include/externalAPI/Facebook/base_facebook.php
inherited
Classes
\BaseFacebook
Provides access to the Facebook Platform. This class provides a majority of the functionality needed, but the class is abstract because it is designed to be sub-classed. The subclass must implement the four abstract methods listed at the bottom of the file.
- Children
- Author
- Naitik Shah
Constants
Properties
$CURL_OPTS= 'array(
CURLOPT_CONNECTTIMEOUT => 10,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_TIMEOUT => 60,
CURLOPT_USERAGENT => 'facebook-php-3.2',
)'
Default options for curl.
array(
CURLOPT_CONNECTTIMEOUT => 10,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_TIMEOUT => 60,
CURLOPT_USERAGENT => 'facebook-php-3.2',
)Details- Type
- n/a
$DOMAIN_MAP= 'array(
'api' => 'https://api.facebook.com/',
'api_video' => 'https://api-video.facebook.com/',
'api_read' => 'https://api-read.facebook.com/',
'graph' => 'https://graph.facebook.com/',
'graph_video' => 'https://graph-video.facebook.com/',
'www' => 'https://www.facebook.com/',
)'
Maps aliases to Facebook domains.
array(
'api' => 'https://api.facebook.com/',
'api_video' => 'https://api-video.facebook.com/',
'api_read' => 'https://api-read.facebook.com/',
'graph' => 'https://graph.facebook.com/',
'graph_video' => 'https://graph-video.facebook.com/',
'www' => 'https://www.facebook.com/',
)Details- Type
- n/a
$DROP_QUERY_PARAMS= 'array(
'code',
'state',
'signed_request',
)'
List of query parameters that get automatically dropped when rebuilding the current URL.
array(
'code',
'state',
'signed_request',
)Details- Type
- n/a
string
$accessToken= 'null'
The OAuth access token received in exchange for a valid authorization code. null means the access token has yet to be determined.
nullDetails- Type
- string
string
$appId= ''
The Application ID.
- Type
- string
string
$appSecret= ''
The Application App Secret.
- Type
- string
boolean
$fileUploadSupport= 'false'
Indicates if the CURL based @ syntax for file uploads is enabled.
falseDetails- Type
- boolean
$signedRequest= ''
The data from the signed_request token.
- Type
- n/a
$state= ''
A CSRF state variable to assist in the defense against CSRF attacks.
- Type
- n/a
boolean
$trustForwarded= 'false'
Indicates if we trust HTTP_X_FORWARDED_* headers.
falseDetails- Type
- boolean
integer
$user= ''
The ID of the Facebook user, or 0 if the user is logged out.
- Type
- integer
Methods
__construct(
array $config
)
:
voidInitialize a Facebook Application.
The configuration: - appId: the application ID - secret: the application secret - fileUpload: (optional) boolean indicating if file uploads are enabled
| Name | Type | Description |
|---|---|---|
| $config | array | The application configuration |
_graph(
string $path, string $method
=
'GET', array $params
=
array()
)
:
mixedInvoke the Graph API.
| Name | Type | Description |
|---|---|---|
| $path | string | The path (required) |
| $method | string | The http method (default 'GET') |
| $params | array | The query/post data |
| Type | Description |
|---|---|
| mixed | The decoded response object |
| Exception | Description |
|---|---|
| \FacebookApiException |
_oauthRequest(
string $url, array $params
)
:
stringMake a OAuth Request.
| Name | Type | Description |
|---|---|---|
| $url | string | The path (required) |
| $params | array | The query/post data |
| Type | Description |
|---|---|
| string | The decoded response object |
| Exception | Description |
|---|---|
| \FacebookApiException |
_restserver(
array $params
)
:
mixedInvoke the old restserver.php endpoint.
| Name | Type | Description |
|---|---|---|
| $params | array | Method call object |
| Type | Description |
|---|---|
| mixed | The decoded response object |
| Exception | Description |
|---|---|
| \FacebookApiException |
api(
)
:
mixedMake an API call.
| Type | Description |
|---|---|
| mixed | The decoded response |
base64UrlDecode(
string $input
)
:
stringBase64 encoding that doesn't need to be urlencode()ed.
Exactly the same as base64_encode except it uses - instead of + _ instead of / No padded =
| Name | Type | Description |
|---|---|---|
| $input | string | base64UrlEncoded string |
| Type | Description |
|---|---|
| string |
base64UrlEncode(
string $input
)
:
stringBase64 encoding that doesn't need to be urlencode()ed.
Exactly the same as base64_encode except it uses - instead of + _ instead of /
| Name | Type | Description |
|---|---|---|
| $input | string | string |
| Type | Description |
|---|---|
| string | base64Url encoded string |
clearAllPersistentData(
)
:
voidClear all data from the persistent storage
clearPersistentData(
string $key
)
:
voidClear the data with $key from the persistent storage
| Name | Type | Description |
|---|---|---|
| $key | string |
destroySession(
)
:
voidDestroy the current session
endsWith(
$big, $small
)
:
void| Name | Type | Description |
|---|---|---|
| $big | ||
| $small |
errorLog(
string $msg
)
:
voidPrints to the error log if you aren't in command line mode.
| Name | Type | Description |
|---|---|---|
| $msg | string | Log message |
establishCSRFTokenState(
)
:
voidLays down a CSRF state token for this process.
getAccessToken(
)
:
stringDetermines the access token that should be used for API calls.
The first time this is called, $this->accessToken is set equal to either a valid user access token, or it's set to the application access token if a valid user access token wasn't available. Subsequent calls return whatever the first call returned.
| Type | Description |
|---|---|
| string | The access token |
getAccessTokenFromCode(
string $code, $redirect_uri
=
null
)
:
mixedRetrieves an access token for the given authorization code (previously generated from www.facebook.com on behalf of a specific user). The authorization code is sent to graph.facebook.com and a legitimate access token is generated provided the access token and the user for which it was generated all match, and the user is either logged in to Facebook or has granted an offline access permission.
| Name | Type | Description |
|---|---|---|
| $code | string | An authorization code. |
| $redirect_uri |
| Type | Description |
|---|---|
| mixed | An access token exchanged for the authorization code, or false if an access token could not be generated. |
getApiSecret(
)
:
stringGet the App Secret.
| Type | Description |
|---|---|
| string | the App Secret |
- Deprecated
getApiUrl(
\$method $method
)
:
stringBuild the URL for api given parameters.
| Name | Type | Description |
|---|---|---|
| $method | \$method | String the method name. |
| Type | Description |
|---|---|
| string | The URL for the given parameters |
getAppId(
)
:
stringGet the Application ID.
| Type | Description |
|---|---|
| string | the Application ID |
getAppSecret(
)
:
stringGet the App Secret.
| Type | Description |
|---|---|
| string | the App Secret |
getApplicationAccessToken(
)
:
stringReturns the access token that should be used for logged out users when no authorization code is available.
| Type | Description |
|---|---|
| string | The application access token, useful for gathering public information about users and applications. |
getBaseDomain(
)
:
voidGet the base domain used for the cookie.
getCode(
)
:
mixedGet the authorization code from the query parameters, if it exists, and otherwise return false to signal no authorization code was discoverable.
| Type | Description |
|---|---|
| mixed | The authorization code, or false if the authorization code could not be determined. |
getCurrentUrl(
)
:
stringReturns the Current URL, stripping it of known FB parameters that should not persist.
| Type | Description |
|---|---|
| string | The current URL |
getFileUploadSupport(
)
:
booleanGet the file upload support status.
| Type | Description |
|---|---|
| boolean | true if and only if the server supports file upload. |
getHttpHost(
)
:
voidgetHttpProtocol(
)
:
voidgetLoginStatusUrl(
array $params
=
array()
)
:
stringGet a login status URL to fetch the status from Facebook.
The parameters: - ok_session: the URL to go to if a session is found - no_session: the URL to go to if the user is not connected - no_user: the URL to go to if the user is not signed into facebook
| Name | Type | Description |
|---|---|---|
| $params | array | Provide custom parameters |
| Type | Description |
|---|---|
| string | The URL for the logout flow |
getLoginUrl(
array $params
=
array()
)
:
stringGet a Login URL for use with redirects. By default, full page redirect is assumed. If you are using the generated URL with a window.open() call in JavaScript, you can pass in display=popup as part of the $params.
The parameters: - redirect_uri: the url to go to after a successful login - scope: comma separated list of requested extended perms
| Name | Type | Description |
|---|---|---|
| $params | array | Provide custom parameters |
| Type | Description |
|---|---|
| string | The URL for the login flow |
getLogoutUrl(
array $params
=
array()
)
:
stringGet a Logout URL suitable for use with redirects.
The parameters: - next: the url to go to after a successful logout
| Name | Type | Description |
|---|---|---|
| $params | array | Provide custom parameters |
| Type | Description |
|---|---|
| string | The URL for the logout flow |
getMetadataCookie(
)
:
\anParses the metadata cookie that our Javascript API set
| Type | Description |
|---|---|
| \an | array mapping key to value |
getMetadataCookieName(
)
:
stringConstructs and returns the name of the coookie that potentially contain metadata. The cookie is not set by the BaseFacebook class, but it may be set by the JavaScript SDK.
| Type | Description |
|---|---|
| string | the name of the cookie that would house metadata. |
getPersistentData(
string $key, boolean $default
=
false
)
:
mixedGet the data for $key, persisted by BaseFacebook::setPersistentData()
| Name | Type | Description |
|---|---|---|
| $key | string | The key of the data to retrieve |
| $default | boolean | The default value to return if $key is not found |
| Type | Description |
|---|---|
| mixed |
getSignedRequest(
)
:
stringRetrieve the signed request, either from a request parameter or, if not present, from a cookie.
| Type | Description |
|---|---|
| string | the signed request, if available, or null otherwise. |
getSignedRequestCookieName(
)
:
stringConstructs and returns the name of the cookie that potentially houses the signed request for the app user.
The cookie is not set by the BaseFacebook class, but it may be set by the JavaScript SDK.
| Type | Description |
|---|---|
| string | the name of the cookie that would house the signed request value. |
getUrl(
\$name $name, \$path $path
=
'', \$params $params
=
array()
)
:
stringBuild the URL for given domain alias, path and parameters.
| Name | Type | Description |
|---|---|---|
| $name | \$name | string The name of the domain |
| $path | \$path | string Optional path (without a leading slash) |
| $params | \$params | array Optional query parameters |
| Type | Description |
|---|---|
| string | The URL for the given parameters |
getUser(
)
:
stringGet the UID of the connected user, or 0 if the Facebook user is not connected.
| Type | Description |
|---|---|
| string | the UID if available. |
getUserAccessToken(
)
:
stringDetermines and returns the user access token, first using the signed request if present, and then falling back on the authorization code if present. The intent is to return a valid user access token, or false if one is determined to not be available.
| Type | Description |
|---|---|
| string | A valid user access token, or false if one could not be determined. |
getUserFromAccessToken(
)
:
integerRetrieves the UID with the understanding that $this->accessToken has already been set and is seemingly legitimate. It relies on Facebook's Graph API to retrieve user information and then extract the user ID.
| Type | Description |
|---|---|
| integer | Returns the UID of the Facebook user, or 0 if the Facebook user could not be determined. |
getUserFromAvailableData(
)
:
integerDetermines the connected user by first examining any signed requests, then considering an authorization code, and then falling back to any persistent store storing the user.
| Type | Description |
|---|---|
| integer | The id of the connected Facebook user, or 0 if no such user exists. |
isAllowedDomain(
$big, $small
)
:
void| Name | Type | Description |
|---|---|---|
| $big | ||
| $small |
isVideoPost(
string $path, string $method
=
'GET'
)
:
booleanReturn true if this is video post.
| Name | Type | Description |
|---|---|---|
| $path | string | The path |
| $method | string | The http method (default 'GET') |
| Type | Description |
|---|---|
| boolean | true if this is video post |
makeRequest(
string $url, array $params, \CurlHandler $ch
=
null
)
:
stringMakes an HTTP request. This method can be overridden by subclasses if developers want to do fancier things or use something other than curl to make the request.
| Name | Type | Description |
|---|---|---|
| $url | string | The URL to make the request to |
| $params | array | The parameters to use for the POST body |
| $ch | \CurlHandler | Initialized curl handle |
| Type | Description |
|---|---|
| string | The response text |
makeSignedRequest(
array $data
)
:
stringMakes a signed_request blob using the given data.
| Name | Type | Description |
|---|---|---|
| $data | array | The data array. |
| Type | Description |
|---|---|
| string | The signed request. |
parseSignedRequest(
string $signed_request
)
:
arrayParses a signed_request and validates the signature.
| Name | Type | Description |
|---|---|---|
| $signed_request | string | A signed token |
| Type | Description |
|---|---|
| array | The payload inside it or null if the sig is wrong |
setAccessToken(
string $access_token
)
:
\BaseFacebookSets the access token for api calls. Use this if you get your access token by other means and just want the SDK to use it.
| Name | Type | Description |
|---|---|---|
| $access_token | string | an access token. |
| Type | Description |
|---|---|
| \BaseFacebook |
setApiSecret(
string $apiSecret
)
:
\BaseFacebookSet the App Secret.
| Name | Type | Description |
|---|---|---|
| $apiSecret | string | The App Secret |
| Type | Description |
|---|---|
| \BaseFacebook |
- Deprecated
setAppId(
string $appId
)
:
\BaseFacebookSet the Application ID.
| Name | Type | Description |
|---|---|---|
| $appId | string | The Application ID |
| Type | Description |
|---|---|
| \BaseFacebook |
setAppSecret(
string $appSecret
)
:
\BaseFacebookSet the App Secret.
| Name | Type | Description |
|---|---|---|
| $appSecret | string | The App Secret |
| Type | Description |
|---|---|
| \BaseFacebook |
setExtendedAccessToken(
)
:
voidExtend an access token, while removing the short-lived token that might have been generated via client-side flow. Thanks to http://bit.ly/b0Pt0H for the workaround.
setFileUploadSupport(
boolean $fileUploadSupport
)
:
\BaseFacebookSet the file upload support status.
| Name | Type | Description |
|---|---|---|
| $fileUploadSupport | boolean | The file upload support status. |
| Type | Description |
|---|---|
| \BaseFacebook |
setPersistentData(
string $key, array $value
)
:
voidStores the given ($key, $value) pair, so that future calls to getPersistentData($key) return $value. This call may be in another request.
| Name | Type | Description |
|---|---|---|
| $key | string | |
| $value | array |
shouldRetainParam(
string $param
)
:
booleanReturns true if and only if the key or key/value pair should be retained as part of the query string. This amounts to a brute-force search of the very small list of Facebook-specific params that should be stripped out.
| Name | Type | Description |
|---|---|---|
| $param | string | A key or key/value pair within a URL's query (e.g. 'foo=a', 'foo=', or 'foo'. |
| Type | Description |
|---|---|
| boolean |
throwAPIException(
\$result $result
)
:
voidAnalyzes the supplied result to see if it was thrown because the access token is no longer valid. If that is the case, then we destroy the session.
| Name | Type | Description |
|---|---|---|
| $result | \$result | array A record storing the error message returned by a failed API call. |
useFileUploadSupport(
)
:
booleanDEPRECATED! Please use getFileUploadSupport instead.
Get the file upload support status.
| Type | Description |
|---|---|
| boolean | true if and only if the server supports file upload. |
\FacebookApiException
Thrown when an API call returns an exception.
- Parent(s)
- \Exception
- Author
- Naitik Shah
Properties
$result= ''
The result from the API server that represents the exception information.
- Type
- n/a
Methods
__construct(
array $result
)
:
voidMake a new API Exception with the given result.
| Name | Type | Description |
|---|---|---|
| $result | array | The result from the API server |
__toString(
)
:
stringTo make debugging easier.
| Type | Description |
|---|---|
| string | The string representation of the error |
getResult(
)
:
arrayReturn the associated result object returned by the API server.
| Type | Description |
|---|---|
| array | The result from the API server |
getType(
)
:
stringReturns the associated type for the error. This will default to 'Exception' when a type is not available.
| Type | Description |
|---|---|
| string |