Facebook ACTUALLY working, gogo 2 cookie hack

Chris Boden
Showing 3 changed files with 91 additions and 27 deletions
com/Auth/Facebook/Facebook.php
com/Auth/Facebook/tz-facebook.js
tz-tools.php
--- a/com/Auth/Facebook/Facebook.php
View file @e90c5db
+++ b/com/Auth/Facebook/Facebook.php
View file @e90c5db
@@ -16,12 +16,14 @@ use Tz\WordPress\Tools;
 use Tz\WordPress\Tools\Auth;

 use FB;
+use WP_User;

 use Exception, InvalidArgumentException;

 const VERSION = 0.2;
-
-const OPTION_NAME = 'tz_auth_fb';
+const COOKIE_LOGOUT = 'wpfb_logout';
+const COOKIE_DENY   = 'wpfb_stay_logged_out';
+const OPTION_NAME   = 'tz_auth_fb';

    call_user_func(function() {
        Vars::$options = new Tools\WP_Option(OPTION_NAME, Array('button_title' => 'Login', 'ext_perms' => Array('email' => 1)));
@@ -67,6 +69,21 @@ function getSDK() {
    return $instance;
 }

+/**
+ * Like WordPress' get_user_by() function but for FB
+ * @global $wpdb
+ */
+function get_user_by_fbuid($fbuid) {
+    global $wpdb;
+
+    $fbuid = mysql_real_escape_string($fbuid);
+    if (null === ($user  = $wpdb->get_row("SELECT user_id FROM {$wpdb->usermeta} WHERE meta_key = 'fbuid' AND meta_value = '{$fbuid}'"))) {
+        return false;
+    }
+
+    return new WP_User($user->user_id);
+}
+
 function load() {
 ?>
 <div id="fb-root"></div>
@@ -87,45 +104,77 @@ function load() {
 }

 class Actions {
-    public static function set_current_user() {
+    public static function send_headers() {
+        // This SHOULD work, but FB is being stupid and not passing back, so I have to use 2 cookies instead
+        if (isset($_GET['nofb'])) {
+            return;
+        }
+
        $sdk = getSDK();

        // User is not logged in to Facebook
        if (null === ($sess = $sdk->getSession())) {
+            setcookie(COOKIE_LOGOUT, '', time() - 3600, '/');
+            setcookie(COOKIE_DENY, '', time() - 3600, '/');
+
+            return;
+        }
+
+        // Becaues FB redirect is dumb
+        if (!isset($_COOKIE[COOKIE_LOGOUT]) && isset($_COOKIE[COOKIE_DENY])) {
+            setcookie(COOKIE_DENY, '', time() - 3600, '/');
            return;
        }

        // User logged out of WordPress, log them out of Facebook
-        if (isset($_COOKIE['wpfb_logout'])) {
-            setcookie('wpfb_logout', '', time() - 3600, '/', Vars::$options['domain_name']);
-            $url = $sdk->getLogoutUrl();
+        if (isset($_COOKIE[COOKIE_LOGOUT])) {
+            $url = $sdk->getLogoutUrl(Array('nofb' => 1));
+
+            setcookie(COOKIE_LOGOUT, '', time() - 3600, '/');
            $sdk->setSession();

            header('Location: ' . $url);
+
+            die;
        }

-        // if user is not logged in do the following
-        // if user is logged in merge account? do checks?

-        try {
-            $info = $sdk->api('/me');
-            $username = 'fbc' . $sess['uid'];
-        } catch (FB\FacebookApiException $e) {
-            // Load up an error thingie
-            return;
-        }
+        $fb_user = get_user_by_fbuid($sess['uid']);

        if (is_user_logged_in()) {
-            // was user already logged in from Facebook/other or were they logged in and then linked with facebook
-            // merge account
-            // return
+            global $current_user;
+            get_currentuserinfo();
+
+            // User has already logged into WP with his FB acct
+            if ($fb_user->ID == $current_user->ID) {
+                return;
+            }
+
+            // User logged in with a native WP account then logged in with FB, merge
+            if (false === $fb_user) {
+                update_user_meta($current_user->ID, 'fbuid', $sess['uid']);
+                return;
+            }
+
+            // FB user exists, but the logged in user has different fbuid?
+            // user created 2 accounts?
        }

-        require_once(ABSPATH . WPINC . DIRECTORY_SEPARATOR . 'registration.php');
-        if (username_exists($username)) {
-            $user = Auth\signin($username);
+
+//        if (username_exists($username)) {
+        if (false !== $fb_user) {
+            $user = Auth\signin($fb_user->user_login);
        } else {
-        // User logged in via Facebook for the first time, register/activate a linked WordPress account
+            try {
+                $info = $sdk->api('/me');
+            } catch (FB\FacebookApiException $e) {
+                // Load up an error thingie
+                return;
+            }
+
+            require_once(ABSPATH . WPINC . DIRECTORY_SEPARATOR . 'registration.php');
+            $username = 'fbc' . $sess['uid'];
+            // User logged in via Facebook for the first time, register/activate a linked WordPress account

            // Email address is already registered...
            if (false !== get_user_by('email', $info['email'])) {
@@ -156,8 +205,7 @@ class Actions {
    }

    public static function wp_enqueue_scripts() {
-        _enqueue_script('tz-facebook', Tools\url('tz-facebook.js', __FILE__), Array('addEvent'));
-
+        _enqueue_script('tz-facebook', Tools\url('tz-facebook.js', __FILE__), Array('addEvent','Cookie'));
        _localize_script('tz-facebook', 'TzFBData', Array('ext_perms' => implode(',', array_keys(Vars::$options['ext_perms']))));
    }

@@ -165,7 +213,9 @@ class Actions {
     * Set a cookie to tell this to logout of Facebook on next pass
     */
    public static function wp_logout() {
-        setcookie('wpfb_logout', 1, 0, '/', Vars::$options['domain_name']);
+        remove_action('send_headers', Array(__CLASS__, 'send_headers'));
+        setcookie(COOKIE_LOGOUT, 1, time() + 3600, '/');
+        setcookie(COOKIE_DENY, 1, time() + 3600, '/');
    }
 }

@@ -175,8 +225,11 @@ class ShortCodes {
        if ($sdk->getSession()) {
            ob_start();
            print_r($sdk->getSession());
-            print_r($_COOKIE);
-            print_r($sdk->api('/me'));
+            try {
+                print_r($sdk->api('/me'));
+            } catch (Exception $e) {
+                print_r($e);
+            }
            $data = '<pre>' . ob_get_contents() . '</pre>';
            ob_end_clean();

--- a/com/Auth/Facebook/tz-facebook.js
View file @e90c5db
+++ b/com/Auth/Facebook/tz-facebook.js
View file @e90c5db
@@ -2,6 +2,8 @@ addEvent(window, 'load', function() {
        var oBtn = document.getElementById('TzFB');
        if (oBtn) {
            addEvent(oBtn, 'click', function() {
+//                Cookie.create('wpfb_login', 1, 1);
+
                FB.login(function() {}, {perms: TzFBData.ext_perms});
            });
        }
--- a/tz-tools.php
View file @e90c5db
+++ b/tz-tools.php
View file @e90c5db
@@ -59,6 +59,15 @@ function tools_url() {
    call_user_func_array(__NAMESPACE__ . '\url', $args);
 }

+function buffer($callback) {
+    ob_start();
+    call_user_func($callback);
+    $b = ob_get_contents();
+    ob_end_clean();
+
+    return $b;
+}
+
 function add_actions($class) {
    if (!class_exists($class)) {
        throw new Exception("{$class} does not exist");