So I have been using an open source twitter php class I got a few months back, and all of a sudden, it started to throw me errors last night. You can see what is happening here:
www.campusmediawatch.org
It says it requires authentication but I do authenticate and it has been working for months since last night. Any ideas? Here are the functions:
public function getFriends($id = null, $page = null)
{
// build parameters
$aParameters = array();
if($page !== null) $aParameters['page'] = (int) $page;
// build url
$url = 'statuses/friends.xml';
if($id !== null) $url = 'statuses/friends/'. urlencode($id) .'.xml';
// do the call
$response = $this->doCall($url, $aParameters, true, false);
// convert into xml-object
$xml = #simplexml_load_string($response);
// validate
if($xml == false) throw new TwitterException('invalid body');
// init var
$aUsers = array();
// loop statuses
foreach ($xml->user as $user) $aUsers[] = $this->userXMLToArray($user);
// return
return (array) $aUsers;
}
And here is the code that makes the curl call:
private function doCall($url, $aParameters = array(), $authenticate = false, $usePost = true)
{
// redefine
$url = (string) $url;
$aParameters = (array) $aParameters;
$authenticate = (bool) $authenticate;
$usePost = (bool) $usePost;
// build url
$url = self::TWITTER_API_URL .'/'. $url;
// validate needed authentication
if($authenticate && ($this->getUsername() == '' || $this->getPassword() == '')) throw new TwitterException('No username or password was set.');
// rebuild url if we don't use post
if(!empty($aParameters) && !$usePost)
{
// init var
$queryString = '';
// loop parameters and add them to the queryString
foreach($aParameters as $key => $value) $queryString .= '&'. $key .'='. urlencode(utf8_encode($value));
// cleanup querystring
$queryString = trim($queryString, '&');
// append to url
$url .= '?'. $queryString;
}
// set options
$options[CURLOPT_URL] = $url;
$options[CURLOPT_PORT] = self::TWITTER_API_PORT;
$options[CURLOPT_USERAGENT] = $this->getUserAgent();
$options[CURLOPT_FOLLOWLOCATION] = true;
$options[CURLOPT_RETURNTRANSFER] = true;
$options[CURLOPT_TIMEOUT] = (int) $this->getTimeOut();
// should we authenticate?
if($authenticate)
{
$options[CURLOPT_HTTPAUTH] = CURLAUTH_BASIC;
$options[CURLOPT_USERPWD] = $this->getUsername() .':'. $this->getPassword();
}
// are there any parameters?
if(!empty($aParameters) && $usePost)
{
$var = '';
// rebuild parameters
foreach($aParameters as $key => $value) $var .= '&'. $key .'='. urlencode($value);
// set extra options
$options[CURLOPT_POST] = true;
$options[CURLOPT_POSTFIELDS] = trim($var, '&');
// Probaly Twitter's webserver doesn't support the Expect: 100-continue header. So we reset it.
$options[CURLOPT_HTTPHEADER] = array('Expect:');
}
// init
$curl = curl_init();
// set options
curl_setopt_array($curl, $options);
// execute
$response = curl_exec($curl);
$headers = curl_getinfo($curl);
// fetch errors
$errorNumber = curl_errno($curl);
$errorMessage = curl_error($curl);
// close
curl_close($curl);
// validate body
$xml = #simplexml_load_string($response);
if($xml !== false && isset($xml->error)) throw new TwitterException((string) $xml->error);
// invalid headers
if(!in_array($headers['http_code'], array(0, 200)))
{
// should we provide debug information
if(self::DEBUG)
{
// make it output proper
echo '<pre>';
// dump the header-information
var_dump($headers);
// dump the raw response
var_dump($response);
// end proper format
echo '</pre>';
// stop the script
exit;
}
// throw error
throw new TwitterException(null, (int) $headers['http_code']);
}
// error?
if($errorNumber != '') throw new TwitterException($errorMessage, $errorNumber);
// return
return $response;
}
I managed to find the twitter library you are using in a wordpress plugins repository. I hope it is the same one.
I played around with my account using it and I managed to get it working alright. I think you might have to try and log into your twitter account because that error only seems to occur when your account username and password are invalid (thus failed to authenticate on twitter)
So try and log in to your account and make sure your username and password are the same as what you using to initialize the twitter class.
e.g.
$twitter_api = new Twitter(<username>, <password>);
Related
I created curl in php for use shopify product rest API. Now I want to create pagination in that.
How to create?
Link: "<https://{shop}.myshopify.com/admin/api/{version}/products.json?page_info={page_info}&limit={limit}>; rel={next}, <https://{shop}.myshopify.com/admin/api/{version}/products.json?page_info={page_info}&limit={limit}>; rel={previous}"
How to use Link ?
Thanks
Below function can help you. to fetch data using API in Php/Laravel
public function request($method,$url,$param = []){
$client = new \GuzzleHttp\Client();
$url = 'https://'.$this->username.':'.$this->password.'#'.$this->domain.'/admin/api/2019-10/'.$url;
$parameters = [
'headers' => [
'Content-Type' => 'application/json',
'Accept' => 'application/json'
]
];
if(!empty($param)){ $parameters['json'] = $param;}
$response = $client->request($method, $url,$parameters);
$responseHeaders = $response->getHeaders();
$tokenType = 'next';
if(array_key_exists('Link',$responseHeaders)){
$link = $responseHeaders['Link'][0];
$tokenType = strpos($link,'rel="next') !== false ? "next" : "previous";
$tobeReplace = ["<",">",'rel="next"',";",'rel="previous"'];
$tobeReplaceWith = ["","","",""];
parse_str(parse_url(str_replace($tobeReplace,$tobeReplaceWith,$link),PHP_URL_QUERY),$op);
$pageToken = trim($op['page_info']);
}
$rateLimit = explode('/', $responseHeaders["X-Shopify-Shop-Api-Call-Limit"][0]);
$usedLimitPercentage = (100*$rateLimit[0])/$rateLimit[1];
if($usedLimitPercentage > 95){sleep(5);}
$responseBody = json_decode($response->getBody(),true);
$r['resource'] = (is_array($responseBody) && count($responseBody) > 0) ? array_shift($responseBody) : $responseBody;
$r[$tokenType]['page_token'] = isset($pageToken) ? $pageToken : null;
return $r;
}
Example usage of this function
$product_ids = [];
$nextPageToken = null;
do{
$response = $shop->request('get','products.json?limit=250&page_info='.$nextPageToken);
foreach($response['resource'] as $product){
array_push($product_ids, $product['id']);
}
$nextPageToken = $response['next']['page_token'] ?? null;
}while($nextPageToken != null);
If you want to use graphQL api in php / laravel then below post can help you
How to request shopify graphql-admin-api from an api?
As of API version 2019-07 you do indeed need to use cursor based pagination.
First make a normal API call, include the header response.
Then in the header response you will see link : ... with rel next or previous.
Extract the page_info and then make another call with page_info.
The first call is something like this:
https://...:...#xyz.myshopify.com/admin/api/2019-10/products.json?limit=2&published_status=published
Then the second call is
https://...:...#xyz.myshopify.com/admin/api/2019-10/products.json?limit=2&page_info=asdfas1321asdf3as1f651saf61s3f1x32v1akjhfasdj
When you make the second call, remove any filers as the filters will be applied from the first call.
Btw: if your testing in a browser due to the way the link is in angle brackets, it will be hidden, so just view source code in your developer environment.
Reference: https://help.shopify.com/en/api/guides/paginated-rest-results
private $shop_url = '';
private $shop_user = '';
private $shop_password = '';
function __construct($shop) {
$this->shop_url = $shop->url;
$this->shop_user = $shop->user;
$this->shop_password = $shop->userpas;
$this->syncShopifyOrder($shop);
}
private function getOrderRequest($url){
$client = new \GuzzleHttp\Client();
$response = $client->request('GET', $url, [
'auth' => [$this->shop_user, $this->shop_password]
]);
if($response->getStatusCode() !== 200){
throw new OrderSyncException('Connection problem!');
}
$data = [];
$paginate_links = $response->getHeader('Link');
if($paginate_links){
$page_link = $paginate_links[0];
$links_arr = explode(",", $page_link);
if($links_arr){
$tobeReplace = ["<",">",'rel="next"',";",'rel="previous"'];
$tobeReplaceWith = ["","","",""];
foreach ($links_arr as $link) {
$link_type = strpos($link, 'rel="next') !== false ? "next" : "previous";
parse_str(parse_url(str_replace($tobeReplace, $tobeReplaceWith, $link), PHP_URL_QUERY), $op);
$data[$link_type] = trim($op['page_info']);
}
}
}
$order_data = $response->getBody()->getContents();
$data['all_orders'] = (json_decode($order_data))->orders;
return $data;
}
// Shopify Orders
private function syncShopifyOrder($shop)
{
$count = 0;
try{
if($shop){
$nextPageToken = null;
do{
$param = ($nextPageToken)? '&page_info='.$nextPageToken : '&status=any&fulfillment_status=any&order=created_at asc&created_at_min=2020-08-10T13:30:33+02:00';
$url = $this->shop_url . 'admin/api/2020-01/orders.json?limit=250'.$param;
$data = $this->getOrderRequest($url);
$all_orders = $data['all_orders'];
$nextPageToken = isset($data['next']) ? $data['next'] : null;
if($all_orders){
$count += count((array) $all_orders);
$this->bulkorderInsertShopify($shop, $all_orders);
}
}while($nextPageToken);
}else{
throw new OrderSyncException('You have not configured shop!');
}
$this->syncSuccessReport($shop, $count);
}catch(OrderSyncException $e) {
$this->syncErrorReport($shop, $count, $e->getMessage());
}catch(\Exception $e) {
$this->syncErrorReportAdmin($shop, $count, $e);
}
}
Any one please to help me i have one problem in blue dart api error. NO Error is came. how to solve this problem.
require_once('lib/nusoap.php');
function soaprequest($api_url, $api_username, $api_password, $service, $params)
{
if ($api_url != '' && $service != '' && count($params) > 0)
{
$wsdl = $api_url."?wsdl";
$client = new nusoap_client($wsdl, 'wsdl');
$client->setCredentials($api_username,$api_password);
$error = $client->getError();
if ($error)
{
echo "\nSOAP Error\n".$error."\n";
return false;
}
else
{
$result = $client->call($service, $params);
if ($client->fault)
{
print_r($result);
return false;
}
else
{
$result_arr = json_decode($result, true);
$return_array = $result_arr['result'];
return $return_array;
}
}
}
}
$api_url = "http://netconnect.bluedart.com/ver1.7/Demo/ShippingAPI/Finder/ServiceFinderQuery.svc?wsdl";
//$api_url = "http://netconnect.bluedart.com/ Demo/ShippingAPI/Finder/ServiceFinderQuery.svc?wsdl";
$api_username='XXXXXXXXXX';
$api_password = 'AAAAAAAAAAAAAAAAAAAAAAA';
$service ='GetServicesforPincode';
$params = array('pinCode'=>'620102');
soaprequest($api_url, $api_username, $api_password, $service, $params);
above code is download from codeigniter library and it have also not working
the url you are supplying terminates with ?wsdl but inside the soaprequest function ?wsdl gets appended to the url so I guess your url would look like
http://netconnect.bluedart.com/ver1.7/Demo/ShippingAPI/Finder/ServiceFinderQuery.svc?wsdl?wsdl
which doesn't seem right so try without the ?wsdl at the end of the url?
In summary: Stripe API: CurlClient.php has a CURLOPT_HEADERFUNCTION that cannot be found by curl on execution of the curl_exec command.
Stripe API version 3.2.0 (the newer version that uses namespace) using PHP version 5.4.45 and CURL version 7.36.0. I downloaded the library from GitHub and am using the init.php routine provided with the Library to bind the Stripe classes.
I can get a token using Stripe.js, pass to my server, authenticate and post a charge:
\Stripe\Charge::create(array(
"amount" => 400,
"currency" => "cad",
"source" => "tok_74MBD61UgMTtN7", // obtained with Stripe.js
"description" => "Charge for test#example.com"
), array(
"idempotency_key" => "yfwO6fUZh4qHctt6",
));
I get an error: Unexpected error communicating with Stripe. If this problem persists, let us know at support#stripe.com. (I have contacted Stripe and haven't heard from them in 3 days.)
My error routine shows: Invalid callback , no array or string given file (...)stripe-php-3.2.0/lib/HttpClient/CurlClient.php. Investigation shows the curl_exec in CurlClient.php throws the error because it can't find $headerCallback. If I comment out this line:
$opts[CURLOPT_HEADERFUNCTION] = $headerCallback;
then everything works fine, except of course I don't get any headers passed back to the calling functions. However, I do get json returned and the successful charge can be seen from the Stripe Control Panel.
So, any ideas on why Strip API won't function properly?
Posting CurlClient.php here:
<?php
namespace Stripe\HttpClient;
use Stripe\Stripe;
use Stripe\Error;
use Stripe\Util;
class CurlClient implements ClientInterface
{
private static $instance;
public static function instance()
{
if (!self::$instance) {
self::$instance = new self();
}
return self::$instance;
}
public function request($method, $absUrl, $headers, $params, $hasFile)
{
$curl = curl_init();
$method = strtolower($method);
$opts = array();
if ($method == 'get') {
if ($hasFile) {
throw new Error\Api(
"Issuing a GET request with a file parameter"
);
}
$opts[CURLOPT_HTTPGET] = 1;
if (count($params) > 0) {
$encoded = self::encode($params);
$absUrl = "$absUrl?$encoded";
}
} elseif ($method == 'post') {
$opts[CURLOPT_POST] = 1;
$opts[CURLOPT_POSTFIELDS] = $hasFile ? $params : self::encode($params);
} elseif ($method == 'delete') {
$opts[CURLOPT_CUSTOMREQUEST] = 'DELETE';
if (count($params) > 0) {
$encoded = self::encode($params);
$absUrl = "$absUrl?$encoded";
}
} else {
throw new Error\Api("Unrecognized method $method");
}
// Create a callback to capture HTTP headers for the response
$rheaders = array();
$headerCallback = function ($curl, $header_line) use (&$rheaders) {
// Ignore the HTTP request line (HTTP/1.1 200 OK)
if (strpos($header_line, ":") === false) {
return strlen($header_line);
}
list($key, $value) = explode(":", trim($header_line), 2);
$rheaders[trim($key)] = trim($value);
return strlen($header_line);
};
$absUrl = Util\Util::utf8($absUrl);
$opts[CURLOPT_URL] = $absUrl;
$opts[CURLOPT_RETURNTRANSFER] = true;
$opts[CURLOPT_CONNECTTIMEOUT] = 30;
$opts[CURLOPT_TIMEOUT] = 80;
$opts[CURLOPT_RETURNTRANSFER] = true;
$opts[CURLOPT_HEADERFUNCTION] = $headerCallback;
$opts[CURLOPT_HTTPHEADER] = $headers;
if (!Stripe::$verifySslCerts) {
$opts[CURLOPT_SSL_VERIFYPEER] = false;
}
curl_setopt_array($curl, $opts);
$rbody = curl_exec($curl);
if (!defined('CURLE_SSL_CACERT_BADFILE')) {
define('CURLE_SSL_CACERT_BADFILE', 77); // constant not defined in PHP
}
$errno = curl_errno($curl);
if ($errno == CURLE_SSL_CACERT ||
$errno == CURLE_SSL_PEER_CERTIFICATE ||
$errno == CURLE_SSL_CACERT_BADFILE
) {
array_push(
$headers,
'X-Stripe-Client-Info: {"ca":"using Stripe-supplied CA bundle"}'
);
$cert = self::caBundle();
curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
curl_setopt($curl, CURLOPT_CAINFO, $cert);
$rbody = curl_exec($curl);
}
if ($rbody === false) {
$errno = curl_errno($curl);
$message = curl_error($curl);
curl_close($curl);
$this->handleCurlError($absUrl, $errno, $message);
}
$rcode = curl_getinfo($curl, CURLINFO_HTTP_CODE);
curl_close($curl);
return array($rbody, $rcode, $rheaders);
}
/**
* #param number $errno
* #param string $message
* #throws Error\ApiConnection
*/
private function handleCurlError($url, $errno, $message)
{
switch ($errno) {
case CURLE_COULDNT_CONNECT:
case CURLE_COULDNT_RESOLVE_HOST:
case CURLE_OPERATION_TIMEOUTED:
$msg = "Could not connect to Stripe ($url). Please check your "
. "internet connection and try again. If this problem persists, "
. "you should check Stripe's service status at "
. "https://twitter.com/stripestatus, or";
break;
case CURLE_SSL_CACERT:
case CURLE_SSL_PEER_CERTIFICATE:
$msg = "Could not verify Stripe's SSL certificate. Please make sure "
. "that your network is not intercepting certificates. "
. "(Try going to $url in your browser.) "
. "If this problem persists,";
break;
default:
$msg = "Unexpected error communicating with Stripe. "
. "If this problem persists,";
}
$msg .= " let us know at support#stripe.com.";
$msg .= "\n\n(Network error [errno $errno]: $message)";
throw new Error\ApiConnection($msg);
}
private static function caBundle()
{
return dirname(__FILE__) . '/../../data/ca-certificates.crt';
}
/**
* #param array $arr An map of param keys to values.
* #param string|null $prefix
*
* Only public for testability, should not be called outside of CurlClient
*
* #return string A querystring, essentially.
*/
public static function encode($arr, $prefix = null)
{
if (!is_array($arr)) {
return $arr;
}
$r = array();
foreach ($arr as $k => $v) {
if (is_null($v)) {
continue;
}
if ($prefix && $k && !is_int($k)) {
$k = $prefix."[".$k."]";
} elseif ($prefix) {
$k = $prefix."[]";
}
if (is_array($v)) {
$enc = self::encode($v, $k);
if ($enc) {
$r[] = $enc;
}
} else {
$r[] = urlencode($k)."=".urlencode($v);
}
}
return implode("&", $r);
}
}
The problem turned out to be environmental. My PHP (5.4.45) was installed using CageFS and I used the 5.4 version that was NOT native, allowing for selection of various PHP modules. When I switched to native version of PHP 5.4 then stripe API started working just fine. Also works well in PHP 5.5. This may be of interest to other Cloud Linux users working with CageFS and PHP Selector.
I am using custom code to connect to Twitter and request an access token. For some reason when trying to post to "access_token" on the API it returns "invalid or expired token". The code is as follows (apart from a few external function calls and properties this should be sufficient to replicate the error):
public function authenticate($get,$return = false) {
session_start();
if (!isset($get['oauth_verifier'])){
// Step 1 - get a request token
$step1 = $this->processRequest('oauth/request_token',0,$this->pObj->getRedirectUrl().'?process=true');
parse_str($step1,$parts);
if ($parts['oauth_callback_confirmed'] !== 'true'){ die('Error with process'); }
$_SESSION['tw_secret'] = $parts['oauth_token_secret'];
// Step 2
$url = str_replace('1.1/','',$this->api_url);
header("Location: {$url}oauth/authenticate?oauth_token={$parts['oauth_token']}");
} else {
// Step 3
$this->o_token = $get['oauth_token'];
$this->o_secret = $_SESSION['tw_secret'];
$content['oauth_verifier'] = $get['oauth_verifier'];
$step3 = $this->processRequest('oauth/access_token',1,null,$content,'array');
}
}
// https://dev.twitter.com/docs/auth/creating-signature
private function generateSignature($oauth,$fullurl,$http_method,$content){
// Take params from url
$main_url = explode('?',$fullurl);
// Split the content
$contents = explode('&',$content);
$urls = array_merge(explode('&',$main_url[1]),$contents);
foreach ($urls as $param){
$bits = explode('=',$param);
if (strlen($bits[0])){
$oauth[$bits[0]] = rawurlencode($bits[1]);
}
}
ksort($oauth);
$string = http_build_query($oauth);
$new_string = strtoupper($http_method).'&'.urlencode($main_url[0]).'&'.urlencode(urldecode($string));
// The request_token request doesn't need a o_secret because it doesn't have one!
$sign_key = strstr($fullurl,'request_token') ? $this->c_secret.'&' : $this->c_secret.'&'.$this->o_secret;
return urlencode(base64_encode(hash_hmac('sha1',$new_string,$sign_key,true)));
}
public function processRequest($in_url,$test = false,$callback = null,$content = null, $content_type = 'json',$form_content_type = 'application/x-www-form-urlencoded'){
$method = 'GET';
// Twitter still uses Oauth1 (which is a pain)
$oauth = array(
'oauth_consumer_key'=>$this->c_key,
'oauth_nonce'=>$this->random(32),
'oauth_signature_method'=>'HMAC-SHA1',
'oauth_timestamp'=>time(),
'oauth_token'=>$this->o_token,
'oauth_version'=>'1.0'
);
$url = $this->api_url.$in_url;
if (strlen($callback)){
$oauth['oauth_callback'] = urlencode(urldecode($callback));
unset($oauth['oauth_token']);
$method = 'POST';
$url = str_replace('1.1/','',$url);
}
if (is_array($content) || strlen($content)){ $method = 'POST'; }
$oauth['oauth_signature'] = $this->generateSignature($oauth,$url,$method,'');
ksort($oauth);
foreach ($oauth as $k=>$v){
$auths[] = $k.'="'.$v.'"';
}
$stream = array('http' =>
array(
'method' => $method,
'ignore_errors'=>true, // http://php.net/manual/en/context.http.php - otherwise browser returns error not error content
'follow_location'=>false,
'max_redirects'=>0,
'header'=> array(
'Content-type: '.$form_content_type,
'Authorization: OAuth '.implode(', ',$auths),
'Connection: close'
)
)
);
if (is_array($content)){
$content = $content_type == 'json' ? json_encode($content) : http_build_query($content);
/* foreach ($content as $k=>$v){
$strs[] = "$k=".urlencode(urldecode($v));
}
// Just for now to keep things simple
$content = 'status=Hello%20Ladies%20%2b%20Gentlemen%2c%20a%20signed%20OAuth%20request%21';*/
}
if (!is_null($content)){
$stream['http']['content'] = $content;
}
// Tell streams to make a request
// Invalid key or 401 error tends to suggest an incorrect signing key / signature
$response = file_get_contents($url, false, stream_context_create($stream));
if ($test){
print'<pre>';print_r($oauth);print'</pre>';
print'<pre>';print_r($stream);print'</pre>';
//echo $callback.'<br>';
echo $url.'<br>';
//print'<pre>';print_r($http_response_header);print'</pre>';
print'<pre>[';print_r($response);print']</pre>';
}
if (!is_object(json_decode($response))){
// Content supplied is not json - just return it
return $response;
} else {
$response = json_decode($response);
}
return $this->pObj->convertObjectToArray($response);
}
The reason for the problems are:
1) The version of the Twitter API should not be included
2) The post is missing the Oauth_verifier in the signature
Thanks to twitteroauth for providing some guiding light.
When using the Facebook Graph API to return more than 500 elements (like a friend list) paging is required. What's a good way to do this?
Here is the way that I use paging on my own apps.
http://developsocialapps.com/facebook-friends-list-and-paging/
The library has most of the code needed. The main method is getGraphObjectWithPaging. It gets the object with the graph API and then keeps looping as long as there is a next page in the response or the $maxpages has been reached. One peculiarity is that sometimes Facebook returns the next page as the same page you just got, so it checks for this and stops at that point too.
class FacebookApp {
public $appId;
private $appSecret;
private $nameSpace;
public $userId;
public $token;
public $tokenExpires;
// get your own from http://www.w3.org/P3P/
public $p3p = 'P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"';
/* construct object
appid, secret, and namespace from app settings */
public function __construct($id, $secret, $namespace) {
$this->appId = $id;
$this->appSecret = $secret;
$this->nameSpace = $namespace;
}
/* return json data from a graph api object using paging
$object = object to get
limit = limit parameter for API object
maxpages = maximum number of pages to get */
function getGraphObjectWithPaging($object,$limit=500,$maxpages=10) {
$data = array();
$url = $this->getGraphUrl($object,$limit);
// loop through API calls until maxpages or no paging->next
while ($maxpages > 0) {
$response = $this->makeCurlRequest($url);
if ($repsonse === false) {
// something went wrong
break;
} else {
$jsonarray = json_decode($response,true);
if (isset($jsonarray['error'])) {
// something went wrong
break;
} else {
// add current data to data array
$data = array_merge ($data,$jsonarray['data']);
if (isset($jsonarray['paging']['next'])) {
if ($url == $jsonarray['paging']['next']) {
// for some reason facebook sometimes returns a next url which is the same as we just got, so exit here
break;
} else {
// keep looping
$url = $jsonarray['paging']['next'];
$maxpages--;
}
} else {
// no more pages
break;
}
}
}
}
return array("data"=>$data); // using data so it is the same format as other API repsonses
}
/* constructs graphs url */
public function getGraphUrl($object,$limit=false) {
$url = "https://graph.facebook.com/".$object;
if (strpos($url,"?") === false) $url .= "?";
else $url .= "&";
$url .= "access_token=".$this->token;
if ($limit !== false) $url .= "&limit=".$limit;
return $url;
}
/* uses curl to get a url, use $postarray to make a post, otherwise it will get */
public function makeCurlRequest($url,$postarray=false) {
$return = false;
try {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
if($postarray !== false){
curl_setopt ($ch, CURLOPT_POST, true);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $postarray);
}
$response = curl_exec($ch);
$responseInfo = curl_getinfo($ch);
curl_close($ch);
if ($responseInfo['http_code']==200) {
$return = $response;
}
} catch (Exception $e) {
$return = false;
}
return $return;
}
/* sets userid and token from signed request, return true or false if authorized */
public function initOauthUserFromSignedRequest() {
$authorized = false;
if (isset($_REQUEST['signed_request'])) {
$data = $this->parseSignedRequest($_REQUEST['signed_request']);
if ($data !== false) {
if (isset($data['user_id']) && isset($data['oauth_token'])) {
$this->userId = $data['user_id'];
$this->token = $data['oauth_token'];
$this->tokenExpires = $data['expires'];
$authorized = true;
}
}
}
return $authorized;
}
/* require user to authorize and have permissions for page
redirect_uri = url to return after user has authorized like redirect.php
success_uri = url to redirect to on successful authorization like mypage.php
scope = comma separted list of permissions */
function requireAuthorization($redirect_uri,$success_uri=false,$scope=false) {
if ($success_uri === false) {
// if no success_uri use current page, all files for app must be in same directory
$success_uri = substr($_SERVER['REQUEST_URI'],strrpos($_SERVER['REQUEST_URI'],"/")+1);
}
$this->setCookie ("success_uri",$success_uri,0); // we will use this on the redirect_uri page
$requireauth = true;
if ($this->initOauthUserFromSignedRequest()) { // user has authorized
if (($scope === false) || ($this->hasAllPermissions($scope))) { // now check for perms
$requireauth = false;
}
}
if ($requireauth) { // user is either not authorized or doesn't have permissions
$url = $this->getAuthUrl($this->getCanvasUrl($redirect_uri),$scope);
echo "<html>\n<body>\n<script>\ntop.location.href='".$url."';\n</script></body></html>";
exit();
}
}
/* checks to see if has permissions, scope is comma separated list */
public function hasAllPermissions($scope) {
$return = false;
$cookiename = "permissions_".$this->appId."_".$this->userId;
$requiredpermissions = explode(",",$scope);
// first check cookie
if (isset($_COOKIE[$cookiename])) {
$return = true;
$permissions = json_decode($_COOKIE[$cookiename],true);
foreach ($requiredpermissions as $perm) {
if ($permissions['data'][0][$perm] != 1) {
$return = false;
break;
}
}
}
// if didn't have all in cookie, then see if it is in graph
if ($return == false) {
$permissions = $this->getGraphObject("me/permissions");
if ($permissions !== false) {
$this->setCookie($cookiename,json_encode($permissions),0);
$return = true;
foreach ($requiredpermissions as $perm) {
if ($permissions['data'][0][$perm] != 1) {
$return = false;
break;
}
}
}
}
return $return;
}
/* sets a cookie with p3p headers */
public function setCookie($name,$value,$expires) {
if ($this->p3p != '') {
header($this->p3p);
$this->p3p = '';
}
setcookie ($name,$value,$expires,"/");
}
/* returns url for oauth authorization
redirect_uri = url to return after user has authorized
scope = comma separted list of permissions */
public function getAuthUrl($redirect_uri,$scope=false) {
$url = "https://www.facebook.com/dialog/oauth/?client_id=".$this->appId."&redirect_uri=".rawurlencode($redirect_uri);
if ($scope !== false) $url .= "&scope=".rawurlencode($scope);
return $url;
}
/* returns url to app canvas page, $page like mypage.php?foo=bar */
public function getCanvasUrl($page) {
if ($_SERVER['HTTPS'] == "on") $protocol = "https";
else $protocol = "http";
return $protocol."://apps.facebook.com/".$this->nameSpace."/".$page;
}
/* parses signed_request parameter and returns data object, returns false if sigs don't match */
public function parseSignedRequest($signed_request) {
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
$data = json_decode(base64_decode(strtr($payload, '-_', '+/')), true);
$sig = base64_decode(strtr($encoded_sig, '-_', '+/'));
$expected_sig = hash_hmac('sha256', $payload, $this->appSecret, true);
if ($sig == $expected_sig) {
return $data;
} else {
return false;
}
}
}
Here is how to use it on a page:
$facebookapp = new FacebookApp($GLOBALS['facebookAppId'],$GLOBALS['facebookAppSecret'],$GLOBALS['facebookNamespace']);
$facebookapp->requireAuthorization($GLOBALS['facebookRedirectPage']);
$friends = $facebookapp->getGraphObjectWithPaging("me/friends");