Skip to content

Y
Yii Bootstrap 3
Commit 9962251a by Crisu83
Options

Added SEO to the demo app and added the Facebook and SEO extensions.

parent 95c23a99
Showing with 3285 additions and 10 deletions
demo/.htaccess 0 → 100644
Options +followSymLinks
IndexIgnore */*
<ifModule mod_rewrite.c>
RewriteEngine on
# if a directory or a file exists, use it directly
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# otherwise forward it to index.php
RewriteRule ^(.*)$ index.php
</ifModule>
\ No newline at end of file
demo/protected/config/main.php
......@@ -32,6 +32,12 @@ return array(
'errorHandler'=>array(
'errorAction'=>'site/error',
),
'fb'=>array(
'class'=>'ext.facebook.components.FacebookConnect',
'appID'=>'106265262835735',
'appSecret'=>'941d6e0fa554b725ec258311e4ddc4b6',
'appNamespace'=>'yii-bootstrap',
),
'log'=>array(
'class'=>'CLogRouter',
'routes'=>array(
......@@ -47,14 +53,21 @@ return array(
*/
),
),
'urlManager'=>array(
'showScriptName'=>false,
'urlFormat'=>'path',
'urlSuffix'=>'.html',
'rules'=>array(
'demo'=>'site/index',
'setup'=>'site/setup',
),
),
'user'=>array(
'allowAutoLogin'=>true,
),
),
// application-level parameters that can be accessed
// using Yii::app()->params['paramName']
// Application-level parameters
'params'=>array(
'adminEmail'=>'webmaster@example.com',
),
);
\ No newline at end of file
demo/protected/controllers/SiteController.php
......@@ -3,7 +3,19 @@
class SiteController extends Controller
{
/**
* Declares the behaviors.
* @return array the behaviors
*/
public function behaviors()
{
return array(
'seo'=>'ext.seo.components.SeoControllerBehavior',
);
}
/**
* Declares class-based actions.
* @return array the actions
*/
public function actions()
{
......
demo/protected/extensions/facebook/LICENSE.txt 0 → 100644
Copyright (c) 2010, Christoffer Niska
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
* Neither the name of the Christoffer Niska nor the
names of its contributors may be used to endorse or promote products
derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY
DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
\ No newline at end of file
demo/protected/extensions/facebook/components/FacebookConnect.php 0 → 100644
<?php
/**
* FacebookConnect class file.
* @author Christoffer Niska <ChristofferNiska@gmail.com>
* @copyright Copyright &copy; Christoffer Niska 2011-
* @license http://www.opensource.org/licenses/bsd-license.php New BSD License
* @package facebook.components
*/
/**
* Facebook connection application component.
*/
require(dirname(__FILE__) . '/../lib/facebook/src/facebook.php'); // Yii::import() will not work in this case
class FacebookConnect extends CApplicationComponent
{
/**
* @var string Facebook application id.
*/
public $appID;
/**
* @var string Facebook application secret.
*/
public $appSecret;
/**
* @var string the application namespace.
*/
public $appNamespace;
/**
* @var boolean whether file uploads are enabled.
*/
public $fileUpload;
protected $_facebook;
/**
* Initializes this component.
*/
public function init()
{
$config = array(
'appId' => $this->appID,
'secret' => $this->appSecret
);
if ($this->fileUpload !== null)
$config['fileUpload'] = $this->fileUpload;
$this->_facebook = new Facebook($config);
}
/**
* Registers an Open Graph action with Facebook.
* @param string $action the action to register.
* @param array $params the query parameters.
*/
public function registerAction($action, $params=array())
{
$this->api('me/'.$this->appNamespace.':'.$action, $params);
}
/**
* Calls the Facebook API.
* @param string $query the query to send.
* @param array $params the query paramters.
* @return array the response.
*/
public function api($query, $params=array())
{
$data = array();
if ($params !== array())
$query .= '?'.http_build_query($params);
try
{
$data = $this->_facebook->api('/'.$query);
}
catch (FacebookApiException $e)
{
}
return $data;
}
/**
* Returns the locale based on the application language.
* @return string the locale.
*/
public function getLocale()
{
$language = Yii::app()->language;
if ($language !== null)
{
$pieces = explode('_', $language);
if (count($pieces) === 2)
return $pieces[0].'_'.strtoupper($pieces[1]);
}
return 'en_US';
}
/**
* Returns the Facebook application instance.
* @return Facebook the instance
*/
public function getFacebook()
{
return $this->_facebook;
}
}
demo/protected/extensions/facebook/lib/facebook/changelog.md 0 → 100644
Facebook PHP SDK (v.3.0.0)
==========================
The new PHP SDK (v3.0.0) is a major upgrade to the older one (v2.2.x):
- Uses OAuth authentication flows instead of our legacy authentication flow
- Consists of two classes. The first (class BaseFacebook) maintains the core of the upgrade, and the second one (class Facebook) is a small subclass that uses PHP sessions to store the user id and access token.
If you’re currently using the PHP SDK (v2.2.x) for authentication, you will recall that the login code looked like this:
$facebook = new Facebook(…);
$session = $facebook->getSession();
if ($session) {
// proceed knowing you have a valid user session
} else {
// proceed knowing you require user login and/or authentication
}
The login code is now:
$facebook = new Facebook(…);
$user = $facebook->getUser();
if ($user) {
// proceed knowing you have a logged in user who's authenticated
} else {
// proceed knowing you require user login and/or authentication
}
demo/protected/extensions/facebook/lib/facebook/examples/example.php 0 → 100644
<?php
/**
* Copyright 2011 Facebook, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License. You may obtain
* a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations
* under the License.
*/
require '../src/facebook.php';
// Create our Application instance (replace this with your appId and secret).
$facebook = new Facebook(array(
'appId' => '344617158898614',
'secret' => '6dc8ac871858b34798bc2488200e503d',
));
// Get User ID
$user = $facebook->getUser();
// We may or may not have this data based on whether the user is logged in.
//
// If we have a $user id here, it means we know the user is logged into
// Facebook, but we don't know if the access token is valid. An access
// token is invalid if the user logged out of Facebook.
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
}
// Login or logout url will be needed depending on current user state.
if ($user) {
$logoutUrl = $facebook->getLogoutUrl();
} else {
$loginUrl = $facebook->getLoginUrl();
}
// This call will always work since we are fetching public data.
$naitik = $facebook->api('/naitik');
?>
<!doctype html>
<html xmlns:fb="http://www.facebook.com/2008/fbml">
<head>
<title>php-sdk</title>
<style>
body {
font-family: 'Lucida Grande', Verdana, Arial, sans-serif;
}
h1 a {
text-decoration: none;
color: #3b5998;
}
h1 a:hover {
text-decoration: underline;
}
</style>
</head>
<body>
<h1>php-sdk</h1>
<?php if ($user): ?>
<a href="<?php echo $logoutUrl; ?>">Logout</a>
<?php else: ?>
<div>
Login using OAuth 2.0 handled by the PHP SDK:
<a href="<?php echo $loginUrl; ?>">Login with Facebook</a>
</div>
<?php endif ?>
<h3>PHP Session</h3>
<pre><?php print_r($_SESSION); ?></pre>
<?php if ($user): ?>
<h3>You</h3>
<img src="https://graph.facebook.com/<?php echo $user; ?>/picture">
<h3>Your User Object (/me)</h3>
<pre><?php print_r($user_profile); ?></pre>
<?php else: ?>
<strong><em>You are not Connected.</em></strong>
<?php endif ?>
<h3>Public profile of Naitik</h3>
<img src="https://graph.facebook.com/naitik/picture">
<?php echo $naitik['name']; ?>
</body>
</html>
demo/protected/extensions/facebook/lib/facebook/examples/with_js_sdk.php 0 → 100644
<?php
require '../src/facebook.php';
$facebook = new Facebook(array(
'appId' => '344617158898614',
'secret' => '6dc8ac871858b34798bc2488200e503d',
));
// See if there is a user from a cookie
$user = $facebook->getUser();
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
echo '<pre>'.htmlspecialchars(print_r($e, true)).'</pre>';
$user = null;
}
}
?>
<!DOCTYPE html>
<html xmlns:fb="http://www.facebook.com/2008/fbml">
<body>
<?php if ($user) { ?>
Your user profile is
<pre>
<?php print htmlspecialchars(print_r($user_profile, true)) ?>
</pre>
<?php } else { ?>
<fb:login-button></fb:login-button>
<?php } ?>
<div id="fb-root"></div>
<script>
window.fbAsyncInit = function() {
FB.init({
appId: '<?php echo $facebook->getAppID() ?>',
cookie: true,
xfbml: true,
oauth: true
});
FB.Event.subscribe('auth.login', function(response) {
window.location.reload();
});
FB.Event.subscribe('auth.logout', function(response) {
window.location.reload();
});
};
(function() {
var e = document.createElement('script'); e.async = true;
e.src = document.location.protocol +
'//connect.facebook.net/en_US/all.js';
document.getElementById('fb-root').appendChild(e);
}());
</script>
</body>
</html>
demo/protected/extensions/facebook/lib/facebook/readme.md 0 → 100644
We have created a new repository for this project: https://github.com/facebook/facebook-php-sdk. Please update anything you have pointing at this repostory to this location before April 1, 2012.
Facebook PHP SDK (v.3.1.1)
==========================
The [Facebook Platform](http://developers.facebook.com/) is
a set of APIs that make your app more social
This repository contains the open source PHP SDK that allows you to access Facebook Platform from your PHP app. Except as otherwise noted, the Facebook PHP SDK
is licensed under the Apache Licence, Version 2.0
(http://www.apache.org/licenses/LICENSE-2.0.html)
Usage
-----
The [examples][examples] are a good place to start. The minimal you'll need to
have is:
require 'facebook-php-sdk/src/facebook.php';
$facebook = new Facebook(array(
'appId' => 'YOUR_APP_ID',
'secret' => 'YOUR_APP_SECRET',
));
// Get User ID
$user = $facebook->getUser();
To make [API][API] calls:
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
}
Login or logout url will be needed depending on current user state.
if ($user) {
$logoutUrl = $facebook->getLogoutUrl();
} else {
$loginUrl = $facebook->getLoginUrl();
}
[examples]: http://github.com/facebook/facebook-php-sdk/blob/master/examples/example.php
[API]: http://developers.facebook.com/docs/api
Tests
-----
In order to keep us nimble and allow us to bring you new functionality, without
compromising on stability, we have ensured full test coverage of the SDK.
We are including this in the open source repository to assure you of our
commitment to quality, but also with the hopes that you will contribute back to
help keep it stable. The easiest way to do so is to file bugs and include a
test case.
The tests can be executed by using this command from the base directory:
phpunit --stderr --bootstrap tests/bootstrap.php tests/tests.php
Contributing
===========
For us to accept contributions you will have to first have signed the [Contributor License Agreement](https://developers.facebook.com/opensource/cla).
When commiting, keep all lines to less than 80 characters, and try to follow the existing style.
Before creating a pull request, squash your commits into a single commit.
Add the comments where needed, and provide ample explanation in the commit message.
Report Issues/Bugs
===============
[Bugs](https://developers.facebook.com/bugs)
[Questions](http://facebook.stackoverflow.com)
demo/protected/extensions/facebook/lib/facebook/src/base_facebook.php 0 → 100644
<?php
/**
* Copyright 2011 Facebook, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License. You may obtain
* a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations
* under the License.
*/
if (!function_exists('curl_init')) {
throw new Exception('Facebook needs the CURL PHP extension.');
}
if (!function_exists('json_decode')) {
throw new Exception('Facebook needs the JSON PHP extension.');
}
/**
* Thrown when an API call returns an exception.
*
* @author Naitik Shah <naitik@facebook.com>
*/
class FacebookApiException extends Exception
{
/**
* The result from the API server that represents the exception information.
*/
protected $result;
/**
* Make a new API Exception with the given result.
*
* @param array $result The result from the API server
*/
public function __construct($result) {
$this->result = $result;
$code = isset($result['error_code']) ? $result['error_code'] : 0;
if (isset($result['error_description'])) {
// OAuth 2.0 Draft 10 style
$msg = $result['error_description'];
} else if (isset($result['error']) && is_array($result['error'])) {
// OAuth 2.0 Draft 00 style
$msg = $result['error']['message'];
} else if (isset($result['error_msg'])) {
// Rest server style
$msg = $result['error_msg'];
} else {
$msg = 'Unknown Error. Check getResult()';
}
parent::__construct($msg, $code);
}
/**
* Return the associated result object returned by the API server.
*
* @return array The result from the API server
*/
public function getResult() {
return $this->result;
}
/**
* Returns the associated type for the error. This will default to
* 'Exception' when a type is not available.
*
* @return string
*/
public function getType() {
if (isset($this->result['error'])) {
$error = $this->result['error'];
if (is_string($error)) {
// OAuth 2.0 Draft 10 style
return $error;
} else if (is_array($error)) {
// OAuth 2.0 Draft 00 style
if (isset($error['type'])) {
return $error['type'];
}
}
}
return 'Exception';
}
/**
* To make debugging easier.
*
* @return string The string representation of the error
*/
public function __toString() {
$str = $this->getType() . ': ';
if ($this->code != 0) {
$str .= $this->code . ': ';
}
return $str . $this->message;
}
}
/**
* Provides access to the Facebook Platform. This class provides
* a majority of the functionality needed, but the class is abstract
* because it is designed to be sub-classed. The subclass must
* implement the four abstract methods listed at the bottom of
* the file.
*
* @author Naitik Shah <naitik@facebook.com>
*/
abstract class BaseFacebook
{
/**
* Version.
*/
const VERSION = '3.1.1';
/**
* Default options for curl.
*/
public static $CURL_OPTS = array(
CURLOPT_CONNECTTIMEOUT => 10,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_TIMEOUT => 60,
CURLOPT_USERAGENT => 'facebook-php-3.1',
);
/**
* List of query parameters that get automatically dropped when rebuilding
* the current URL.
*/
protected static $DROP_QUERY_PARAMS = array(
'code',
'state',
'signed_request',
);
/**
* Maps aliases to Facebook domains.
*/
public static $DOMAIN_MAP = array(
'api' => 'https://api.facebook.com/',
'api_video' => 'https://api-video.facebook.com/',
'api_read' => 'https://api-read.facebook.com/',
'graph' => 'https://graph.facebook.com/',
'graph_video' => 'https://graph-video.facebook.com/',
'www' => 'https://www.facebook.com/',
);
/**
* The Application ID.
*
* @var string
*/
protected $appId;
/**
* The Application App Secret.
*
* @var string
*/
protected $appSecret;
/**
* The ID of the Facebook user, or 0 if the user is logged out.
*
* @var integer
*/
protected $user;
/**
* The data from the signed_request token.
*/
protected $signedRequest;
/**
* A CSRF state variable to assist in the defense against CSRF attacks.
*/
protected $state;
/**
* The OAuth access token received in exchange for a valid authorization
* code. null means the access token has yet to be determined.
*
* @var string
*/
protected $accessToken = null;
/**
* Indicates if the CURL based @ syntax for file uploads is enabled.
*
* @var boolean
*/
protected $fileUploadSupport = false;
/**
* Initialize a Facebook Application.
*
* The configuration:
* - appId: the application ID
* - secret: the application secret
* - fileUpload: (optional) boolean indicating if file uploads are enabled
*
* @param array $config The application configuration
*/
public function __construct($config) {
$this->setAppId($config['appId']);
$this->setAppSecret($config['secret']);
if (isset($config['fileUpload'])) {
$this->setFileUploadSupport($config['fileUpload']);
}
$state = $this->getPersistentData('state');
if (!empty($state)) {
$this->state = $this->getPersistentData('state');
}
}
/**
* Set the Application ID.
*
* @param string $appId The Application ID
* @return BaseFacebook
*/
public function setAppId($appId) {
$this->appId = $appId;
return $this;
}
/**
* Get the Application ID.
*
* @return string the Application ID
*/
public function getAppId() {
return $this->appId;
}
/**
* Set the App Secret.
*
* @param string $apiSecret The App Secret
* @return BaseFacebook
* @deprecated
*/
public function setApiSecret($apiSecret) {
$this->setAppSecret($apiSecret);
return $this;
}
/**
* Set the App Secret.
*
* @param string $appSecret The App Secret
* @return BaseFacebook
*/
public function setAppSecret($appSecret) {
$this->appSecret = $appSecret;
return $this;
}
/**
* Get the App Secret.
*
* @return string the App Secret
* @deprecated
*/
public function getApiSecret() {
return $this->getAppSecret();
}
/**
* Get the App Secret.
*
* @return string the App Secret
*/
public function getAppSecret() {
return $this->appSecret;
}
/**
* Set the file upload support status.
*
* @param boolean $fileUploadSupport The file upload support status.
* @return BaseFacebook
*/
public function setFileUploadSupport($fileUploadSupport) {
$this->fileUploadSupport = $fileUploadSupport;
return $this;
}
/**
* Get the file upload support status.
*
* @return boolean true if and only if the server supports file upload.
*/
public function getFileUploadSupport() {
return $this->fileUploadSupport;
}
/**
* DEPRECATED! Please use getFileUploadSupport instead.
*
* Get the file upload support status.
*
* @return boolean true if and only if the server supports file upload.
*/
public function useFileUploadSupport() {
return $this->getFileUploadSupport();
}
/**
* Sets the access token for api calls. Use this if you get
* your access token by other means and just want the SDK
* to use it.
*
* @param string $access_token an access token.
* @return BaseFacebook
*/
public function setAccessToken($access_token) {
$this->accessToken = $access_token;
return $this;
}
/**
* Determines the access token that should be used for API calls.
* The first time this is called, $this->accessToken is set equal
* to either a valid user access token, or it's set to the application
* access token if a valid user access token wasn't available. Subsequent
* calls return whatever the first call returned.
*
* @return string The access token
*/
public function getAccessToken() {
if ($this->accessToken !== null) {
// we've done this already and cached it. Just return.
return $this->accessToken;
}
// first establish access token to be the application
// access token, in case we navigate to the /oauth/access_token
// endpoint, where SOME access token is required.
$this->setAccessToken($this->getApplicationAccessToken());
$user_access_token = $this->getUserAccessToken();
if ($user_access_token) {
$this->setAccessToken($user_access_token);
}
return $this->accessToken;
}
/**
* Determines and returns the user access token, first using
* the signed request if present, and then falling back on
* the authorization code if present. The intent is to
* return a valid user access token, or false if one is determined
* to not be available.
*
* @return string A valid user access token, or false if one
* could not be determined.
*/
protected function getUserAccessToken() {
// first, consider a signed request if it's supplied.
// if there is a signed request, then it alone determines
// the access token.
$signed_request = $this->getSignedRequest();
if ($signed_request) {
// apps.facebook.com hands the access_token in the signed_request
if (array_key_exists('oauth_token', $signed_request)) {
$access_token = $signed_request['oauth_token'];
$this->setPersistentData('access_token', $access_token);
return $access_token;
}
// the JS SDK puts a code in with the redirect_uri of ''
if (array_key_exists('code', $signed_request)) {
$code = $signed_request['code'];
$access_token = $this->getAccessTokenFromCode($code, '');
if ($access_token) {
$this->setPersistentData('code', $code);
$this->setPersistentData('access_token', $access_token);
return $access_token;
}
}
// signed request states there's no access token, so anything
// stored should be cleared.
$this->clearAllPersistentData();
return false; // respect the signed request's data, even
// if there's an authorization code or something else
}
$code = $this->getCode();
if ($code && $code != $this->getPersistentData('code')) {
$access_token = $this->getAccessTokenFromCode($code);
if ($access_token) {
$this->setPersistentData('code', $code);
$this->setPersistentData('access_token', $access_token);
return $access_token;
}
// code was bogus, so everything based on it should be invalidated.
$this->clearAllPersistentData();
return false;
}
// as a fallback, just return whatever is in the persistent
// store, knowing nothing explicit (signed request, authorization
// code, etc.) was present to shadow it (or we saw a code in $_REQUEST,
// but it's the same as what's in the persistent store)
return $this->getPersistentData('access_token');
}
/**
* Retrieve the signed request, either from a request parameter or,
* if not present, from a cookie.
*
* @return string the signed request, if available, or null otherwise.
*/
public function getSignedRequest() {
if (!$this->signedRequest) {
if (isset($_REQUEST['signed_request'])) {
$this->signedRequest = $this->parseSignedRequest(
$_REQUEST['signed_request']);
} else if (isset($_COOKIE[$this->getSignedRequestCookieName()])) {
$this->signedRequest = $this->parseSignedRequest(
$_COOKIE[$this->getSignedRequestCookieName()]);
}
}
return $this->signedRequest;
}
/**
* Get the UID of the connected user, or 0
* if the Facebook user is not connected.
*
* @return string the UID if available.
*/
public function getUser() {
if ($this->user !== null) {
// we've already determined this and cached the value.
return $this->user;
}
return $this->user = $this->getUserFromAvailableData();
}
/**
* Determines the connected user by first examining any signed
* requests, then considering an authorization code, and then
* falling back to any persistent store storing the user.
*
* @return integer The id of the connected Facebook user,
* or 0 if no such user exists.
*/
protected function getUserFromAvailableData() {
// if a signed request is supplied, then it solely determines
// who the user is.
$signed_request = $this->getSignedRequest();
if ($signed_request) {
if (array_key_exists('user_id', $signed_request)) {
$user = $signed_request['user_id'];
$this->setPersistentData('user_id', $signed_request['user_id']);
return $user;
}
// if the signed request didn't present a user id, then invalidate
// all entries in any persistent store.
$this->clearAllPersistentData();
return 0;
}
$user = $this->getPersistentData('user_id', $default = 0);
$persisted_access_token = $this->getPersistentData('access_token');
// use access_token to fetch user id if we have a user access_token, or if
// the cached access token has changed.
$access_token = $this->getAccessToken();
if ($access_token &&
$access_token != $this->getApplicationAccessToken() &&
!($user && $persisted_access_token == $access_token)) {
$user = $this->getUserFromAccessToken();
if ($user) {
$this->setPersistentData('user_id', $user);
} else {
$this->clearAllPersistentData();
}
}
return $user;
}
/**
* Get a Login URL for use with redirects. By default, full page redirect is
* assumed. If you are using the generated URL with a window.open() call in
* JavaScript, you can pass in display=popup as part of the $params.
*
* The parameters:
* - redirect_uri: the url to go to after a successful login
* - scope: comma separated list of requested extended perms
*
* @param array $params Provide custom parameters
* @return string The URL for the login flow
*/
public function getLoginUrl($params=array()) {
$this->establishCSRFTokenState();
$currentUrl = $this->getCurrentUrl();
// if 'scope' is passed as an array, convert to comma separated list
$scopeParams = isset($params['scope']) ? $params['scope'] : null;
if ($scopeParams && is_array($scopeParams)) {
$params['scope'] = implode(',', $scopeParams);
}
return $this->getUrl(
'www',
'dialog/oauth',
array_merge(array(
'client_id' => $this->getAppId(),
'redirect_uri' => $currentUrl, // possibly overwritten
'state' => $this->state),
$params));
}
/**
* Get a Logout URL suitable for use with redirects.
*
* The parameters:
* - next: the url to go to after a successful logout
*
* @param array $params Provide custom parameters
* @return string The URL for the logout flow
*/
public function getLogoutUrl($params=array()) {
return $this->getUrl(
'www',
'logout.php',
array_merge(array(
'next' => $this->getCurrentUrl(),
'access_token' => $this->getAccessToken(),
), $params)
);
}
/**
* Get a login status URL to fetch the status from Facebook.
*
* The parameters:
* - ok_session: the URL to go to if a session is found
* - no_session: the URL to go to if the user is not connected
* - no_user: the URL to go to if the user is not signed into facebook
*
* @param array $params Provide custom parameters
* @return string The URL for the logout flow
*/
public function getLoginStatusUrl($params=array()) {
return $this->getUrl(
'www',
'extern/login_status.php',
array_merge(array(
'api_key' => $this->getAppId(),
'no_session' => $this->getCurrentUrl(),
'no_user' => $this->getCurrentUrl(),
'ok_session' => $this->getCurrentUrl(),
'session_version' => 3,
), $params)
);
}
/**
* Make an API call.
*
* @return mixed The decoded response
*/
public function api(/* polymorphic */) {
$args = func_get_args();
if (is_array($args[0])) {
return $this->_restserver($args[0]);
} else {
return call_user_func_array(array($this, '_graph'), $args);
}
}
/**
* Constructs and returns the name of the cookie that
* potentially houses the signed request for the app user.
* The cookie is not set by the BaseFacebook class, but
* it may be set by the JavaScript SDK.
*
* @return string the name of the cookie that would house
* the signed request value.
*/
protected function getSignedRequestCookieName() {
return 'fbsr_'.$this->getAppId();
}
/**
* Constructs and returns the name of the coookie that potentially contain
* metadata. The cookie is not set by the BaseFacebook class, but it may be
* set by the JavaScript SDK.
*
* @return string the name of the cookie that would house metadata.
*/
protected function getMetadataCookieName() {
return 'fbm_'.$this->getAppId();
}
/**
* Get the authorization code from the query parameters, if it exists,
* and otherwise return false to signal no authorization code was
* discoverable.
*
* @return mixed The authorization code, or false if the authorization
* code could not be determined.
*/
protected function getCode() {
if (isset($_REQUEST['code'])) {
if ($this->state !== null &&
isset($_REQUEST['state']) &&
$this->state === $_REQUEST['state']) {
// CSRF state has done its job, so clear it
$this->state = null;
$this->clearPersistentData('state');
return $_REQUEST['code'];
} else {
self::errorLog('CSRF state token does not match one provided.');
return false;
}
}
return false;
}
/**
* Retrieves the UID with the understanding that
* $this->accessToken has already been set and is
* seemingly legitimate. It relies on Facebook's Graph API
* to retrieve user information and then extract
* the user ID.
*
* @return integer Returns the UID of the Facebook user, or 0
* if the Facebook user could not be determined.
*/
protected function getUserFromAccessToken() {
try {
$user_info = $this->api('/me');
return $user_info['id'];
} catch (FacebookApiException $e) {
return 0;
}
}
/**
* Returns the access token that should be used for logged out
* users when no authorization code is available.
*
* @return string The application access token, useful for gathering
* public information about users and applications.
*/
protected function getApplicationAccessToken() {
return $this->appId.'|'.$this->appSecret;
}
/**
* Lays down a CSRF state token for this process.
*
* @return void
*/
protected function establishCSRFTokenState() {
if ($this->state === null) {
$this->state = md5(uniqid(mt_rand(), true));
$this->setPersistentData('state', $this->state);
}
}
/**
* Retrieves an access token for the given authorization code
* (previously generated from www.facebook.com on behalf of
* a specific user). The authorization code is sent to graph.facebook.com
* and a legitimate access token is generated provided the access token
* and the user for which it was generated all match, and the user is
* either logged in to Facebook or has granted an offline access permission.
*
* @param string $code An authorization code.
* @return mixed An access token exchanged for the authorization code, or
* false if an access token could not be generated.
*/
protected function getAccessTokenFromCode($code, $redirect_uri = null) {
if (empty($code)) {
return false;
}
if ($redirect_uri === null) {
$redirect_uri = $this->getCurrentUrl();
}
try {
// need to circumvent json_decode by calling _oauthRequest
// directly, since response isn't JSON format.
$access_token_response =
$this->_oauthRequest(
$this->getUrl('graph', '/oauth/access_token'),
$params = array('client_id' => $this->getAppId(),
'client_secret' => $this->getAppSecret(),
'redirect_uri' => $redirect_uri,
'code' => $code));
} catch (FacebookApiException $e) {
// most likely that user very recently revoked authorization.
// In any event, we don't have an access token, so say so.
return false;
}
if (empty($access_token_response)) {
return false;
}
$response_params = array();
parse_str($access_token_response, $response_params);
if (!isset($response_params['access_token'])) {
return false;
}
return $response_params['access_token'];
}
/**
* Invoke the old restserver.php endpoint.
*
* @param array $params Method call object
*
* @return mixed The decoded response object
* @throws FacebookApiException
*/
protected function _restserver($params) {
// generic application level parameters
$params['api_key'] = $this->getAppId();
$params['format'] = 'json-strings';
$result = json_decode($this->_oauthRequest(
$this->getApiUrl($params['method']),
$params
), true);
// results are returned, errors are thrown
if (is_array($result) && isset($result['error_code'])) {
$this->throwAPIException($result);
}
if ($params['method'] === 'auth.expireSession' ||
$params['method'] === 'auth.revokeAuthorization') {
$this->destroySession();
}
return $result;
}
/**
* Return true if this is video post.
*
* @param string $path The path
* @param string $method The http method (default 'GET')
*
* @return boolean true if this is video post
*/
protected function isVideoPost($path, $method = 'GET') {
if ($method == 'POST' && preg_match("/^(\/)(.+)(\/)(videos)$/", $path)) {
return true;
}
return false;
}
/**
* Invoke the Graph API.
*
* @param string $path The path (required)
* @param string $method The http method (default 'GET')
* @param array $params The query/post data
*
* @return mixed The decoded response object
* @throws FacebookApiException
*/
protected function _graph($path, $method = 'GET', $params = array()) {
if (is_array($method) && empty($params)) {
$params = $method;
$method = 'GET';
}
$params['method'] = $method; // method override as we always do a POST
if ($this->isVideoPost($path, $method)) {
$domainKey = 'graph_video';
} else {
$domainKey = 'graph';
}
$result = json_decode($this->_oauthRequest(
$this->getUrl($domainKey, $path),
$params
), true);
// results are returned, errors are thrown
if (is_array($result) && isset($result['error'])) {
$this->throwAPIException($result);
}
return $result;
}
/**
* Make a OAuth Request.
*
* @param string $url The path (required)
* @param array $params The query/post data
*
* @return string The decoded response object
* @throws FacebookApiException
*/
protected function _oauthRequest($url, $params) {
if (!isset($params['access_token'])) {
$params['access_token'] = $this->getAccessToken();
}
// json_encode all params values that are not strings
foreach ($params as $key => $value) {
if (!is_string($value)) {
$params[$key] = json_encode($value);
}
}
return $this->makeRequest($url, $params);
}
/**
* Makes an HTTP request. This method can be overridden by subclasses if
* developers want to do fancier things or use something other than curl to
* make the request.
*
* @param string $url The URL to make the request to
* @param array $params The parameters to use for the POST body
* @param CurlHandler $ch Initialized curl handle
*
* @return string The response text
*/
protected function makeRequest($url, $params, $ch=null) {
if (!$ch) {
$ch = curl_init();
}
$opts = self::$CURL_OPTS;
if ($this->getFileUploadSupport()) {
$opts[CURLOPT_POSTFIELDS] = $params;
} else {
$opts[CURLOPT_POSTFIELDS] = http_build_query($params, null, '&');
}
$opts[CURLOPT_URL] = $url;
// disable the 'Expect: 100-continue' behaviour. This causes CURL to wait
// for 2 seconds if the server does not support this header.
if (isset($opts[CURLOPT_HTTPHEADER])) {
$existing_headers = $opts[CURLOPT_HTTPHEADER];
$existing_headers[] = 'Expect:';
$opts[CURLOPT_HTTPHEADER] = $existing_headers;
} else {
$opts[CURLOPT_HTTPHEADER] = array('Expect:');
}
curl_setopt_array($ch, $opts);
$result = curl_exec($ch);
if (curl_errno($ch) == 60) { // CURLE_SSL_CACERT
self::errorLog('Invalid or no certificate authority found, '.
'using bundled information');
curl_setopt($ch, CURLOPT_CAINFO,
dirname(__FILE__) . '/fb_ca_chain_bundle.crt');
$result = curl_exec($ch);
}
if ($result === false) {
$e = new FacebookApiException(array(
'error_code' => curl_errno($ch),
'error' => array(
'message' => curl_error($ch),
'type' => 'CurlException',
),
));
curl_close($ch);
throw $e;
}
curl_close($ch);
return $result;
}
/**
* Parses a signed_request and validates the signature.
*
* @param string $signed_request A signed token
* @return array The payload inside it or null if the sig is wrong
*/
protected function parseSignedRequest($signed_request) {
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
// decode the data
$sig = self::base64UrlDecode($encoded_sig);
$data = json_decode(self::base64UrlDecode($payload), true);
if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
self::errorLog('Unknown algorithm. Expected HMAC-SHA256');
return null;
}
// check sig
$expected_sig = hash_hmac('sha256', $payload,
$this->getAppSecret(), $raw = true);
if ($sig !== $expected_sig) {
self::errorLog('Bad Signed JSON signature!');
return null;
}
return $data;
}
/**
* Build the URL for api given parameters.
*
* @param $method String the method name.
* @return string The URL for the given parameters
*/
protected function getApiUrl($method) {
static $READ_ONLY_CALLS =
array('admin.getallocation' => 1,
'admin.getappproperties' => 1,
'admin.getbannedusers' => 1,
'admin.getlivestreamvialink' => 1,
'admin.getmetrics' => 1,
'admin.getrestrictioninfo' => 1,
'application.getpublicinfo' => 1,
'auth.getapppublickey' => 1,
'auth.getsession' => 1,
'auth.getsignedpublicsessiondata' => 1,
'comments.get' => 1,
'connect.getunconnectedfriendscount' => 1,
'dashboard.getactivity' => 1,
'dashboard.getcount' => 1,
'dashboard.getglobalnews' => 1,
'dashboard.getnews' => 1,
'dashboard.multigetcount' => 1,
'dashboard.multigetnews' => 1,
'data.getcookies' => 1,
'events.get' => 1,
'events.getmembers' => 1,
'fbml.getcustomtags' => 1,
'feed.getappfriendstories' => 1,
'feed.getregisteredtemplatebundlebyid' => 1,
'feed.getregisteredtemplatebundles' => 1,
'fql.multiquery' => 1,
'fql.query' => 1,
'friends.arefriends' => 1,
'friends.get' => 1,
'friends.getappusers' => 1,
'friends.getlists' => 1,
'friends.getmutualfriends' => 1,
'gifts.get' => 1,
'groups.get' => 1,
'groups.getmembers' => 1,
'intl.gettranslations' => 1,
'links.get' => 1,
'notes.get' => 1,
'notifications.get' => 1,
'pages.getinfo' => 1,
'pages.isadmin' => 1,
'pages.isappadded' => 1,
'pages.isfan' => 1,
'permissions.checkavailableapiaccess' => 1,
'permissions.checkgrantedapiaccess' => 1,
'photos.get' => 1,
'photos.getalbums' => 1,
'photos.gettags' => 1,
'profile.getinfo' => 1,
'profile.getinfooptions' => 1,
'stream.get' => 1,
'stream.getcomments' => 1,
'stream.getfilters' => 1,
'users.getinfo' => 1,
'users.getloggedinuser' => 1,
'users.getstandardinfo' => 1,
'users.hasapppermission' => 1,
'users.isappuser' => 1,
'users.isverified' => 1,
'video.getuploadlimits' => 1);
$name = 'api';
if (isset($READ_ONLY_CALLS[strtolower($method)])) {
$name = 'api_read';
} else if (strtolower($method) == 'video.upload') {
$name = 'api_video';
}
return self::getUrl($name, 'restserver.php');
}
/**
* Build the URL for given domain alias, path and parameters.
*
* @param $name string The name of the domain
* @param $path string Optional path (without a leading slash)
* @param $params array Optional query parameters
*
* @return string The URL for the given parameters
*/
protected function getUrl($name, $path='', $params=array()) {
$url = self::$DOMAIN_MAP[$name];
if ($path) {
if ($path[0] === '/') {
$path = substr($path, 1);
}
$url .= $path;
}
if ($params) {
$url .= '?' . http_build_query($params, null, '&');
}
return $url;
}
/**
* Returns the Current URL, stripping it of known FB parameters that should
* not persist.
*
* @return string The current URL
*/
protected function getCurrentUrl() {
if (isset($_SERVER['HTTPS']) &&
($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] == 1) ||
isset($_SERVER['HTTP_X_FORWARDED_PROTO']) &&
$_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
$protocol = 'https://';
}
else {
$protocol = 'http://';
}
$currentUrl = $protocol . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
$parts = parse_url($currentUrl);
$query = '';
if (!empty($parts['query'])) {
// drop known fb params
$params = explode('&', $parts['query']);
$retained_params = array();
foreach ($params as $param) {
if ($this->shouldRetainParam($param)) {
$retained_params[] = $param;
}
}
if (!empty($retained_params)) {
$query = '?'.implode($retained_params, '&');
}
}
// use port if non default
$port =
isset($parts['port']) &&
(($protocol === 'http://' && $parts['port'] !== 80) ||
($protocol === 'https://' && $parts['port'] !== 443))
? ':' . $parts['port'] : '';
// rebuild
return $protocol . $parts['host'] . $port . $parts['path'] . $query;
}
/**
* Returns true if and only if the key or key/value pair should
* be retained as part of the query string. This amounts to
* a brute-force search of the very small list of Facebook-specific
* params that should be stripped out.
*
* @param string $param A key or key/value pair within a URL's query (e.g.
* 'foo=a', 'foo=', or 'foo'.
*
* @return boolean
*/
protected function shouldRetainParam($param) {
foreach (self::$DROP_QUERY_PARAMS as $drop_query_param) {
if (strpos($param, $drop_query_param.'=') === 0) {
return false;
}
}
return true;
}
/**
* Analyzes the supplied result to see if it was thrown
* because the access token is no longer valid. If that is
* the case, then we destroy the session.
*
* @param $result array A record storing the error message returned
* by a failed API call.
*/
protected function throwAPIException($result) {
$e = new FacebookApiException($result);
switch ($e->getType()) {
// OAuth 2.0 Draft 00 style
case 'OAuthException':
// OAuth 2.0 Draft 10 style
case 'invalid_token':
// REST server errors are just Exceptions
case 'Exception':
$message = $e->getMessage();
if ((strpos($message, 'Error validating access token') !== false) ||
(strpos($message, 'Invalid OAuth access token') !== false) ||
(strpos($message, 'An active access token must be used') !== false)
) {
$this->destroySession();
}
break;
}
throw $e;
}
/**
* Prints to the error log if you aren't in command line mode.
*
* @param string $msg Log message
*/
protected static function errorLog($msg) {
// disable error log if we are running in a CLI environment
// @codeCoverageIgnoreStart
if (php_sapi_name() != 'cli') {
error_log($msg);
}
// uncomment this if you want to see the errors on the page
// print 'error_log: '.$msg."\n";
// @codeCoverageIgnoreEnd
}
/**
* Base64 encoding that doesn't need to be urlencode()ed.
* Exactly the same as base64_encode except it uses
* - instead of +
* _ instead of /
*
* @param string $input base64UrlEncoded string
* @return string
*/
protected static function base64UrlDecode($input) {
return base64_decode(strtr($input, '-_', '+/'));
}
/**
* Destroy the current session
*/
public function destroySession() {
$this->accessToken = null;
$this->signedRequest = null;
$this->user = null;
$this->clearAllPersistentData();
// Javascript sets a cookie that will be used in getSignedRequest that we
// need to clear if we can
$cookie_name = $this->getSignedRequestCookieName();
if (array_key_exists($cookie_name, $_COOKIE)) {
unset($_COOKIE[$cookie_name]);
if (!headers_sent()) {
// The base domain is stored in the metadata cookie if not we fallback
// to the current hostname
$base_domain = '.'. $_SERVER['HTTP_HOST'];
$metadata = $this->getMetadataCookie();
if (array_key_exists('base_domain', $metadata) &&
!empty($metadata['base_domain'])) {
$base_domain = $metadata['base_domain'];
}
setcookie($cookie_name, '', 0, '/', $base_domain);
} else {
self::errorLog(
'There exists a cookie that we wanted to clear that we couldn\'t '.
'clear because headers was already sent. Make sure to do the first '.
'API call before outputing anything'
);
}
}
}
/**
* Parses the metadata cookie that our Javascript API set
*
* @return an array mapping key to value
*/
protected function getMetadataCookie() {
$cookie_name = $this->getMetadataCookieName();
if (!array_key_exists($cookie_name, $_COOKIE)) {
return array();
}
// The cookie value can be wrapped in "-characters so remove them
$cookie_value = trim($_COOKIE[$cookie_name], '"');
if (empty($cookie_value)) {
return array();
}
$parts = explode('&', $cookie_value);
$metadata = array();
foreach ($parts as $part) {
$pair = explode('=', $part, 2);
if (!empty($pair[0])) {
$metadata[urldecode($pair[0])] =
(count($pair) > 1) ? urldecode($pair[1]) : '';
}
}
return $metadata;
}
/**
* Each of the following four methods should be overridden in
* a concrete subclass, as they are in the provided Facebook class.
* The Facebook class uses PHP sessions to provide a primitive
* persistent store, but another subclass--one that you implement--
* might use a database, memcache, or an in-memory cache.
*
* @see Facebook
*/
/**
* Stores the given ($key, $value) pair, so that future calls to
* getPersistentData($key) return $value. This call may be in another request.
*
* @param string $key
* @param array $value
*
* @return void
*/
abstract protected function setPersistentData($key, $value);
/**
* Get the data for $key, persisted by BaseFacebook::setPersistentData()
*
* @param string $key The key of the data to retrieve
* @param boolean $default The default value to return if $key is not found
*
* @return mixed
*/
abstract protected function getPersistentData($key, $default = false);
/**
* Clear the data with $key from the persistent storage
*
* @param string $key
* @return void
*/
abstract protected function clearPersistentData($key);
/**
* Clear all data from the persistent storage
*
* @return void
*/
abstract protected function clearAllPersistentData();
}
demo/protected/extensions/facebook/lib/facebook/src/facebook.php 0 → 100644
<?php
/**
* Copyright 2011 Facebook, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License. You may obtain
* a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations
* under the License.
*/
require_once "base_facebook.php";
/**
* Extends the BaseFacebook class with the intent of using
* PHP sessions to store user ids and access tokens.
*/
class Facebook extends BaseFacebook
{
/**
* Identical to the parent constructor, except that
* we start a PHP session to store the user ID and
* access token if during the course of execution
* we discover them.
*
* @param Array $config the application configuration.
* @see BaseFacebook::__construct in facebook.php
*/
public function __construct($config) {
if (!session_id()) {
session_start();
}
parent::__construct($config);
}
protected static $kSupportedKeys =
array('state', 'code', 'access_token', 'user_id');
/**
* Provides the implementations of the inherited abstract
* methods. The implementation uses PHP sessions to maintain
* a store for authorization codes, user ids, CSRF states, and
* access tokens.
*/
protected function setPersistentData($key, $value) {
if (!in_array($key, self::$kSupportedKeys)) {
self::errorLog('Unsupported key passed to setPersistentData.');
return;
}
$session_var_name = $this->constructSessionVariableName($key);
$_SESSION[$session_var_name] = $value;
}
protected function getPersistentData($key, $default = false) {
if (!in_array($key, self::$kSupportedKeys)) {
self::errorLog('Unsupported key passed to getPersistentData.');
return $default;
}
$session_var_name = $this->constructSessionVariableName($key);
return isset($_SESSION[$session_var_name]) ?
$_SESSION[$session_var_name] : $default;
}
protected function clearPersistentData($key) {
if (!in_array($key, self::$kSupportedKeys)) {
self::errorLog('Unsupported key passed to clearPersistentData.');
return;
}
$session_var_name = $this->constructSessionVariableName($key);
unset($_SESSION[$session_var_name]);
}
protected function clearAllPersistentData() {
foreach (self::$kSupportedKeys as $key) {
$this->clearPersistentData($key);
}
}
protected function constructSessionVariableName($key) {
return implode('_', array('fb',
$this->getAppId(),
$key));
}
}
demo/protected/extensions/facebook/lib/facebook/src/fb_ca_chain_bundle.crt 0 → 100644
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIQDKKbZcnESGaLDuEaVk6fQjANBgkqhkiG9w0BAQUFADBm
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSUwIwYDVQQDExxEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
ZSBDQS0zMB4XDTEwMDExMzAwMDAwMFoXDTEzMDQxMTIzNTk1OVowaDELMAkGA1UE
BhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExEjAQBgNVBAcTCVBhbG8gQWx0bzEX
MBUGA1UEChMORmFjZWJvb2ssIEluYy4xFzAVBgNVBAMUDiouZmFjZWJvb2suY29t
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9rzj7QIuLM3sdHu1HcI1VcR3g
b5FExKNV646agxSle1aQ/sJev1mh/u91ynwqd2BQmM0brZ1Hc3QrfYyAaiGGgEkp
xbhezyfeYhAyO0TKAYxPnm2cTjB5HICzk6xEIwFbA7SBJ2fSyW1CFhYZyo3tIBjj
19VjKyBfpRaPkzLmRwIDAQABo4ICrDCCAqgwHwYDVR0jBBgwFoAUUOpzidsp+xCP
nuUBINTeeZlIg/cwHQYDVR0OBBYEFPp+tsFBozkjrHlEnZ9J4cFj2eM0MA4GA1Ud
DwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMF8GA1UdHwRYMFYwKaAnoCWGI2h0dHA6
Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9jYTMtZmIuY3JsMCmgJ6AlhiNodHRwOi8vY3Js
NC5kaWdpY2VydC5jb20vY2EzLWZiLmNybDCCAcYGA1UdIASCAb0wggG5MIIBtQYL
YIZIAYb9bAEDAAEwggGkMDoGCCsGAQUFBwIBFi5odHRwOi8vd3d3LmRpZ2ljZXJ0
LmNvbS9zc2wtY3BzLXJlcG9zaXRvcnkuaHRtMIIBZAYIKwYBBQUHAgIwggFWHoIB
UgBBAG4AeQAgAHUAcwBlACAAbwBmACAAdABoAGkAcwAgAEMAZQByAHQAaQBmAGkA
YwBhAHQAZQAgAGMAbwBuAHMAdABpAHQAdQB0AGUAcwAgAGEAYwBjAGUAcAB0AGEA
bgBjAGUAIABvAGYAIAB0AGgAZQAgAEQAaQBnAGkAQwBlAHIAdAAgAEMAUAAvAEMA
UABTACAAYQBuAGQAIAB0AGgAZQAgAFIAZQBsAHkAaQBuAGcAIABQAGEAcgB0AHkA
IABBAGcAcgBlAGUAbQBlAG4AdAAgAHcAaABpAGMAaAAgAGwAaQBtAGkAdAAgAGwA
aQBhAGIAaQBsAGkAdAB5ACAAYQBuAGQAIABhAHIAZQAgAGkAbgBjAG8AcgBwAG8A
cgBhAHQAZQBkACAAaABlAHIAZQBpAG4AIABiAHkAIAByAGUAZgBlAHIAZQBuAGMA
ZQAuMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQUF
AAOCAQEACOkTIdxMy11+CKrbGNLBSg5xHaTvu/v1wbyn3dO/mf68pPfJnX6ShPYy
4XM4Vk0x4uaFaU4wAGke+nCKGi5dyg0Esg7nemLNKEJaFAJZ9enxZm334lSCeARy
wlDtxULGOFRyGIZZPmbV2eNq5xdU/g3IuBEhL722mTpAye9FU/J8Wsnw54/gANyO
Gzkewigua8ip8Lbs9Cht399yAfbfhUP1DrAm/xEcnHrzPr3cdCtOyJaM6SRPpRqH
ITK5Nc06tat9lXVosSinT3KqydzxBYua9gCFFiR3x3DgZfvXkC6KDdUlDrNcJUub
a1BHnLLP4mxTHL6faAXYd05IxNn/IA==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIGVTCCBT2gAwIBAgIQCFH5WYFBRcq94CTiEsnCDjANBgkqhkiG9w0BAQUFADBs
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
ZSBFViBSb290IENBMB4XDTA3MDQwMzAwMDAwMFoXDTIyMDQwMzAwMDAwMFowZjEL
MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
LmRpZ2ljZXJ0LmNvbTElMCMGA1UEAxMcRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug
Q0EtMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL9hCikQH17+NDdR
CPge+yLtYb4LDXBMUGMmdRW5QYiXtvCgFbsIYOBC6AUpEIc2iihlqO8xB3RtNpcv
KEZmBMcqeSZ6mdWOw21PoF6tvD2Rwll7XjZswFPPAAgyPhBkWBATaccM7pxCUQD5
BUTuJM56H+2MEb0SqPMV9Bx6MWkBG6fmXcCabH4JnudSREoQOiPkm7YDr6ictFuf
1EutkozOtREqqjcYjbTCuNhcBoz4/yO9NV7UfD5+gw6RlgWYw7If48hl66l7XaAs
zPw82W3tzPpLQ4zJ1LilYRyyQLYoEt+5+F/+07LJ7z20Hkt8HEyZNp496+ynaF4d
32duXvsCAwEAAaOCAvcwggLzMA4GA1UdDwEB/wQEAwIBhjCCAcYGA1UdIASCAb0w
ggG5MIIBtQYLYIZIAYb9bAEDAAIwggGkMDoGCCsGAQUFBwIBFi5odHRwOi8vd3d3
LmRpZ2ljZXJ0LmNvbS9zc2wtY3BzLXJlcG9zaXRvcnkuaHRtMIIBZAYIKwYBBQUH
AgIwggFWHoIBUgBBAG4AeQAgAHUAcwBlACAAbwBmACAAdABoAGkAcwAgAEMAZQBy
AHQAaQBmAGkAYwBhAHQAZQAgAGMAbwBuAHMAdABpAHQAdQB0AGUAcwAgAGEAYwBj
AGUAcAB0AGEAbgBjAGUAIABvAGYAIAB0AGgAZQAgAEQAaQBnAGkAQwBlAHIAdAAg
AEMAUAAvAEMAUABTACAAYQBuAGQAIAB0AGgAZQAgAFIAZQBsAHkAaQBuAGcAIABQ
AGEAcgB0AHkAIABBAGcAcgBlAGUAbQBlAG4AdAAgAHcAaABpAGMAaAAgAGwAaQBt
AGkAdAAgAGwAaQBhAGIAaQBsAGkAdAB5ACAAYQBuAGQAIABhAHIAZQAgAGkAbgBj
AG8AcgBwAG8AcgBhAHQAZQBkACAAaABlAHIAZQBpAG4AIABiAHkAIAByAGUAZgBl
AHIAZQBuAGMAZQAuMA8GA1UdEwEB/wQFMAMBAf8wNAYIKwYBBQUHAQEEKDAmMCQG
CCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wgY8GA1UdHwSBhzCB
hDBAoD6gPIY6aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFz
c3VyYW5jZUVWUm9vdENBLmNybDBAoD6gPIY6aHR0cDovL2NybDQuZGlnaWNlcnQu
Y29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDAfBgNVHSMEGDAW
gBSxPsNpA/i/RwHUmCYaCALvY2QrwzAdBgNVHQ4EFgQUUOpzidsp+xCPnuUBINTe
eZlIg/cwDQYJKoZIhvcNAQEFBQADggEBAF1PhPGoiNOjsrycbeUpSXfh59bcqdg1
rslx3OXb3J0kIZCmz7cBHJvUV5eR13UWpRLXuT0uiT05aYrWNTf58SHEW0CtWakv
XzoAKUMncQPkvTAyVab+hA4LmzgZLEN8rEO/dTHlIxxFVbdpCJG1z9fVsV7un5Tk
1nq5GMO41lJjHBC6iy9tXcwFOPRWBW3vnuzoYTYMFEuFFFoMg08iXFnLjIpx2vrF
EIRYzwfu45DC9fkpx1ojcflZtGQriLCnNseaIGHr+k61rmsb5OPs4tk8QUmoIKRU
9ZKNu8BVIASm2LAXFszj0Mi0PeXZhMbT9m5teMl5Q+h6N/9cNUm/ocU=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEQjCCA6ugAwIBAgIEQoclDjANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u
ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjEy
MjIxNTI3MjdaFw0xNDA3MjIxNTU3MjdaMGwxCzAJBgNVBAYTAlVTMRUwEwYDVQQK
EwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xKzApBgNV
BAMTIkRpZ2lDZXJ0IEhpZ2ggQXNzdXJhbmNlIEVWIFJvb3QgQ0EwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGzOVz5vvUu+UtLTKm3+WBP8nNJUm2cSrD
1ZQ0Z6IKHLBfaaZAscS3so/QmKSpQVk609yU1jzbdDikSsxNJYL3SqVTEjju80lt
cZF+Y7arpl/DpIT4T2JRvvjF7Ns4kuMG5QiRDMQoQVX7y1qJFX5x6DW/TXIJPb46
OFBbdzEbjbPHJEWap6xtABRaBLe6E+tRCphBQSJOZWGHgUFQpnlcid4ZSlfVLuZd
HFMsfpjNGgYWpGhz0DQEE1yhcdNafFXbXmThN4cwVgTlEbQpgBLxeTmIogIRfCdm
t4i3ePLKCqg4qwpkwr9mXZWEwaElHoddGlALIBLMQbtuC1E4uEvLAgMBAAGjggET
MIIBDzASBgNVHRMBAf8ECDAGAQH/AgEBMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggr
BgEFBQcDAgYIKwYBBQUHAwQwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdo
dHRwOi8vb2NzcC5lbnRydXN0Lm5ldDAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8v
Y3JsLmVudHJ1c3QubmV0L3NlcnZlcjEuY3JsMB0GA1UdDgQWBBSxPsNpA/i/RwHU
mCYaCALvY2QrwzALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAU8BdiE1U9s/8KAGv7
UISX8+1i0BowGQYJKoZIhvZ9B0EABAwwChsEVjcuMQMCAIEwDQYJKoZIhvcNAQEF
BQADgYEAUuVY7HCc/9EvhaYzC1rAIo348LtGIiMduEl5Xa24G8tmJnDioD2GU06r
1kjLX/ktCdpdBgXadbjtdrZXTP59uN0AXlsdaTiFufsqVLPvkp5yMnqnuI3E2o6p
NpAkoQSbB6kUCNnXcW26valgOjDLZFOnr241QiwdBAJAAE/rRa8=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIE2DCCBEGgAwIBAgIEN0rSQzANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMC
VVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5u
ZXQvQ1BTIGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDE6MDgGA1UEAxMxRW50cnVzdC5u
ZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05OTA1
MjUxNjA5NDBaFw0xOTA1MjUxNjM5NDBaMIHDMQswCQYDVQQGEwJVUzEUMBIGA1UE
ChMLRW50cnVzdC5uZXQxOzA5BgNVBAsTMnd3dy5lbnRydXN0Lm5ldC9DUFMgaW5j
b3JwLiBieSByZWYuIChsaW1pdHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMTk5OSBF
bnRydXN0Lm5ldCBMaW1pdGVkMTowOAYDVQQDEzFFbnRydXN0Lm5ldCBTZWN1cmUg
U2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGdMA0GCSqGSIb3DQEBAQUA
A4GLADCBhwKBgQDNKIM0VBuJ8w+vN5Ex/68xYMmo6LIQaO2f55M28Qpku0f1BBc/
I0dNxScZgSYMVHINiC3ZH5oSn7yzcdOAGT9HZnuMNSjSuQrfJNqc1lB5gXpa0zf3
wkrYKZImZNHkmGw6AIr1NJtl+O3jEP/9uElY3KDegjlrgbEWGWG5VLbmQwIBA6OC
AdcwggHTMBEGCWCGSAGG+EIBAQQEAwIABzCCARkGA1UdHwSCARAwggEMMIHeoIHb
oIHYpIHVMIHSMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50cnVzdC5uZXQxOzA5
BgNVBAsTMnd3dy5lbnRydXN0Lm5ldC9DUFMgaW5jb3JwLiBieSByZWYuIChsaW1p
dHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMTk5OSBFbnRydXN0Lm5ldCBMaW1pdGVk
MTowOAYDVQQDEzFFbnRydXN0Lm5ldCBTZWN1cmUgU2VydmVyIENlcnRpZmljYXRp
b24gQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMCmgJ6AlhiNodHRwOi8vd3d3LmVu
dHJ1c3QubmV0L0NSTC9uZXQxLmNybDArBgNVHRAEJDAigA8xOTk5MDUyNTE2MDk0
MFqBDzIwMTkwNTI1MTYwOTQwWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAU8Bdi
E1U9s/8KAGv7UISX8+1i0BowHQYDVR0OBBYEFPAXYhNVPbP/CgBr+1CEl/PtYtAa
MAwGA1UdEwQFMAMBAf8wGQYJKoZIhvZ9B0EABAwwChsEVjQuMAMCBJAwDQYJKoZI
hvcNAQEFBQADgYEAkNwwAvpkdMKnCqV8IY00F6j7Rw7/JXyNEwr75Ji174z4xRAN
95K+8cPV1ZVqBLssziY2ZcgxxufuP+NXdYR6Ee9GTxj005i7qIcyunL2POI9n9cd
2cNgQ4xYDiKWL2KjLB+6rQXvqzJ4h6BUcxm1XAX5Uj5tLUUL9wqT6u0G+bI=
-----END CERTIFICATE-----
demo/protected/extensions/facebook/lib/facebook/tests/bootstrap.php 0 → 100644
<?php
$base = realpath(dirname(__FILE__) . '/..');
require "$base/src/base_facebook.php";
require "$base/src/facebook.php";
demo/protected/extensions/facebook/lib/facebook/tests/tests.php 0 → 100644
<?php
/**
* Copyright 2011 Facebook, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License. You may obtain
* a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations
* under the License.
*/
class PHPSDKTestCase extends PHPUnit_Framework_TestCase {
const APP_ID = '117743971608120';
const SECRET = '943716006e74d9b9283d4d5d8ab93204';
const MIGRATED_APP_ID = '174236045938435';
const MIGRATED_SECRET = '0073dce2d95c4a5c2922d1827ea0cca6';
private static $kExpiredAccessToken = '206492729383450|2.N4RKywNPuHAey7CK56_wmg__.3600.1304560800.1-214707|6Q14AfpYi_XJB26aRQumouzJiGA';
private static $kValidSignedRequest = '1sxR88U4SW9m6QnSxwCEw_CObqsllXhnpP5j2pxD97c.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImV4cGlyZXMiOjEyODEwNTI4MDAsIm9hdXRoX3Rva2VuIjoiMTE3NzQzOTcxNjA4MTIwfDIuVlNUUWpub3hYVVNYd1RzcDB1U2g5d19fLjg2NDAwLjEyODEwNTI4MDAtMTY3Nzg0NjM4NXx4NURORHBtcy1nMUM0dUJHQVYzSVdRX2pYV0kuIiwidXNlcl9pZCI6IjE2Nzc4NDYzODUifQ';
private static $kNonTosedSignedRequest = 'c0Ih6vYvauDwncv0n0pndr0hP0mvZaJPQDPt6Z43O0k.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiJ9';
private static $kSignedRequestWithBogusSignature = '1sxR32U4SW9m6QnSxwCEw_CObqsllXhnpP5j2pxD97c.eyJhbGdvcml0aG0iOiJITUFDLVNIQTI1NiIsImV4cGlyZXMiOjEyODEwNTI4MDAsIm9hdXRoX3Rva2VuIjoiMTE3NzQzOTcxNjA4MTIwfDIuVlNUUWpub3hYVVNYd1RzcDB1U2g5d19fLjg2NDAwLjEyODEwNTI4MDAtMTY3Nzg0NjM4NXx4NURORHBtcy1nMUM0dUJHQVYzSVdRX2pYV0kuIiwidXNlcl9pZCI6IjE2Nzc4NDYzODUifQ';
public function testConstructor() {
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$this->assertEquals($facebook->getAppId(), self::APP_ID,
'Expect the App ID to be set.');
$this->assertEquals($facebook->getAppSecret(), self::SECRET,
'Expect the API secret to be set.');
}
public function testConstructorWithFileUpload() {
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
'fileUpload' => true,
));
$this->assertEquals($facebook->getAppId(), self::APP_ID,
'Expect the App ID to be set.');
$this->assertEquals($facebook->getAppSecret(), self::SECRET,
'Expect the API secret to be set.');
$this->assertTrue($facebook->getFileUploadSupport(),
'Expect file upload support to be on.');
// alias (depricated) for getFileUploadSupport -- test until removed
$this->assertTrue($facebook->useFileUploadSupport(),
'Expect file upload support to be on.');
}
public function testSetAppId() {
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$facebook->setAppId('dummy');
$this->assertEquals($facebook->getAppId(), 'dummy',
'Expect the App ID to be dummy.');
}
public function testSetAPISecret() {
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$facebook->setApiSecret('dummy');
$this->assertEquals($facebook->getApiSecret(), 'dummy',
'Expect the API secret to be dummy.');
}
public function testSetAPPSecret() {
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$facebook->setAppSecret('dummy');
$this->assertEquals($facebook->getAppSecret(), 'dummy',
'Expect the API secret to be dummy.');
}
public function testSetAccessToken() {
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$facebook->setAccessToken('saltydog');
$this->assertEquals($facebook->getAccessToken(), 'saltydog',
'Expect installed access token to remain \'saltydog\'');
}
public function testSetFileUploadSupport() {
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$this->assertFalse($facebook->getFileUploadSupport(),
'Expect file upload support to be off.');
// alias for getFileUploadSupport (depricated), testing until removed
$this->assertFalse($facebook->useFileUploadSupport(),
'Expect file upload support to be off.');
$facebook->setFileUploadSupport(true);
$this->assertTrue($facebook->getFileUploadSupport(),
'Expect file upload support to be on.');
// alias for getFileUploadSupport (depricated), testing until removed
$this->assertTrue($facebook->useFileUploadSupport(),
'Expect file upload support to be on.');
}
public function testGetCurrentURL() {
$facebook = new FBGetCurrentURLFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
// fake the HPHP $_SERVER globals
$_SERVER['HTTP_HOST'] = 'www.test.com';
$_SERVER['REQUEST_URI'] = '/unit-tests.php?one=one&two=two&three=three';
$current_url = $facebook->publicGetCurrentUrl();
$this->assertEquals(
'http://www.test.com/unit-tests.php?one=one&two=two&three=three',
$current_url,
'getCurrentUrl function is changing the current URL');
// ensure structure of valueless GET params is retained (sometimes
// an = sign was present, and sometimes it was not)
// first test when equal signs are present
$_SERVER['HTTP_HOST'] = 'www.test.com';
$_SERVER['REQUEST_URI'] = '/unit-tests.php?one=&two=&three=';
$current_url = $facebook->publicGetCurrentUrl();
$this->assertEquals(
'http://www.test.com/unit-tests.php?one=&two=&three=',
$current_url,
'getCurrentUrl function is changing the current URL');
// now confirm that
$_SERVER['HTTP_HOST'] = 'www.test.com';
$_SERVER['REQUEST_URI'] = '/unit-tests.php?one&two&three';
$current_url = $facebook->publicGetCurrentUrl();
$this->assertEquals(
'http://www.test.com/unit-tests.php?one&two&three',
$current_url,
'getCurrentUrl function is changing the current URL');
}
public function testGetLoginURL() {
$facebook = new Facebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
// fake the HPHP $_SERVER globals
$_SERVER['HTTP_HOST'] = 'www.test.com';
$_SERVER['REQUEST_URI'] = '/unit-tests.php';
$login_url = parse_url($facebook->getLoginUrl());
$this->assertEquals($login_url['scheme'], 'https');
$this->assertEquals($login_url['host'], 'www.facebook.com');
$this->assertEquals($login_url['path'], '/dialog/oauth');
$expected_login_params =
array('client_id' => self::APP_ID,
'redirect_uri' => 'http://www.test.com/unit-tests.php');
$query_map = array();
parse_str($login_url['query'], $query_map);
$this->assertIsSubset($expected_login_params, $query_map);
// we don't know what the state is, but we know it's an md5 and should
// be 32 characters long.
$this->assertEquals(strlen($query_map['state']), $num_characters = 32);
}
public function testGetLoginURLWithExtraParams() {
$facebook = new Facebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
// fake the HPHP $_SERVER globals
$_SERVER['HTTP_HOST'] = 'www.test.com';
$_SERVER['REQUEST_URI'] = '/unit-tests.php';
$extra_params = array('scope' => 'email, sms',
'nonsense' => 'nonsense');
$login_url = parse_url($facebook->getLoginUrl($extra_params));
$this->assertEquals($login_url['scheme'], 'https');
$this->assertEquals($login_url['host'], 'www.facebook.com');
$this->assertEquals($login_url['path'], '/dialog/oauth');
$expected_login_params =
array_merge(
array('client_id' => self::APP_ID,
'redirect_uri' => 'http://www.test.com/unit-tests.php'),
$extra_params);
$query_map = array();
parse_str($login_url['query'], $query_map);
$this->assertIsSubset($expected_login_params, $query_map);
// we don't know what the state is, but we know it's an md5 and should
// be 32 characters long.
$this->assertEquals(strlen($query_map['state']), $num_characters = 32);
}
public function testGetLoginURLWithScopeParamsAsArray() {
$facebook = new Facebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
// fake the HPHP $_SERVER globals
$_SERVER['HTTP_HOST'] = 'www.test.com';
$_SERVER['REQUEST_URI'] = '/unit-tests.php';
$scope_params_as_array = array('email','sms','read_stream');
$extra_params = array('scope' => $scope_params_as_array,
'nonsense' => 'nonsense');
$login_url = parse_url($facebook->getLoginUrl($extra_params));
$this->assertEquals($login_url['scheme'], 'https');
$this->assertEquals($login_url['host'], 'www.facebook.com');
$this->assertEquals($login_url['path'], '/dialog/oauth');
// expect api to flatten array params to comma separated list
// should do the same here before asserting to make sure API is behaving
// correctly;
$extra_params['scope'] = implode(',', $scope_params_as_array);
$expected_login_params =
array_merge(
array('client_id' => self::APP_ID,
'redirect_uri' => 'http://www.test.com/unit-tests.php'),
$extra_params);
$query_map = array();
parse_str($login_url['query'], $query_map);
$this->assertIsSubset($expected_login_params, $query_map);
// we don't know what the state is, but we know it's an md5 and should
// be 32 characters long.
$this->assertEquals(strlen($query_map['state']), $num_characters = 32);
}
public function testGetCodeWithValidCSRFState() {
$facebook = new FBCode(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$facebook->setCSRFStateToken();
$code = $_REQUEST['code'] = $this->generateMD5HashOfRandomValue();
$_REQUEST['state'] = $facebook->getCSRFStateToken();
$this->assertEquals($code,
$facebook->publicGetCode(),
'Expect code to be pulled from $_REQUEST[\'code\']');
}
public function testGetCodeWithInvalidCSRFState() {
$facebook = new FBCode(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$facebook->setCSRFStateToken();
$code = $_REQUEST['code'] = $this->generateMD5HashOfRandomValue();
$_REQUEST['state'] = $facebook->getCSRFStateToken().'forgery!!!';
$this->assertFalse($facebook->publicGetCode(),
'Expect getCode to fail, CSRF state should not match.');
}
public function testGetCodeWithMissingCSRFState() {
$facebook = new FBCode(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$code = $_REQUEST['code'] = $this->generateMD5HashOfRandomValue();
// intentionally don't set CSRF token at all
$this->assertFalse($facebook->publicGetCode(),
'Expect getCode to fail, CSRF state not sent back.');
}
public function testGetUserFromSignedRequest() {
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$_REQUEST['signed_request'] = self::$kValidSignedRequest;
$this->assertEquals('1677846385', $facebook->getUser(),
'Failed to get user ID from a valid signed request.');
}
public function testGetSignedRequestFromCookie() {
$facebook = new FBGetSignedRequestCookieFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$_COOKIE[$facebook->publicGetSignedRequestCookieName()] =
self::$kValidSignedRequest;
$this->assertNotNull($facebook->publicGetSignedRequest());
$this->assertEquals('1677846385', $facebook->getUser(),
'Failed to get user ID from a valid signed request.');
}
public function testGetSignedRequestWithIncorrectSignature() {
$facebook = new FBGetSignedRequestCookieFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$_COOKIE[$facebook->publicGetSignedRequestCookieName()] =
self::$kSignedRequestWithBogusSignature;
$this->assertNull($facebook->publicGetSignedRequest());
}
public function testNonUserAccessToken() {
$facebook = new FBAccessToken(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
// no cookies, and no request params, so no user or code,
// so no user access token (even with cookie support)
$this->assertEquals($facebook->publicGetApplicationAccessToken(),
$facebook->getAccessToken(),
'Access token should be that for logged out users.');
}
public function testAPIForLoggedOutUsers() {
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$response = $facebook->api(array(
'method' => 'fql.query',
'query' => 'SELECT name FROM user WHERE uid=4',
));
$this->assertEquals(count($response), 1,
'Expect one row back.');
$this->assertEquals($response[0]['name'], 'Mark Zuckerberg',
'Expect the name back.');
}
public function testAPIWithBogusAccessToken() {
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$facebook->setAccessToken('this-is-not-really-an-access-token');
// if we don't set an access token and there's no way to
// get one, then the FQL query below works beautifully, handing
// over Zuck's public data. But if you specify a bogus access
// token as I have right here, then the FQL query should fail.
// We could return just Zuck's public data, but that wouldn't
// advertise the issue that the access token is at worst broken
// and at best expired.
try {
$response = $facebook->api(array(
'method' => 'fql.query',
'query' => 'SELECT name FROM profile WHERE id=4',
));
$this->fail('Should not get here.');
} catch(FacebookApiException $e) {
$result = $e->getResult();
$this->assertTrue(is_array($result), 'expect a result object');
$this->assertEquals('190', $result['error_code'], 'expect code');
}
}
public function testAPIGraphPublicData() {
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$response = $facebook->api('/jerry');
$this->assertEquals(
$response['id'], '214707', 'should get expected id.');
}
public function testGraphAPIWithBogusAccessToken() {
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$facebook->setAccessToken('this-is-not-really-an-access-token');
try {
$response = $facebook->api('/me');
$this->fail('Should not get here.');
} catch(FacebookApiException $e) {
// means the server got the access token and didn't like it
$msg = 'OAuthException: Invalid OAuth access token.';
$this->assertEquals($msg, (string) $e,
'Expect the invalid OAuth token message.');
}
}
public function testGraphAPIWithExpiredAccessToken() {
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$facebook->setAccessToken(self::$kExpiredAccessToken);
try {
$response = $facebook->api('/me');
$this->fail('Should not get here.');
} catch(FacebookApiException $e) {
// means the server got the access token and didn't like it
$error_msg_start = 'OAuthException: Error validating access token:';
$this->assertTrue(strpos((string) $e, $error_msg_start) === 0,
'Expect the token validation error message.');
}
}
public function testGraphAPIMethod() {
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
try {
// naitik being bold about deleting his entire record....
// let's hope this never actually passes.
$response = $facebook->api('/naitik', $method = 'DELETE');
$this->fail('Should not get here.');
} catch(FacebookApiException $e) {
// ProfileDelete means the server understood the DELETE
$msg =
'OAuthException: (#200) User cannot access this application';
$this->assertEquals($msg, (string) $e,
'Expect the invalid session message.');
}
}
public function testGraphAPIOAuthSpecError() {
$facebook = new TransientFacebook(array(
'appId' => self::MIGRATED_APP_ID,
'secret' => self::MIGRATED_SECRET,
));
try {
$response = $facebook->api('/me', array(
'client_id' => self::MIGRATED_APP_ID));
$this->fail('Should not get here.');
} catch(FacebookApiException $e) {
// means the server got the access token
$msg = 'invalid_request: An active access token must be used '.
'to query information about the current user.';
$this->assertEquals($msg, (string) $e,
'Expect the invalid session message.');
}
}
public function testGraphAPIMethodOAuthSpecError() {
$facebook = new TransientFacebook(array(
'appId' => self::MIGRATED_APP_ID,
'secret' => self::MIGRATED_SECRET,
));
try {
$response = $facebook->api('/daaku.shah', 'DELETE', array(
'client_id' => self::MIGRATED_APP_ID));
$this->fail('Should not get here.');
} catch(FacebookApiException $e) {
$this->assertEquals(strpos($e, 'invalid_request'), 0);
}
}
public function testCurlFailure() {
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
if (!defined('CURLOPT_TIMEOUT_MS')) {
// can't test it if we don't have millisecond timeouts
return;
}
$exception = null;
try {
// we dont expect facebook will ever return in 1ms
Facebook::$CURL_OPTS[CURLOPT_TIMEOUT_MS] = 50;
$facebook->api('/naitik');
} catch(FacebookApiException $e) {
$exception = $e;
}
unset(Facebook::$CURL_OPTS[CURLOPT_TIMEOUT_MS]);
if (!$exception) {
$this->fail('no exception was thrown on timeout.');
}
$this->assertEquals(
CURLE_OPERATION_TIMEOUTED, $exception->getCode(), 'expect timeout');
$this->assertEquals('CurlException', $exception->getType(), 'expect type');
}
public function testGraphAPIWithOnlyParams() {
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$response = $facebook->api('/jerry');
$this->assertTrue(isset($response['id']),
'User ID should be public.');
$this->assertTrue(isset($response['name']),
'User\'s name should be public.');
$this->assertTrue(isset($response['first_name']),
'User\'s first name should be public.');
$this->assertTrue(isset($response['last_name']),
'User\'s last name should be public.');
$this->assertFalse(isset($response['work']),
'User\'s work history should only be available with '.
'a valid access token.');
$this->assertFalse(isset($response['education']),
'User\'s education history should only be '.
'available with a valid access token.');
$this->assertFalse(isset($response['verified']),
'User\'s verification status should only be '.
'available with a valid access token.');
}
public function testLoginURLDefaults() {
$_SERVER['HTTP_HOST'] = 'fbrell.com';
$_SERVER['REQUEST_URI'] = '/examples';
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$encodedUrl = rawurlencode('http://fbrell.com/examples');
$this->assertNotNull(strpos($facebook->getLoginUrl(), $encodedUrl),
'Expect the current url to exist.');
}
public function testLoginURLDefaultsDropStateQueryParam() {
$_SERVER['HTTP_HOST'] = 'fbrell.com';
$_SERVER['REQUEST_URI'] = '/examples?state=xx42xx';
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$expectEncodedUrl = rawurlencode('http://fbrell.com/examples');
$this->assertTrue(strpos($facebook->getLoginUrl(), $expectEncodedUrl) > -1,
'Expect the current url to exist.');
$this->assertFalse(strpos($facebook->getLoginUrl(), 'xx42xx'),
'Expect the session param to be dropped.');
}
public function testLoginURLDefaultsDropCodeQueryParam() {
$_SERVER['HTTP_HOST'] = 'fbrell.com';
$_SERVER['REQUEST_URI'] = '/examples?code=xx42xx';
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$expectEncodedUrl = rawurlencode('http://fbrell.com/examples');
$this->assertTrue(strpos($facebook->getLoginUrl(), $expectEncodedUrl) > -1,
'Expect the current url to exist.');
$this->assertFalse(strpos($facebook->getLoginUrl(), 'xx42xx'),
'Expect the session param to be dropped.');
}
public function testLoginURLDefaultsDropSignedRequestParamButNotOthers() {
$_SERVER['HTTP_HOST'] = 'fbrell.com';
$_SERVER['REQUEST_URI'] =
'/examples?signed_request=xx42xx&do_not_drop=xx43xx';
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$expectEncodedUrl = rawurlencode('http://fbrell.com/examples');
$this->assertFalse(strpos($facebook->getLoginUrl(), 'xx42xx'),
'Expect the session param to be dropped.');
$this->assertTrue(strpos($facebook->getLoginUrl(), 'xx43xx') > -1,
'Expect the do_not_drop param to exist.');
}
public function testLoginURLCustomNext() {
$_SERVER['HTTP_HOST'] = 'fbrell.com';
$_SERVER['REQUEST_URI'] = '/examples';
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$next = 'http://fbrell.com/custom';
$loginUrl = $facebook->getLoginUrl(array(
'redirect_uri' => $next,
'cancel_url' => $next
));
$currentEncodedUrl = rawurlencode('http://fbrell.com/examples');
$expectedEncodedUrl = rawurlencode($next);
$this->assertNotNull(strpos($loginUrl, $expectedEncodedUrl),
'Expect the custom url to exist.');
$this->assertFalse(strpos($loginUrl, $currentEncodedUrl),
'Expect the current url to not exist.');
}
public function testLogoutURLDefaults() {
$_SERVER['HTTP_HOST'] = 'fbrell.com';
$_SERVER['REQUEST_URI'] = '/examples';
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$encodedUrl = rawurlencode('http://fbrell.com/examples');
$this->assertNotNull(strpos($facebook->getLogoutUrl(), $encodedUrl),
'Expect the current url to exist.');
}
public function testLoginStatusURLDefaults() {
$_SERVER['HTTP_HOST'] = 'fbrell.com';
$_SERVER['REQUEST_URI'] = '/examples';
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$encodedUrl = rawurlencode('http://fbrell.com/examples');
$this->assertNotNull(strpos($facebook->getLoginStatusUrl(), $encodedUrl),
'Expect the current url to exist.');
}
public function testLoginStatusURLCustom() {
$_SERVER['HTTP_HOST'] = 'fbrell.com';
$_SERVER['REQUEST_URI'] = '/examples';
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$encodedUrl1 = rawurlencode('http://fbrell.com/examples');
$okUrl = 'http://fbrell.com/here1';
$encodedUrl2 = rawurlencode($okUrl);
$loginStatusUrl = $facebook->getLoginStatusUrl(array(
'ok_session' => $okUrl,
));
$this->assertNotNull(strpos($loginStatusUrl, $encodedUrl1),
'Expect the current url to exist.');
$this->assertNotNull(strpos($loginStatusUrl, $encodedUrl2),
'Expect the custom url to exist.');
}
public function testNonDefaultPort() {
$_SERVER['HTTP_HOST'] = 'fbrell.com:8080';
$_SERVER['REQUEST_URI'] = '/examples';
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$encodedUrl = rawurlencode('http://fbrell.com:8080/examples');
$this->assertNotNull(strpos($facebook->getLoginUrl(), $encodedUrl),
'Expect the current url to exist.');
}
public function testSecureCurrentUrl() {
$_SERVER['HTTP_HOST'] = 'fbrell.com';
$_SERVER['REQUEST_URI'] = '/examples';
$_SERVER['HTTPS'] = 'on';
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$encodedUrl = rawurlencode('https://fbrell.com/examples');
$this->assertNotNull(strpos($facebook->getLoginUrl(), $encodedUrl),
'Expect the current url to exist.');
}
public function testSecureCurrentUrlWithNonDefaultPort() {
$_SERVER['HTTP_HOST'] = 'fbrell.com:8080';
$_SERVER['REQUEST_URI'] = '/examples';
$_SERVER['HTTPS'] = 'on';
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
$encodedUrl = rawurlencode('https://fbrell.com:8080/examples');
$this->assertNotNull(strpos($facebook->getLoginUrl(), $encodedUrl),
'Expect the current url to exist.');
}
public function testAppSecretCall() {
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET,
));
try {
$response = $facebook->api('/' . self::APP_ID . '/insights');
$this->fail('Desktop applications need a user token for insights.');
} catch (FacebookApiException $e) {
// this test is failing as the graph call is returning the wrong
// error message
$this->assertTrue(strpos($e->getMessage(),
'Requires session when calling from a desktop app') !== false,
'Incorrect exception type thrown when trying to gain ' .
'insights for desktop app without a user access token.');
} catch (Exception $e) {
$this->fail('Incorrect exception type thrown when trying to gain ' .
'insights for desktop app without a user access token.');
}
}
public function testBase64UrlEncode() {
$input = 'Facebook rocks';
$output = 'RmFjZWJvb2sgcm9ja3M';
$this->assertEquals(FBPublic::publicBase64UrlDecode($output), $input);
}
public function testSignedToken() {
$facebook = new FBPublic(array(
'appId' => self::APP_ID,
'secret' => self::SECRET
));
$payload = $facebook->publicParseSignedRequest(self::$kValidSignedRequest);
$this->assertNotNull($payload, 'Expected token to parse');
$this->assertEquals($facebook->getSignedRequest(), null);
$_REQUEST['signed_request'] = self::$kValidSignedRequest;
$this->assertEquals($facebook->getSignedRequest(), $payload);
}
public function testNonTossedSignedtoken() {
$facebook = new FBPublic(array(
'appId' => self::APP_ID,
'secret' => self::SECRET
));
$payload = $facebook->publicParseSignedRequest(
self::$kNonTosedSignedRequest);
$this->assertNotNull($payload, 'Expected token to parse');
$this->assertNull($facebook->getSignedRequest());
$_REQUEST['signed_request'] = self::$kNonTosedSignedRequest;
$this->assertEquals($facebook->getSignedRequest(),
array('algorithm' => 'HMAC-SHA256'));
}
public function testBundledCACert() {
$facebook = new TransientFacebook(array(
'appId' => self::APP_ID,
'secret' => self::SECRET
));
// use the bundled cert from the start
Facebook::$CURL_OPTS[CURLOPT_CAINFO] =
dirname(__FILE__) . '/../src/fb_ca_chain_bundle.crt';
$response = $facebook->api('/naitik');
unset(Facebook::$CURL_OPTS[CURLOPT_CAINFO]);
$this->assertEquals(
$response['id'], '5526183', 'should get expected id.');
}
public function testVideoUpload() {
$facebook = new FBRecordURL(array(
'appId' => self::APP_ID,
'secret' => self::SECRET
));
$facebook->api(array('method' => 'video.upload'));
$this->assertContains('//api-video.', $facebook->getRequestedURL(),
'video.upload should go against api-video');
}
public function testGetUserAndAccessTokenFromSession() {
$facebook = new PersistentFBPublic(array(
'appId' => self::APP_ID,
'secret' => self::SECRET
));
$facebook->publicSetPersistentData('access_token',
self::$kExpiredAccessToken);
$facebook->publicSetPersistentData('user_id', 12345);
$this->assertEquals(self::$kExpiredAccessToken,
$facebook->getAccessToken(),
'Get access token from persistent store.');
$this->assertEquals('12345',
$facebook->getUser(),
'Get user id from persistent store.');
}
public function testGetUserAndAccessTokenFromSignedRequestNotSession() {
$facebook = new PersistentFBPublic(array(
'appId' => self::APP_ID,
'secret' => self::SECRET
));
$_REQUEST['signed_request'] = self::$kValidSignedRequest;
$facebook->publicSetPersistentData('user_id', 41572);
$facebook->publicSetPersistentData('access_token',
self::$kExpiredAccessToken);
$this->assertNotEquals('41572', $facebook->getUser(),
'Got user from session instead of signed request.');
$this->assertEquals('1677846385', $facebook->getUser(),
'Failed to get correct user ID from signed request.');
$this->assertNotEquals(
self::$kExpiredAccessToken,
$facebook->getAccessToken(),
'Got access token from session instead of signed request.');
$this->assertNotEmpty(
$facebook->getAccessToken(),
'Failed to extract an access token from the signed request.');
}
public function testGetUserWithoutCodeOrSignedRequestOrSession() {
$facebook = new PersistentFBPublic(array(
'appId' => self::APP_ID,
'secret' => self::SECRET
));
// deliberately leave $_REQUEST and _$SESSION empty
$this->assertEmpty($_REQUEST,
'GET, POST, and COOKIE params exist even though '.
'they should. Test cannot succeed unless all of '.
'$_REQUEST is empty.');
$this->assertEmpty($_SESSION,
'Session is carrying state and should not be.');
$this->assertEmpty($facebook->getUser(),
'Got a user id, even without a signed request, '.
'access token, or session variable.');
$this->assertEmpty($_SESSION,
'Session superglobal incorrectly populated by getUser.');
}
protected function generateMD5HashOfRandomValue() {
return md5(uniqid(mt_rand(), true));
}
protected function setUp() {
parent::setUp();
}
protected function tearDown() {
$this->clearSuperGlobals();
parent::tearDown();
}
protected function clearSuperGlobals() {
unset($_SERVER['HTTPS']);
unset($_SERVER['HTTP_HOST']);
unset($_SERVER['REQUEST_URI']);
$_SESSION = array();
$_COOKIE = array();
$_REQUEST = array();
$_POST = array();
$_GET = array();
if (session_id()) {
session_destroy();
}
}
/**
* Checks that the correct args are a subset of the returned obj
* @param array $correct The correct array values
* @param array $actual The values in practice
* @param string $message to be shown on failure
*/
protected function assertIsSubset($correct, $actual, $msg='') {
foreach ($correct as $key => $value) {
$actual_value = $actual[$key];
$newMsg = (strlen($msg) ? ($msg.' ') : '').'Key: '.$key;
$this->assertEquals($value, $actual_value, $newMsg);
}
}
}
class TransientFacebook extends BaseFacebook {
protected function setPersistentData($key, $value) {}
protected function getPersistentData($key, $default = false) {
return $default;
}
protected function clearPersistentData($key) {}
protected function clearAllPersistentData() {}
}
class FBRecordURL extends TransientFacebook {
private $url;
protected function _oauthRequest($url, $params) {
$this->url = $url;
}
public function getRequestedURL() {
return $this->url;
}
}
class FBPublic extends TransientFacebook {
public static function publicBase64UrlDecode($input) {
return self::base64UrlDecode($input);
}
public function publicParseSignedRequest($input) {
return $this->parseSignedRequest($input);
}
}
class PersistentFBPublic extends Facebook {
public function publicParseSignedRequest($input) {
return $this->parseSignedRequest($input);
}
public function publicSetPersistentData($key, $value) {
$this->setPersistentData($key, $value);
}
}
class FBCode extends Facebook {
public function publicGetCode() {
return $this->getCode();
}
public function setCSRFStateToken() {
$this->establishCSRFTokenState();
}
public function getCSRFStateToken() {
return $this->getPersistentData('state');
}
}
class FBAccessToken extends TransientFacebook {
public function publicGetApplicationAccessToken() {
return $this->getApplicationAccessToken();
}
}
class FBGetCurrentURLFacebook extends TransientFacebook {
public function publicGetCurrentUrl() {
return $this->getCurrentUrl();
}
}
class FBGetSignedRequestCookieFacebook extends TransientFacebook {
public function publicGetSignedRequest() {
return $this->getSignedRequest();
}
public function publicGetSignedRequestCookieName() {
return $this->getSignedRequestCookieName();
}
}
demo/protected/extensions/seo/LICENSE.txt 0 → 100644
Copyright (c) 2010, Christoffer Niska
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
* Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
* Neither the name of the Christoffer Niska nor the
names of its contributors may be used to endorse or promote products
derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY
DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
\ No newline at end of file
demo/protected/extensions/seo/components/SeoControllerBehavior.php 0 → 100644
<?php
/**
* SeoControllerBehavior class file.
* @author Christoffer Niska <ChristofferNiska@gmail.com>
* @copyright Copyright &copy; Christoffer Niska 2011-
* @license http://www.opensource.org/licenses/bsd-license.php New BSD License
* @package seo.components
*/
class SeoControllerBehavior extends CBehavior
{
/**
* @property string the page meta title.
*/
public $metaTitle;
/**
* @property string the page meta description.
*/
public $metaDescription;
/**
* @property string the page meta keywords.
*/
public $metaKeywords;
/**
* @property array the page meta properties.
*/
public $metaProperties = array();
/**
* @property string the canonical URL.
*/
public $canonical;
/**
* Adds a meta property to the current page.
* @param string $name the property name
* @param string $content the property content
*/
public function addMetaProperty($name, $content)
{
$this->metaProperties[$name] = $content;
}
}
demo/protected/extensions/seo/components/SeoFilter.php 0 → 100644
<?php
/**
* SeoFilter class file.
* @author Christoffer Niska <ChristofferNiska@gmail.com>
* @copyright Copyright &copy; Christoffer Niska 2011-
* @license http://www.opensource.org/licenses/bsd-license.php New BSD License
* @package seo.components
*/
class SeoFilter extends CFilter
{
/**
* Performs the pre-action filtering.
* @param CFilterChain $filterChain the filter chain that the filter is on.
* @return boolean whether the filtering process should continue and the action
* should be executed.
*/
protected function preFilter($filterChain)
{
$controller = $filterChain->controller;
if (isset($_GET['id']) && method_exists($controller, 'loadModel'))
{
$model = $controller->loadModel($_GET['id']);
$url = $model->getUrl();
if (strpos(Yii::app()->request->getRequestUri(), $url) === false)
$controller->redirect($url, true, 301);
}
return parent::preFilter($filterChain);
}
}
demo/protected/extensions/seo/components/SeoRecordBehavior.php 0 → 100644
<?php
/**
* SeoRecordBehavior class file.
* @author Christoffer Niska <ChristofferNiska@gmail.com>
* @copyright Copyright &copy; Christoffer Niska 2011-
* @license http://www.opensource.org/licenses/bsd-license.php New BSD License
* @package seo.components
*/
class SeoRecordBehavior extends CActiveRecordBehavior
{
/**
* @property string the route used for SEO.
*/
public $route;
/**
* @property array GET parameters used for SEO.
*/
public $params = array();
/**
* Returns the URL for this model.
* @param array $params additional GET parameters (name=>value)
* @return string the URL
*/
public function getUrl($params=array())
{
return Yii::app()->createUrl($this->route, CMap::mergeArray($params, $this->params));
}
/**
* Returns the absolute URL for this model.
* @param array $params additional GET parameters (name=>value)
* @return string the URL
*/
public function getAbsoluteUrl($params=array())
{
return Yii::app()->createAbsoluteUrl($this->route, CMap::mergeArray($params, $this->params));
}
}
demo/protected/extensions/seo/widgets/SeoHead.php 0 → 100644
<?php
/**
* SeoHead class file.
* @author Christoffer Niska <ChristofferNiska@gmail.com>
* @copyright Copyright &copy; Christoffer Niska 2011-
* @license http://www.opensource.org/licenses/bsd-license.php New BSD License
* @package seo.widgets
*/
class SeoHead extends CWidget
{
/**
* @property array the configuration for the title.
* Defaults to <code>array('class'=>'ext.seo.widgets.SeoTitle')</code>.
* @see enableTitle
*/
public $title = array('class'=>'ext.seo.widgets.SeoTitle');
/**
* @property boolean whether to enable the title.
*/
public $enableTitle = true;
/**
* @property array the page http-equivs.
*/
public $httpEquivs = array();
/**
* @property string the page meta title.
*/
public $defaultTitle;
/**
* @property string the page meta description.
*/
public $defaultDescription;
/**
* @property string the page meta keywords.
*/
public $defaultKeywords;
/**
* @property array the page meta properties.
*/
public $defaultProperties = array();
protected $_title;
protected $_description;
protected $_keywords;
protected $_properties = array();
protected $_canonical;
/**
* Initializes the widget.
*/
public function init()
{
$behavior = $this->controller->asa('seo');
if ($behavior !== null && $behavior->metaTitle !== null)
$this->_title = $behavior->metaTitle;
else if ($this->defaultDescription !== null)
$this->_title = $this->defaultTitle;
if ($behavior !== null && $behavior->metaDescription !== null)
$this->_description = $behavior->metaDescription;
else if ($this->defaultDescription !== null)
$this->_description = $this->defaultDescription;
if ($behavior !== null && $behavior->metaKeywords !== null)
$this->_keywords = $behavior->metaKeywords;
else if ($this->defaultKeywords !== null)
$this->_keywords = $this->defaultKeywords;
if ($behavior !== null)
$this->_properties = CMap::mergeArray($behavior->metaProperties, $this->defaultProperties);
else
$this->_properties = $this->defaultProperties;
if ($behavior !== null && $behavior->canonical !== null)
$this->_canonical = $behavior->canonical;
}
/**
* Runs the widget.
*/
public function run()
{
$this->renderContent();
}
/**
* Renders the widget content.
*/
protected function renderContent()
{
$this->renderTitle().PHP_EOL;
foreach ($this->httpEquivs as $name => $content)
echo '<meta http-equiv="'.$name.'" content="'.$content.'" />'.PHP_EOL;
if ($this->_description !== null)
echo CHtml::metaTag($this->_title, 'title').PHP_EOL;
if ($this->_description !== null)
echo CHtml::metaTag($this->_description, 'description').PHP_EOL;
if ($this->_keywords !== null)
echo CHtml::metaTag($this->_keywords, 'keywords').PHP_EOL;
foreach ($this->_properties as $name => $content)
echo '<meta property="'.$name.'" content="'.$content.'" />'.PHP_EOL; // we can't use Yii's method for this.
if ($this->_canonical !== null)
$this->renderCanonical();
}
/**
* Renders the page title.
*/
protected function renderTitle()
{
if (!$this->enableTitle)
return;
$title = array();
$class = 'ext.seo.widgets.SeoTitle';
if (is_string($this->title))
$class = $this->title;
else if (is_array($this->title))
{
$title = $this->title;
if (isset($title['class']))
{
$class = $title['class'];
unset($title['class']);
}
}
$this->widget($class, $title);
}
/**
* Renders the canonical link tag.
*/
protected function renderCanonical()
{
$request = Yii::app()->getRequest();
$url = $request->getUrl();
// Make sure that we do not create a recursive canonical redirect.
if ($this->_canonical !== $url && $this->_canonical !== $request->getHostInfo().$url)
echo '<link rel="canonical" href="'.$this->_canonical.'" />'.PHP_EOL;
}
}
demo/protected/extensions/seo/widgets/SeoTitle.php 0 → 100644
<?php
/**
* SeoTitle class file.
* @author Christoffer Niska <ChristofferNiska@gmail.com>
* @copyright Copyright &copy; Christoffer Niska 2011-
* @license http://www.opensource.org/licenses/bsd-license.php New BSD License
* @package seo.widgets
* @since 0.9.1
*/
class SeoTitle extends CWidget
{
/**
* @property string the page title separator.
*/
public $separator = ' - ';
/**
* Runs the widget.
*/
public function run()
{
$parts = array();
$controller = $this->getController();
$pageTitle = $controller->pageTitle;
// We do not want to use the default page title generated by Yii
// because it is not very SEO friendly.
if ($this->isDefaultPageTitle($pageTitle, $controller))
$pageTitle = null;
if ($pageTitle !== null)
{
if (!is_array($pageTitle))
$pageTitle = array($pageTitle);
$parts = $pageTitle;
}
else
{
if (($breadcrumbs = $controller->breadcrumbs) !== array())
{
foreach ($breadcrumbs as $key => $value)
$parts[] = is_string($key) || is_array($value) ? $key : $value;
$parts = array_reverse($parts);
}
else
{
$name = ucfirst($controller->getId());
$action = $controller->getAction();
$module = $controller->getModule();
if ($action !== null && strcasecmp($action->getId(), $controller->defaultAction))
$parts[] = ucfirst($action->getId()).' '.$name;
else if ($module !== null && strcasecmp($name, $module->defaultController))
$parts[] = $name;
if ($module !== null)
{
$pieces = explode('/', $module->getId());
foreach (array_reverse($pieces) as $piece)
$parts[] = ucfirst($piece);
}
}
$parts[] = Yii::app()->name;
}
echo '<title>'.implode($parts, $this->separator).'</title>';
}
/**
* Returns whether or not the given title is the default page title.
* @param mixed $pageTitle the page title
* @param CController $controller the controller
* @return bool
*/
protected function isDefaultPageTitle($pageTitle, $controller)
{
$name = ucfirst(basename($controller->getId()));
return is_string($pageTitle)
&& ($pageTitle === Yii::app()->name.' - '.ucfirst($controller->getAction()->getId()).' '.$name
|| $pageTitle === Yii::app()->name.' - '.$name);
}
}
demo/protected/views/layouts/main.php
<!doctype html>
<html>
<head>
<title><?php echo CHtml::encode($this->pageTitle); ?></title>
<?php Yii::app()->controller->widget('ext.seo.widgets.SeoHead', array(
'defaultDescription'=>'Yii-Bootstrap is an extension for Yii that focuses on server-side that allows you to easily use Bootstrap in your Yii applications.',
'httpEquivs'=>array('Content-Type'=>'text/html; charset=utf-8', 'Content-Language'=>'en-US'),
)); ?>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="language" content="en" />
<!--[if lt IE 9]>
<script type="text/javascript" src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<?php Yii::app()->bootstrap->registerCss(); ?>
<?php Yii::app()->bootstrap->registerResponsiveCss(); ?>
<link rel="stylesheet/less" type="text/css" href="<?php echo Yii::app()->request->baseUrl; ?>/less/styles.less" />
<script type="text/javascript" src="<?php echo Yii::app()->request->baseUrl; ?>/js/less-1.2.1.min.js"></script>
<script type="text/javascript">
......@@ -104,9 +105,11 @@
<footer>
<p class="powered">
Powered by <?php echo CHtml::link('Yii 1.1.9', 'http://www.yiiframework.com', array('target'=>'_blank')); ?> //
Powered by <?php echo CHtml::link('Yii PHP framework 1.1.9', 'http://www.yiiframework.com', array('target'=>'_blank')); ?> //
<?php echo CHtml::link('jQuery 1.7.1', 'http://www.jquery.com', array('target'=>'_blank')); ?> //
<?php echo CHtml::link('Yii-Bootstrap 0.9.8', 'http://www.yiiframework.com/extension/bootstrap', array('target'=>'_blank')); ?> //
<?php echo CHtml::link('Yii-SEO 0.9.3', 'http://www.yiiframework.com/extension/seo', array('target'=>'_blank')); ?> //
<?php echo CHtml::link('Yii-Facebook 0.9.1', '#', array('rel'=>'tooltip', 'title'=>'Link available soon')); ?> //
<?php echo CHtml::link('Bootstrap 2', 'http://twitter.github.com/bootstrap', array('target'=>'_blank')); ?> //
<?php echo CHtml::link('LESS 1.2.1', 'http://www.lesscss.org', array('target'=>'_blank')); ?>
</p>
......
demo/protected/views/site/index.php
<?php $this->pageTitle=Yii::app()->name; ?>
<?php
$this->pageTitle = array('Demo', Yii::app()->name);
$this->addMetaProperty('og:title', Yii::app()->name);
$this->addMetaProperty('og:type', 'website');
$this->addMetaProperty('og:url', Yii::app()->request->requestUri);
$this->addMetaProperty('og:site_name', Yii::app()->name);
$this->addMetaProperty('og:locale',Yii::app()->fb->locale);
$this->addMetaProperty('fb:app_id', Yii::app()->fb->appID);
?>
<section id="bootAlert">
......
demo/protected/views/site/setup.php
<?php $this->pageTitle = Yii::app()->name.' - Setup'; ?>
<?php
$this->pageTitle = array('Setup', Yii::app()->name);
$this->addMetaProperty('og:title', 'Setup - '.Yii::app()->name);
$this->addMetaProperty('og:type', 'website');
$this->addMetaProperty('og:url', Yii::app()->request->requestUri);
$this->addMetaProperty('og:site_name', Yii::app()->name);
$this->addMetaProperty('og:locale',Yii::app()->fb->locale);
$this->addMetaProperty('fb:app_id', Yii::app()->fb->appID);
?>
<section id="setup">
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment