Facebook ACTUALLY working, gogo 2 cookie hack
Showing
3 changed files
with
91 additions
and
27 deletions
| ... | @@ -16,12 +16,14 @@ use Tz\WordPress\Tools; | ... | @@ -16,12 +16,14 @@ use Tz\WordPress\Tools; |
| 16 | use Tz\WordPress\Tools\Auth; | 16 | use Tz\WordPress\Tools\Auth; |
| 17 | 17 | ||
| 18 | use FB; | 18 | use FB; |
| 19 | use WP_User; | ||
| 19 | 20 | ||
| 20 | use Exception, InvalidArgumentException; | 21 | use Exception, InvalidArgumentException; |
| 21 | 22 | ||
| 22 | const VERSION = 0.2; | 23 | const VERSION = 0.2; |
| 23 | 24 | const COOKIE_LOGOUT = 'wpfb_logout'; | |
| 24 | const OPTION_NAME = 'tz_auth_fb'; | 25 | const COOKIE_DENY = 'wpfb_stay_logged_out'; |
| 26 | const OPTION_NAME = 'tz_auth_fb'; | ||
| 25 | 27 | ||
| 26 | call_user_func(function() { | 28 | call_user_func(function() { |
| 27 | Vars::$options = new Tools\WP_Option(OPTION_NAME, Array('button_title' => 'Login', 'ext_perms' => Array('email' => 1))); | 29 | Vars::$options = new Tools\WP_Option(OPTION_NAME, Array('button_title' => 'Login', 'ext_perms' => Array('email' => 1))); |
| ... | @@ -67,6 +69,21 @@ function getSDK() { | ... | @@ -67,6 +69,21 @@ function getSDK() { |
| 67 | return $instance; | 69 | return $instance; |
| 68 | } | 70 | } |
| 69 | 71 | ||
| 72 | /** | ||
| 73 | * Like WordPress' get_user_by() function but for FB | ||
| 74 | * @global $wpdb | ||
| 75 | */ | ||
| 76 | function get_user_by_fbuid($fbuid) { | ||
| 77 | global $wpdb; | ||
| 78 | |||
| 79 | $fbuid = mysql_real_escape_string($fbuid); | ||
| 80 | if (null === ($user = $wpdb->get_row("SELECT user_id FROM {$wpdb->usermeta} WHERE meta_key = 'fbuid' AND meta_value = '{$fbuid}'"))) { | ||
| 81 | return false; | ||
| 82 | } | ||
| 83 | |||
| 84 | return new WP_User($user->user_id); | ||
| 85 | } | ||
| 86 | |||
| 70 | function load() { | 87 | function load() { |
| 71 | ?> | 88 | ?> |
| 72 | <div id="fb-root"></div> | 89 | <div id="fb-root"></div> |
| ... | @@ -87,45 +104,77 @@ function load() { | ... | @@ -87,45 +104,77 @@ function load() { |
| 87 | } | 104 | } |
| 88 | 105 | ||
| 89 | class Actions { | 106 | class Actions { |
| 90 | public static function set_current_user() { | 107 | public static function send_headers() { |
| 108 | // This SHOULD work, but FB is being stupid and not passing back, so I have to use 2 cookies instead | ||
| 109 | if (isset($_GET['nofb'])) { | ||
| 110 | return; | ||
| 111 | } | ||
| 112 | |||
| 91 | $sdk = getSDK(); | 113 | $sdk = getSDK(); |
| 92 | 114 | ||
| 93 | // User is not logged in to Facebook | 115 | // User is not logged in to Facebook |
| 94 | if (null === ($sess = $sdk->getSession())) { | 116 | if (null === ($sess = $sdk->getSession())) { |
| 117 | setcookie(COOKIE_LOGOUT, '', time() - 3600, '/'); | ||
| 118 | setcookie(COOKIE_DENY, '', time() - 3600, '/'); | ||
| 119 | |||
| 120 | return; | ||
| 121 | } | ||
| 122 | |||
| 123 | // Becaues FB redirect is dumb | ||
| 124 | if (!isset($_COOKIE[COOKIE_LOGOUT]) && isset($_COOKIE[COOKIE_DENY])) { | ||
| 125 | setcookie(COOKIE_DENY, '', time() - 3600, '/'); | ||
| 95 | return; | 126 | return; |
| 96 | } | 127 | } |
| 97 | 128 | ||
| 98 | // User logged out of WordPress, log them out of Facebook | 129 | // User logged out of WordPress, log them out of Facebook |
| 99 | if (isset($_COOKIE['wpfb_logout'])) { | 130 | if (isset($_COOKIE[COOKIE_LOGOUT])) { |
| 100 | setcookie('wpfb_logout', '', time() - 3600, '/', Vars::$options['domain_name']); | 131 | $url = $sdk->getLogoutUrl(Array('nofb' => 1)); |
| 101 | $url = $sdk->getLogoutUrl(); | 132 | |
| 133 | setcookie(COOKIE_LOGOUT, '', time() - 3600, '/'); | ||
| 102 | $sdk->setSession(); | 134 | $sdk->setSession(); |
| 103 | 135 | ||
| 104 | header('Location: ' . $url); | 136 | header('Location: ' . $url); |
| 137 | |||
| 138 | die; | ||
| 105 | } | 139 | } |
| 106 | 140 | ||
| 107 | // if user is not logged in do the following | ||
| 108 | // if user is logged in merge account? do checks? | ||
| 109 | 141 | ||
| 110 | try { | 142 | $fb_user = get_user_by_fbuid($sess['uid']); |
| 111 | $info = $sdk->api('/me'); | ||
| 112 | $username = 'fbc' . $sess['uid']; | ||
| 113 | } catch (FB\FacebookApiException $e) { | ||
| 114 | // Load up an error thingie | ||
| 115 | return; | ||
| 116 | } | ||
| 117 | 143 | ||
| 118 | if (is_user_logged_in()) { | 144 | if (is_user_logged_in()) { |
| 119 | // was user already logged in from Facebook/other or were they logged in and then linked with facebook | 145 | global $current_user; |
| 120 | // merge account | 146 | get_currentuserinfo(); |
| 121 | // return | 147 | |
| 148 | // User has already logged into WP with his FB acct | ||
| 149 | if ($fb_user->ID == $current_user->ID) { | ||
| 150 | return; | ||
| 151 | } | ||
| 152 | |||
| 153 | // User logged in with a native WP account then logged in with FB, merge | ||
| 154 | if (false === $fb_user) { | ||
| 155 | update_user_meta($current_user->ID, 'fbuid', $sess['uid']); | ||
| 156 | return; | ||
| 157 | } | ||
| 158 | |||
| 159 | // FB user exists, but the logged in user has different fbuid? | ||
| 160 | // user created 2 accounts? | ||
| 122 | } | 161 | } |
| 123 | 162 | ||
| 124 | require_once(ABSPATH . WPINC . DIRECTORY_SEPARATOR . 'registration.php'); | 163 | |
| 125 | if (username_exists($username)) { | 164 | // if (username_exists($username)) { |
| 126 | $user = Auth\signin($username); | 165 | if (false !== $fb_user) { |
| 166 | $user = Auth\signin($fb_user->user_login); | ||
| 127 | } else { | 167 | } else { |
| 128 | // User logged in via Facebook for the first time, register/activate a linked WordPress account | 168 | try { |
| 169 | $info = $sdk->api('/me'); | ||
| 170 | } catch (FB\FacebookApiException $e) { | ||
| 171 | // Load up an error thingie | ||
| 172 | return; | ||
| 173 | } | ||
| 174 | |||
| 175 | require_once(ABSPATH . WPINC . DIRECTORY_SEPARATOR . 'registration.php'); | ||
| 176 | $username = 'fbc' . $sess['uid']; | ||
| 177 | // User logged in via Facebook for the first time, register/activate a linked WordPress account | ||
| 129 | 178 | ||
| 130 | // Email address is already registered... | 179 | // Email address is already registered... |
| 131 | if (false !== get_user_by('email', $info['email'])) { | 180 | if (false !== get_user_by('email', $info['email'])) { |
| ... | @@ -156,8 +205,7 @@ class Actions { | ... | @@ -156,8 +205,7 @@ class Actions { |
| 156 | } | 205 | } |
| 157 | 206 | ||
| 158 | public static function wp_enqueue_scripts() { | 207 | public static function wp_enqueue_scripts() { |
| 159 | _enqueue_script('tz-facebook', Tools\url('tz-facebook.js', __FILE__), Array('addEvent')); | 208 | _enqueue_script('tz-facebook', Tools\url('tz-facebook.js', __FILE__), Array('addEvent','Cookie')); |
| 160 | |||
| 161 | _localize_script('tz-facebook', 'TzFBData', Array('ext_perms' => implode(',', array_keys(Vars::$options['ext_perms'])))); | 209 | _localize_script('tz-facebook', 'TzFBData', Array('ext_perms' => implode(',', array_keys(Vars::$options['ext_perms'])))); |
| 162 | } | 210 | } |
| 163 | 211 | ||
| ... | @@ -165,7 +213,9 @@ class Actions { | ... | @@ -165,7 +213,9 @@ class Actions { |
| 165 | * Set a cookie to tell this to logout of Facebook on next pass | 213 | * Set a cookie to tell this to logout of Facebook on next pass |
| 166 | */ | 214 | */ |
| 167 | public static function wp_logout() { | 215 | public static function wp_logout() { |
| 168 | setcookie('wpfb_logout', 1, 0, '/', Vars::$options['domain_name']); | 216 | remove_action('send_headers', Array(__CLASS__, 'send_headers')); |
| 217 | setcookie(COOKIE_LOGOUT, 1, time() + 3600, '/'); | ||
| 218 | setcookie(COOKIE_DENY, 1, time() + 3600, '/'); | ||
| 169 | } | 219 | } |
| 170 | } | 220 | } |
| 171 | 221 | ||
| ... | @@ -175,8 +225,11 @@ class ShortCodes { | ... | @@ -175,8 +225,11 @@ class ShortCodes { |
| 175 | if ($sdk->getSession()) { | 225 | if ($sdk->getSession()) { |
| 176 | ob_start(); | 226 | ob_start(); |
| 177 | print_r($sdk->getSession()); | 227 | print_r($sdk->getSession()); |
| 178 | print_r($_COOKIE); | 228 | try { |
| 179 | print_r($sdk->api('/me')); | 229 | print_r($sdk->api('/me')); |
| 230 | } catch (Exception $e) { | ||
| 231 | print_r($e); | ||
| 232 | } | ||
| 180 | $data = '<pre>' . ob_get_contents() . '</pre>'; | 233 | $data = '<pre>' . ob_get_contents() . '</pre>'; |
| 181 | ob_end_clean(); | 234 | ob_end_clean(); |
| 182 | 235 | ... | ... |
| ... | @@ -2,6 +2,8 @@ addEvent(window, 'load', function() { | ... | @@ -2,6 +2,8 @@ addEvent(window, 'load', function() { |
| 2 | var oBtn = document.getElementById('TzFB'); | 2 | var oBtn = document.getElementById('TzFB'); |
| 3 | if (oBtn) { | 3 | if (oBtn) { |
| 4 | addEvent(oBtn, 'click', function() { | 4 | addEvent(oBtn, 'click', function() { |
| 5 | // Cookie.create('wpfb_login', 1, 1); | ||
| 6 | |||
| 5 | FB.login(function() {}, {perms: TzFBData.ext_perms}); | 7 | FB.login(function() {}, {perms: TzFBData.ext_perms}); |
| 6 | }); | 8 | }); |
| 7 | } | 9 | } | ... | ... |
| ... | @@ -59,6 +59,15 @@ function tools_url() { | ... | @@ -59,6 +59,15 @@ function tools_url() { |
| 59 | call_user_func_array(__NAMESPACE__ . '\url', $args); | 59 | call_user_func_array(__NAMESPACE__ . '\url', $args); |
| 60 | } | 60 | } |
| 61 | 61 | ||
| 62 | function buffer($callback) { | ||
| 63 | ob_start(); | ||
| 64 | call_user_func($callback); | ||
| 65 | $b = ob_get_contents(); | ||
| 66 | ob_end_clean(); | ||
| 67 | |||
| 68 | return $b; | ||
| 69 | } | ||
| 70 | |||
| 62 | function add_actions($class) { | 71 | function add_actions($class) { |
| 63 | if (!class_exists($class)) { | 72 | if (!class_exists($class)) { |
| 64 | throw new Exception("{$class} does not exist"); | 73 | throw new Exception("{$class} does not exist"); | ... | ... |
-
Please register or sign in to post a comment