File: //usr/src/mechbunny/includes/facebook/facebook_response.php
<?
require_once '../../mb.php';
require_once $basepath . '/includes/facebook/sdk/Facebook.class.php';
require_once $basepath . '/includes/facebook/sdk/FacebookAdapter.class.php';
require_once $basepath . '/includes/facebook/sdk/FacebookApiException.class.php';
function file_get_contents_curl($url) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_AUTOREFERER, TRUE);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, TRUE);
$data = curl_exec($ch);
curl_close($ch);
return $data;
}
if (isset($_REQUEST['error_reason'])) {
$error = $_REQUEST['error_reason'];
if ($error == 'user_denied') {
setMessage(_t("You don't have permissions to log in with Facebook."), 'error');
} else {
setMessage(_t('Error during log in with Facebook.'), 'error');
}
header("Location: $basehttp/signup");
exit;
}
if (isset($_REQUEST['code']) && ($_REQUEST['code'] != '')) {
$code = $_REQUEST['code'];
$token_url = sprintf("https://graph.facebook.com/oauth/access_token?client_id=%s&redirect_uri=%s&client_secret=%s&code=%s&scope=public_profile,email", $config['facebook_appid'], urlencode($config['facebook_response_url']), $config['facebook_appsecret'], $code);
FacebookAdapter::setAccessToken(file_get_contents_curl($token_url));
header("Location: $basehttp/includes/facebook/facebook_response.php");
exit();
}
$f = new FacebookAdapter();
$fb_user = $f->getLoggedUser();
if (is_null($fb_user)) {
setMessage(_t("Looks like this Facebook user doesn't exist. Try with correct credentials."), 'error');
header("Location: $basehttp/signup");
exit();
} else {
$row = dbRow("SELECT * FROM `users` WHERE `facebook_id` = '" . mysqli_real_escape_string($dblink, $fb_user['id']) . "'");
if (!is_array($row) && $fb_user['email'] != "") {
$row = dbRow("SELECT * FROM `users` WHERE `email` = '" . mysqli_real_escape_string($dblink, $fb_user['email']) . "'");
}
if (is_array($row)) {
unset($row['password'], $row['salt']);
createUserSession($row);
dbUpdate('users', array(
'lastlogin' => time(),
'last_ip' => $_SERVER['REMOTE_ADDR'],
'facebook_id' => $fb_user['id'],
'record_num' => $_SESSION['userid'],
));
header("Location: $basehttp");
exit();
} else {
$salt = generateSalt(8);
$pass = generateSalt(6);
$profile = array(
'email' => $fb_user['email'],
'username' => ($fb_user['username'] != "") ? $fb_user['username'] : $fb_user['email'],
'password' => md5($pass . $salt),
'salt' => $salt,
'last_ip' => $_SERVER['REMOTE_ADDR'],
'registration_ip' => $_SERVER['REMOTE_ADDR'],
'date_joined' => 'NOW()',
'lastlogin' => time(),
'email_verified' => 1,
'facebook_id' => $fb_user['id'],
);
if ($profile['username'] == '') {
$profile['username'] = preg_replace("/[^a-z0-9-_]/", '.', strtolower($fb_user['name'])) . '.' . str_pad(rand(0, 9999), 4, '0', STR_PAD_LEFT);
}
setMessage(json_encode($fb_user));
$insert_id = dbInsert('users', $profile);
if (is_numeric($insert_id)) {
dbInsert('users_notifications', array('user_id' => $insert_id, 'scope' => 'email'), true);
$row = dbRow("SELECT * FROM `users` WHERE `record_num` = '$insert_id'");
if (is_array($row)) {
createUserSession($row);
$img = file_get_contents_curl("https://graph.facebook.com/$fb_user[id]/picture?type=large");
$filename = "$fb_user[id].jpg";
$target = "$misc_path/$filename";
$target_big = "$misc_path/big-$filename";
file_put_contents($target_big, $img);
makeImageThumbnail($target_big, $target, 800, 600, 'mogrify');
makeImageThumbnail($target_big, $target, 170, 130);
dbUpdate('users', array(
'avatar' => $filename,
'record_num' => $_SESSION['userid'],
));
setMessage(_t('You have logged in with Facebook.'));
header("Location: $basehttp/my-profile");
exit();
} else {
setMessage(_t('Cannot login with Facebook.'), 'error');
header("Location: $basehttp/signup");
exit();
}
}
}
}