fields
Requires at least: 3.0
-Tested up to: 3.3
-Stable tag: 0.4.4
+Tested up to: 3.4
+Stable tag: 0.4.5
Create custom tabs for your Facebook pages, hosted on your WordPress blog.
@@ -18,11 +18,11 @@ Thus plugin allows you to create as many tabs as you wish through WordPress.
For more information, check the documentation:
- [Documentation - EN](http://www.werewp.com/my-plugins/wp-facebook-applications/ "WP Facebook Applications documentation")
-- [Documentation - FR](http://jeremy.tagada.hu/extension-wp-facebook-applications/ "Extension : WP Facebook Applications")
+- [Documentation - FR](http://jeremyherve.com/extension-wp-facebook-applications/ "Extension : WP Facebook Applications")
This plugin is a work in progress. Do not hesitate to send me your remarks, suggestions and ideas for the future version of this plugin.
-Please note that this plugin uses the [Facebook PHP SDK](http://github.com/facebook/php-sdk "Facebook PHP SDK")
+Please note that this plugin uses the [Facebook PHP SDK](https://github.com/facebook/facebook-php-sdk "Facebook PHP SDK")
== Installation ==
@@ -54,7 +54,7 @@ One of the images you have added to your page is too large to fit in the page. A
= When viewing my application tab on Facebook, I get a blank page, or a message telling me to switch to a HTTPS connection =
-The only way to solve the issue is to buy an SSL certificate for your domain, and once set, fill in the secure URL for your tab in the applications settings.
+You MUST have an SSL certificate for your domain, and once set, fill in the secure URL for your tab in the applications settings. You cannot create Facebook applications without it.
= How do I add the application I just created to my page? =
@@ -62,8 +62,12 @@ When viewing your [application settings page](http://www.facebook.com/developers
== Changelog ==
-= Current =
-* Hide WP admin bar on tab view
+= 0.4.5 =
+* Update to the latest version of Facebook PHP SDK
+* Update to the latest recommendations of Facebook for SDK asynchronous call
+* Change flush rewrite rules. Now flushing only on plugin activation
+* Fix WP_CONFIG warnings
+* Fixes session_start issue (headers already sent problem for some users)
= 0.4.4 =
* Save Facebook App settings only for the plugin tabs, not for other custom post types
View
67 template.php
@@ -3,7 +3,7 @@
* This template acts as template file for the werewp_fbapp custom post type
*/
?>
-<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraphprotocol.org/schema/" <?php language_attributes(); ?> >
+<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" xmlns:og="http://opengraphprotocol.org/schema/" <?php language_attributes(); ?>>
<head>
<meta charset="<?php bloginfo( 'charset' ); ?>" />
<base target="_blank">
@@ -82,38 +82,41 @@
<?php /* End loop */ endwhile; ?>
<div id="fb-root"></div>
- <script>
- window.fbAsyncInit = function() {
- FB.init({
- appId : '<?php echo $facebook->getAppId(); ?>',
- session : <?php echo json_encode($session); ?>, // don't refetch the session when PHP already has it
- status : true, // check login status
- cookie : true, // enable cookies to allow the server to access the session
- xfbml : true, // parse XFBML
- oauth : true
- });
-
- // whenever the user logs in, we refresh the page
- FB.Event.subscribe('auth.login', function() {
- window.location.reload();
- });
-
- // Auto resize of the page
- FB.Canvas.setAutoResize();
- };
-
- // Do things that will sometimes call sizeChangeCallback()
- function sizeChangeCallback() {
+ <script type="text/javascript">
+ window.fbAsyncInit = function() {
+ FB.init({
+ appId : '<?php echo $facebook->getAppId(); ?>',
+ channelUrl : '<?php echo plugins_url( 'wp-facebook-applications/lib/channel.php' , __FILE__ ); ?>', // Channel File
+ session : <?php echo json_encode($session); ?>, // don't refetch the session when PHP already has it
+ status : true, // check login status
+ cookie : true, // enable cookies to allow the server to access the session
+ xfbml : true, // parse XFBML
+ oauth : true
+ });
+
+ // whenever the user logs in, we refresh the page
+ FB.Event.subscribe('auth.login', function() {
+ window.location.reload();
+ });
+
+ // Auto resize of the page
+ FB.Canvas.setAutoResize();
+ };
+
+ // Do things that will sometimes call sizeChangeCallback()
+ function sizeChangeCallback() {
FB.Canvas.setAutoResize();
- }
-
- (function() {
- var e = document.createElement('script');
- e.src = document.location.protocol + '//connect.facebook.net/en_US/all.js';
- e.async = true;
- document.getElementById('fb-root').appendChild(e);
- }());
- </script>
+ }
+
+ // Load SDK asynchronously
+ (function(d){
+ var js, id = 'facebook-jssdk', ref = d.getElementsByTagName('script')[0];
+ if (d.getElementById(id)) {return;}
+ js = d.createElement('script'); js.id = id; js.async = true;
+ js.src = "//connect.facebook.net/en_US/all.js";
+ ref.parentNode.insertBefore(js, ref);
+ }(document));
+ </script>
<?php wp_footer(); ?>
</body>
View
46 wp-fb-applications.php
@@ -1,28 +1,13 @@
<?php
/*
Plugin Name: WP-Facebook applications
-Version: 0.4.4
-Plugin URI: http://www.werewp.com/my-plugins/wp-facebook-applications/
+Version: 0.4.5
+Plugin URI: http://jeremyherve.com/extension-wp-facebook-applications/
Description: Create custom tabs for your Facebook pages, hosted on your WordPress blog.
Author: Jeremy Herve
-Author URI: http://jeremy.tagada.hu
+Author URI: http://jeremyherve.com
License: GPL2
*/
-/* Copyright 2011 Jeremy Herve (email : jeremy@tagada.hu)
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License, version 2, as
- published by the Free Software Foundation.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
-*/
define( 'WPFBAPPS_URL', plugin_dir_url(__FILE__) );
@@ -60,10 +45,15 @@ function werewp_fbapp_post_type() {
'taxonomies' => array( 'app_id', 'app_secret', 'app_fbcomments' ),
)
);
- flush_rewrite_rules();
}
add_action( 'init', 'werewp_fbapp_post_type' );
+// Flush rewrite rules when the plugin is activated
+function werewp_flush_rewrite() {
+ flush_rewrite_rules();
+}
+register_activation_hook( __FILE__, 'werewp_flush_rewrite' );
+
// Add support for thumbnails
add_post_type_support( 'werewp_fbapp', 'thumbnail' );
@@ -101,10 +91,10 @@ function werewp_fbapps_metaboxes(){
function werewp_fbappappparameters() {
global $post;
- $custom = get_post_custom($post->ID);
- $appid = $custom['appid'][0];
- $appsecret = $custom['appsecret'][0];
- $fbcomments = $custom['fbcomments'][0];
+
+ if (isset($post)) {
+ $custom = get_post_custom($post->ID);
+ }
?>
<h3><?php _e( 'Create your application on Facebook', 'werewpfbapps' ); ?></h3>
<p><?php _e( 'Before to start creating content, you must create an application on Facebook:', 'werewpfbapps' ); ?>
@@ -113,11 +103,11 @@ function werewp_fbappappparameters() {
<h3><?php _e( 'Fill it application details', 'werewpfbapps' ); ?></h3>
<p><?php _e( 'You now have the necessary information to fill in the parameters below:', 'werewpfbapps' ); ?></p>
<p><label><strong><?php _e( 'Application ID:', 'werewpfbapps' ); ?></strong></label><br />
- <textarea cols="50" rows="1" name="appid"><?php echo $appid; ?></textarea></p>
+ <textarea cols="50" rows="1" name="appid"><?php if( isset( $custom["appid"][0] ) ) { print $custom["appid"][0]; } ?></textarea></p>
<p><label><strong><?php _e( 'Application Secret:', 'werewpfbapps' ); ?></strong></label><br />
- <textarea cols="50" rows="1" name="appsecret"><?php echo $appsecret; ?></textarea></p>
+ <textarea cols="50" rows="1" name="appsecret"><?php if( isset( $custom["appsecret"][0] ) ) { print $custom["appsecret"][0]; } ?></textarea></p>
<p><label><strong><?php _e( 'Number of Facebook comments displayed</strong> (leave empty if you do not wish to have this feature enabled):', 'werewpfbapps' ); ?></label><br />
- <textarea cols="1" rows="1" name="fbcomments"><?php echo $fbcomments; ?></textarea></p>
+ <textarea cols="1" rows="1" name="fbcomments"><?php if( isset( $custom["fbcomments"][0] ) ) { print $custom["fbcomments"][0]; } ?></textarea></p>
<h3><?php _e( 'Choose the image displayed to the non-fans of your page', 'werewpfbapps' ); ?></h3>
<p><?php _e( 'Facebook users who are not fans of your page will see a single image, that you input in the <strong>Featured image</strong> area of this page.<br/>If you don\'t want any specific content for the non-fans, simply leave the Featured Image empty, and all viewers will see all the content.', 'werewpfbapps' ); ?></p>
<h3><?php _e( 'Add content for your fans to see', 'werewpfbapps' ); ?></h3>
@@ -130,7 +120,7 @@ function werewp_fbappappparameters() {
function werewp_save_details(){
global $post;
- if ( $post->post_type == 'werewp_fbapp' ) {
+ if (isset($post) && $post->post_type == 'werewp_fbapp') {
update_post_meta($post->ID, 'appid', $_POST['appid']);
update_post_meta($post->ID, 'appsecret', $_POST['appsecret']);
update_post_meta($post->ID, 'fbcomments', $_POST['fbcomments']);
@@ -193,7 +183,7 @@ function werewp_fbapp_template() {
function werewp_fbapps_style() {
$fbapps_style = WPFBAPPS_URL . 'css/fblayout.css';
- if ( 'werewp_fbapp' == get_post_type() && !is_admin() ) {
+ if ( 'werewp_fbapp' == get_post_type() && !is_admin() ) {
wp_register_style('werewp-fbapps', $fbapps_style);
wp_enqueue_style( 'werewp-fbapps');
}

No commit comments for this range

Something went wrong with that request. Please try again.