From 1b1237d97c3d50394bcc86b9da94b26c0cecdb42 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20H=C3=B6=C3=9Fl?= Date: Sun, 1 Apr 2012 07:42:50 +0000 Subject: [PATCH] FEATURE: AppID/Secret can now be entered on the plugin's admin page. BUG: if a connected FB-App is deleted and a new FB-App is connected, the app_access_token of the former App remained in the config and made it impossible to activate Real-Time Updates with the new App. USABILITY: Now the user's connector settings page automatically recognizes if the connection is still valid and acts accordingly. SECURITY: XSRF-Protection. --- facebook/facebook.php | 72 ++++++++++++++++++++++++++++++++++--------- 1 file changed, 57 insertions(+), 15 deletions(-) diff --git a/facebook/facebook.php b/facebook/facebook.php index 8fcde4033..9f873284e 100755 --- a/facebook/facebook.php +++ b/facebook/facebook.php @@ -464,9 +464,21 @@ function facebook_content(&$a) { info( t('Updating contacts') . EOL); } - - $fb_installed = get_pconfig(local_user(),'facebook','post'); - + $o = ''; + + $fb_installed = false; + if (get_pconfig(local_user(),'facebook','post')) { + $access_token = get_pconfig(local_user(),'facebook','access_token'); + if ($access_token) { + $private_wall = intval(get_pconfig($uid,'facebook','private_wall')); + $s = fetch_url('https://graph.facebook.com/me/feed?access_token=' . $access_token); + if($s) { + $j = json_decode($s); + if (isset($j->data)) $fb_installed = true; + } + } + } + $appid = get_config('facebook','appid'); if(! $appid) { @@ -629,17 +641,39 @@ function facebook_plugin_settings(&$a,&$b) { function facebook_plugin_admin(&$a, &$o){ + $o = ''; - $activated = facebook_check_realtime_active(); - if ($activated) { - $o = t('Real-Time Updates are activated.') . '

'; - $o .= ''; - } else { - $o = t('Real-Time Updates not activated.') . '
'; + $o .= '

' . t('Facebook API Key') . '

'; + + $appid = get_config('facebook', 'appid' ); + $appsecret = get_config('facebook', 'appsecret' ); + + $o .= '
'; + $o .= '
'; + $o .= ''; + + if ($appid && $appsecret) { + $o .= '

' . t('Real-Time Updates') . '

'; + + $activated = facebook_check_realtime_active(); + if ($activated) { + $o .= t('Real-Time Updates are activated.') . '

'; + $o .= ''; + } else { + $o .= t('Real-Time Updates not activated.') . '
'; + } } } function facebook_plugin_admin_post(&$a, &$o){ + check_form_security_token_redirectOnErr('/admin/plugins/facebook', 'fbsave'); + + if (x($_REQUEST,'fb_save_keys')) { + set_config('facebook', 'appid', $_REQUEST['appid']); + set_config('facebook', 'appsecret', $_REQUEST['appsecret']); + del_config('facebook', 'app_access_token'); + info(t('The new values have been saved.')); + } if (x($_REQUEST,'real_time_activate')) { facebook_subscription_add_users(); } @@ -1448,8 +1482,8 @@ function fb_get_app_access_token() { logger('fb_get_app_access_token: appid and/or appsecret not set', LOGGER_DEBUG); return false; } - - $x = fetch_url('https://graph.facebook.com/oauth/access_token?client_id=' . $appid . '&client_secret=' . $appsecret . "&grant_type=client_credentials"); + logger('https://graph.facebook.com/oauth/access_token?client_id=' . $appid . '&client_secret=' . $appsecret . '&grant_type=client_credentials', LOGGER_DATA); + $x = fetch_url('https://graph.facebook.com/oauth/access_token?client_id=' . $appid . '&client_secret=' . $appsecret . '&grant_type=client_credentials'); if(strpos($x,'access_token=') !== false) { logger('fb_get_app_access_token: returned access token: ' . $x, LOGGER_DATA); @@ -1480,8 +1514,7 @@ function facebook_subscription_del_users() { del_config('facebook', 'realtime_active'); } -function facebook_subscription_add_users() { - +function facebook_subscription_add_users($second_try = false) { $a = get_app(); $access_token = fb_get_app_access_token(); @@ -1502,9 +1535,18 @@ function facebook_subscription_add_users() { del_config('facebook', 'cb_verify_token'); if ($j) { + $x = json_decode($j); logger("Facebook reponse: " . $j, LOGGER_DATA); - - if (facebook_check_realtime_active()) set_config('facebook', 'realtime_active', 1); + if (isset($x->error)) { + logger('facebook_subscription_add_users: got an error: ' . $j); + if ($x->error->type == "OAuthException" && $x->error->code == 190) { + del_config('facebook', 'app_access_token'); + if ($second_try === false) facebook_subscription_add_users(true); + } + } else { + logger('facebook_subscription_add_users: sucessful'); + if (facebook_check_realtime_active()) set_config('facebook', 'realtime_active', 1); + } }; }