facebook/trunk/facebook.php

<?php
// Copyright 2004-2008 Facebook. All Rights Reserved.
//
// +---------------------------------------------------------------------------+
// | Facebook Platform PHP5 client                                             |
// +---------------------------------------------------------------------------+
// | Copyright (c) 2007 Facebook, Inc.                                         |
// | All rights reserved.                                                      |
// |                                                                           |
// | Redistribution and use in source and binary forms, with or without        |
// | modification, are permitted provided that the following conditions        |
// | are met:                                                                  |
// |                                                                           |
// | 1. Redistributions of source code must retain the above copyright         |
// |    notice, this list of conditions and the following disclaimer.          |
// | 2. Redistributions in binary form must reproduce the above copyright      |
// |    notice, this list of conditions and the following disclaimer in the    |
// |    documentation and/or other materials provided with the distribution.   |
// |                                                                           |
// | THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR      |
// | IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
// | OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.   |
// | IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,          |
// | INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT  |
// | NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
// | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY     |
// | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT       |
// | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF  |
// | THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.         |
// +---------------------------------------------------------------------------+
// | For help with this library, contact developers-help@facebook.com          |
// +---------------------------------------------------------------------------+
//

include_once 'facebookapi_php5_restlib.php';

define('FACEBOOK_API_VALIDATION_ERROR', 1);
class Facebook {
  public $api_client;

  public $api_key;
  public $secret;
  public $generate_session_secret;
  public $session_expires;

  public $fb_params;
  public $user;

  public function __construct($api_key, $secret, $generate_session_secret=false) {
    $this->api_key                 = $api_key;
    $this->secret                  = $secret;
    $this->generate_session_secret = $generate_session_secret;
    $this->api_client = new FacebookRestClient($api_key, $secret);

    $this->validate_fb_params();
    if (isset($this->fb_params['friends'])) {
      $this->api_client->friends_list = explode(',', $this->fb_params['friends']);
    }
    if (isset($this->fb_params['added'])) {
      $this->api_client->added = $this->fb_params['added'];
    }
  }

  public function validate_fb_params($resolve_auth_token=true) {
    $this->fb_params = $this->get_valid_fb_params($_POST, 48*3600, 'fb_sig');
    if (!$this->fb_params) {
      $this->fb_params = $this->get_valid_fb_params($_GET, 48*3600, 'fb_sig');
    }
    if ($this->fb_params) {
      // If we got any fb_params passed in at all, then either:
      //  - they included an fb_user / fb_session_key, which we should assume to be correct
      //  - they didn't include an fb_user / fb_session_key, which means the user doesn't have a
      //    valid session and if we want to get one we'll need to use require_login().  (Calling
      //    set_user with null values for user/session_key will work properly.)
      // Note that we should *not* use our cookies in this scenario, since they may be referring to
      // the wrong user.
      $user        = isset($this->fb_params['user'])        ? $this->fb_params['user'] : null;
      $session_key = isset($this->fb_params['session_key']) ? $this->fb_params['session_key'] : null;
      $expires     = isset($this->fb_params['expires'])     ? $this->fb_params['expires'] : null;
      $this->set_user($user, $session_key, $expires);
    } else if (!empty($_COOKIE) && $cookies = $this->get_valid_fb_params($_COOKIE, null, $this->api_key)) {
      // use $api_key . '_' as a prefix for the cookies in case there are
      // multiple facebook clients on the same domain.
      $expires = isset($cookies['expires']) ? $cookies['expires'] : null;
      $this->set_user($cookies['user'], $cookies['session_key'], $expires);
    } else if (isset($_GET['auth_token']) && $resolve_auth_token &&
               $session = $this->do_get_session($_GET['auth_token'])) {
      $session_secret = ($this->generate_session_secret && !empty($session['secret'])) ? $session['secret'] : null;
      $this->set_user($session['uid'], $session['session_key'], $session['expires'], $session_secret);
    }

    return !empty($this->fb_params);
  }

  // Store a temporary session secret for the current session
  // for use with the JS client library
  public function promote_session() {
    try {
      $session_secret = $this->api_client->auth_promoteSession();
      if (!$this->in_fb_canvas()) {
        $this->set_cookies($this->user, $this->api_client->session_key, $this->session_expires, $session_secret);
      }
      return $session_secret;
    } catch (FacebookRestClientException $e) {
      // API_EC_PARAM means we don't have a logged in user, otherwise who
      // knows what it means, so just throw it.
      if ($e->getCode() != FacebookAPIErrorCodes::API_EC_PARAM) {
        throw $e;
      }
    }
  }

  public function do_get_session($auth_token) {
    try {
      return $this->api_client->auth_getSession($auth_token, $this->generate_session_secret);
    } catch (FacebookRestClientException $e) {
      // API_EC_PARAM means we don't have a logged in user, otherwise who
      // knows what it means, so just throw it.
      if ($e->getCode() != FacebookAPIErrorCodes::API_EC_PARAM) {
        throw $e;
      }
    }
  }

  // Invalidate the session currently being used, and clear any state associated with it
  public function expire_session() {
    if ($this->api_client->auth_expireSession()) {
      if (!$this->in_fb_canvas() && isset($_COOKIE[$this->api_key . '_user'])) {
        $cookies = array('user', 'session_key', 'expires', 'ss');
        foreach ($cookies as $name) {
          setcookie($this->api_key . '_' . $name, false, time() - 3600);
          unset($_COOKIE[$this->api_key . '_' . $name]);
        }
        setcookie($this->api_key, false, time() - 3600);
        unset($_COOKIE[$this->api_key]);
      }

      // now, clear the rest of the stored state
      $this->user = 0;
      $this->api_client->session_key = 0;
      return true;
    } else {
      return false;
    }
  }

  public function redirect($url) {
    if ($this->in_fb_canvas()) {
      echo '<fb:redirect url="' . $url . '"/>';
    } else if (preg_match('/^https?:\/\/([^\/]*\.)?facebook\.com(:\d+)?/i', $url)) {
      // make sure facebook.com url's load in the full frame so that we don't
      // get a frame within a frame.
      echo "<script type=\"text/javascript\">\ntop.location.href = \"$url\";\n</script>";
    } else {
      header('Location: ' . $url);
    }
    exit;
  }

  public function in_frame() {
    return isset($this->fb_params['in_canvas']) || isset($this->fb_params['in_iframe']);
  }
  public function in_fb_canvas() {
    return isset($this->fb_params['in_canvas']);
  }

  public function get_loggedin_user() {
    return $this->user;
  }

  public static function current_url() {
    return 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
  }

  public function require_login() {
    if ($user = $this->get_loggedin_user()) {
      return $user;
    }
    $this->redirect($this->get_login_url(self::current_url(), $this->in_frame()));
  }

  public function require_install() {
    // this was renamed, keeping for compatibility's sake
    return $this->require_add();
  }

  public function require_add() {
    if ($user = $this->get_loggedin_user()) {
      if ($this->fb_params['added']) {
        return $user;
      }
    }
    $this->redirect($this->get_add_url(self::current_url()));
  }

  public function require_frame() {
    if (!$this->in_frame()) {
      $this->redirect($this->get_login_url(self::current_url(), true));
    }
  }

  public static function get_facebook_url($subdomain='www') {
    return 'http://' . $subdomain . '.facebook.com';
  }

  public function get_install_url($next=null) {
    // this was renamed, keeping for compatibility's sake
    return $this->get_add_url($next);
  }

  public function get_add_url($next=null) {
    return self::get_facebook_url().'/add.php?api_key='.$this->api_key .
      ($next ? '&next=' . urlencode($next) : '');
  }

  public function get_login_url($next, $canvas) {
    return self::get_facebook_url().'/login.php?v=1.0&api_key=' . $this->api_key .
      ($next ? '&next=' . urlencode($next)  : '') .
      ($canvas ? '&canvas' : '');
  }

  public static function generate_sig($params_array, $secret) {
    $str = '';

    ksort($params_array);
    // Note: make sure that the signature parameter is not already included in
    //       $params_array.
    foreach ($params_array as $k=>$v) {
      $str .= "$k=$v";
    }
    $str .= $secret;

    return md5($str);
  }

  public function set_user($user, $session_key, $expires=null, $session_secret=null) {
    if (!$this->in_fb_canvas() && (!isset($_COOKIE[$this->api_key . '_user'])
                                   || $_COOKIE[$this->api_key . '_user'] != $user)) {
      $this->set_cookies($user, $session_key, $expires, $session_secret);
    }
    $this->user = $user;
    $this->api_client->session_key = $session_key;
    $this->session_expires = $expires;
  }

  public function set_cookies($user, $session_key, $expires=null, $session_secret=null) {
    $cookies = array();
    $cookies['user'] = $user;
    $cookies['session_key'] = $session_key;
    if ($expires != null) {
      $cookies['expires'] = $expires;
    }
    if ($session_secret != null) {
      $cookies['ss'] = $session_secret;
    }
    foreach ($cookies as $name => $val) {
      setcookie($this->api_key . '_' . $name, $val, (int)$expires);
      $_COOKIE[$this->api_key . '_' . $name] = $val;
    }
    $sig = self::generate_sig($cookies, $this->secret);
    setcookie($this->api_key, $sig, (int)$expires);
    $_COOKIE[$this->api_key] = $sig;
  }

  /**
   * Tries to undo the badness of magic quotes as best we can
   * @param     string   $val   Should come directly from $_GET, $_POST, etc.
   * @return    string   val without added slashes
   */
  public static function no_magic_quotes($val) {
    if (get_magic_quotes_gpc()) {
      return stripslashes($val);
    } else {
      return $val;
    }
  }

  public function get_valid_fb_params($params, $timeout=null, $namespace='fb_sig') {
    $prefix = $namespace . '_';
    $prefix_len = strlen($prefix);
    $fb_params = array();
    foreach ($params as $name => $val) {
      if (strpos($name, $prefix) === 0) {
        $fb_params[substr($name, $prefix_len)] = self::no_magic_quotes($val);
      }
    }
    if ($timeout && (!isset($fb_params['time']) || time() - $fb_params['time'] > $timeout)) {
      return array();
    }
    if (!isset($params[$namespace]) || (!$this->verify_signature($fb_params, $params[$namespace]))) {
      return array();
    }
    return $fb_params;
  }

  public function verify_signature($fb_params, $expected_sig) {
    return self::generate_sig($fb_params, $this->secret) == $expected_sig;
  }

  public function encode_validationError($summary, $message) {
    return json_encode(
               array('errorCode'    => FACEBOOK_API_VALIDATION_ERROR,
                     'errorTitle'   => $summary,
                     'errorMessage' => $message));
  }

  public function encode_multiFeedStory($feed, $next) {
    return json_encode(
               array('method'   => 'multiFeedStory',
                     'content'  =>
                     array('next' => $next,
                           'feed' => $feed)));
  }

  public function encode_feedStory($feed, $next) {
    return json_encode(
               array('method'   => 'feedStory',
                     'content'  =>
                     array('next' => $next,
                           'feed' => $feed)));
  }

  public function create_templatizedFeedStory($title_template, $title_data=array(),
                                    $body_template='', $body_data = array(), $body_general=null,
                                    $image_1=null, $image_1_link=null,
                                    $image_2=null, $image_2_link=null,
                                    $image_3=null, $image_3_link=null,
                                    $image_4=null, $image_4_link=null) {
    return array('title_template'=> $title_template,
                 'title_data'   => $title_data,
                 'body_template'=> $body_template,
                 'body_data'    => $body_data,
                 'body_general' => $body_general,
                 'image_1'      => $image_1,
                 'image_1_link' => $image_1_link,
                 'image_2'      => $image_2,
                 'image_2_link' => $image_2_link,
                 'image_3'      => $image_3,
                 'image_3_link' => $image_3_link,
                 'image_4'      => $image_4,
                 'image_4_link' => $image_4_link);
  }


}

Revision:	1058
Committed:	2008-06-25T02:40:10-07:00 (16 years, 11 months ago) by douglas
File size:	13852 byte(s)
Log Message:	Merged with 2008-06-24!
#	Content
1	<?php
2	// Copyright 2004-2008 Facebook. All Rights Reserved.
3	//
4	// +---------------------------------------------------------------------------+
5	// \| Facebook Platform PHP5 client \|
6	// +---------------------------------------------------------------------------+
7	// \| Copyright (c) 2007 Facebook, Inc. \|
8	// \| All rights reserved. \|
9	// \| \|
10	// \| Redistribution and use in source and binary forms, with or without \|
11	// \| modification, are permitted provided that the following conditions \|
12	// \| are met: \|
13	// \| \|
14	// \| 1. Redistributions of source code must retain the above copyright \|
15	// \| notice, this list of conditions and the following disclaimer. \|
16	// \| 2. Redistributions in binary form must reproduce the above copyright \|
17	// \| notice, this list of conditions and the following disclaimer in the \|
18	// \| documentation and/or other materials provided with the distribution. \|
19	// \| \|
20	// \| THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR \|
21	// \| IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES \|
22	// \| OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. \|
23	// \| IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, \|
24	// \| INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT \|
25	// \| NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, \|
26	// \| DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY \|
27	// \| THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT \|
28	// \| (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF \|
29	// \| THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. \|
30	// +---------------------------------------------------------------------------+
31	// \| For help with this library, contact developers-help@facebook.com \|
32	// +---------------------------------------------------------------------------+
33	//
34
35	include_once 'facebookapi_php5_restlib.php';
36
37	define('FACEBOOK_API_VALIDATION_ERROR', 1);
38	class Facebook {
39	public $api_client;
40
41	public $api_key;
42	public $secret;
43	public $generate_session_secret;
44	public $session_expires;
45
46	public $fb_params;
47	public $user;
48
49	public function __construct($api_key, $secret, $generate_session_secret=false) {
50	$this->api_key = $api_key;
51	$this->secret = $secret;
52	$this->generate_session_secret = $generate_session_secret;
53	$this->api_client = new FacebookRestClient($api_key, $secret);
54
55	$this->validate_fb_params();
56	if (isset($this->fb_params['friends'])) {
57	$this->api_client->friends_list = explode(',', $this->fb_params['friends']);
58	}
59	if (isset($this->fb_params['added'])) {
60	$this->api_client->added = $this->fb_params['added'];
61	}
62	}
63
64	public function validate_fb_params($resolve_auth_token=true) {
65	$this->fb_params = $this->get_valid_fb_params($_POST, 48*3600, 'fb_sig');
66	if (!$this->fb_params) {
67	$this->fb_params = $this->get_valid_fb_params($_GET, 48*3600, 'fb_sig');
68	}
69	if ($this->fb_params) {
70	// If we got any fb_params passed in at all, then either:
71	// - they included an fb_user / fb_session_key, which we should assume to be correct
72	// - they didn't include an fb_user / fb_session_key, which means the user doesn't have a
73	// valid session and if we want to get one we'll need to use require_login(). (Calling
74	// set_user with null values for user/session_key will work properly.)
75	// Note that we should not use our cookies in this scenario, since they may be referring to
76	// the wrong user.
77	$user = isset($this->fb_params['user']) ? $this->fb_params['user'] : null;
78	$session_key = isset($this->fb_params['session_key']) ? $this->fb_params['session_key'] : null;
79	$expires = isset($this->fb_params['expires']) ? $this->fb_params['expires'] : null;
80	$this->set_user($user, $session_key, $expires);
81	} else if (!empty($_COOKIE) && $cookies = $this->get_valid_fb_params($_COOKIE, null, $this->api_key)) {
82	// use $api_key . '_' as a prefix for the cookies in case there are
83	// multiple facebook clients on the same domain.
84	$expires = isset($cookies['expires']) ? $cookies['expires'] : null;
85	$this->set_user($cookies['user'], $cookies['session_key'], $expires);
86	} else if (isset($_GET['auth_token']) && $resolve_auth_token &&
87	$session = $this->do_get_session($_GET['auth_token'])) {
88	$session_secret = ($this->generate_session_secret && !empty($session['secret'])) ? $session['secret'] : null;
89	$this->set_user($session['uid'], $session['session_key'], $session['expires'], $session_secret);
90	}
91
92	return !empty($this->fb_params);
93	}
94
95	// Store a temporary session secret for the current session
96	// for use with the JS client library
97	public function promote_session() {
98	try {
99	$session_secret = $this->api_client->auth_promoteSession();
100	if (!$this->in_fb_canvas()) {
101	$this->set_cookies($this->user, $this->api_client->session_key, $this->session_expires, $session_secret);
102	}
103	return $session_secret;
104	} catch (FacebookRestClientException $e) {
105	// API_EC_PARAM means we don't have a logged in user, otherwise who
106	// knows what it means, so just throw it.
107	if ($e->getCode() != FacebookAPIErrorCodes::API_EC_PARAM) {
108	throw $e;
109	}
110	}
111	}
112
113	public function do_get_session($auth_token) {
114	try {
115	return $this->api_client->auth_getSession($auth_token, $this->generate_session_secret);
116	} catch (FacebookRestClientException $e) {
117	// API_EC_PARAM means we don't have a logged in user, otherwise who
118	// knows what it means, so just throw it.
119	if ($e->getCode() != FacebookAPIErrorCodes::API_EC_PARAM) {
120	throw $e;
121	}
122	}
123	}
124
125	// Invalidate the session currently being used, and clear any state associated with it
126	public function expire_session() {
127	if ($this->api_client->auth_expireSession()) {
128	if (!$this->in_fb_canvas() && isset($_COOKIE[$this->api_key . '_user'])) {
129	$cookies = array('user', 'session_key', 'expires', 'ss');
130	foreach ($cookies as $name) {
131	setcookie($this->api_key . '_' . $name, false, time() - 3600);
132	unset($_COOKIE[$this->api_key . '_' . $name]);
133	}
134	setcookie($this->api_key, false, time() - 3600);
135	unset($_COOKIE[$this->api_key]);
136	}
137
138	// now, clear the rest of the stored state
139	$this->user = 0;
140	$this->api_client->session_key = 0;
141	return true;
142	} else {
143	return false;
144	}
145	}
146
147	public function redirect($url) {
148	if ($this->in_fb_canvas()) {
149	echo '<fb:redirect url="' . $url . '"/>';
150	} else if (preg_match('/^https?:\/\/([^\/]*\.)?facebook\.com(:\d+)?/i', $url)) {
151	// make sure facebook.com url's load in the full frame so that we don't
152	// get a frame within a frame.
153	echo "<script type=\"text/javascript\">\ntop.location.href = \"$url\";\n</script>";
154	} else {
155	header('Location: ' . $url);
156	}
157	exit;
158	}
159
160	public function in_frame() {
161	return isset($this->fb_params['in_canvas']) \|\| isset($this->fb_params['in_iframe']);
162	}
163	public function in_fb_canvas() {
164	return isset($this->fb_params['in_canvas']);
165	}
166
167	public function get_loggedin_user() {
168	return $this->user;
169	}
170
171	public static function current_url() {
172	return 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
173	}
174
175	public function require_login() {
176	if ($user = $this->get_loggedin_user()) {
177	return $user;
178	}
179	$this->redirect($this->get_login_url(self::current_url(), $this->in_frame()));
180	}
181
182	public function require_install() {
183	// this was renamed, keeping for compatibility's sake
184	return $this->require_add();
185	}
186
187	public function require_add() {
188	if ($user = $this->get_loggedin_user()) {
189	if ($this->fb_params['added']) {
190	return $user;
191	}
192	}
193	$this->redirect($this->get_add_url(self::current_url()));
194	}
195
196	public function require_frame() {
197	if (!$this->in_frame()) {
198	$this->redirect($this->get_login_url(self::current_url(), true));
199	}
200	}
201
202	public static function get_facebook_url($subdomain='www') {
203	return 'http://' . $subdomain . '.facebook.com';
204	}
205
206	public function get_install_url($next=null) {
207	// this was renamed, keeping for compatibility's sake
208	return $this->get_add_url($next);
209	}
210
211	public function get_add_url($next=null) {
212	return self::get_facebook_url().'/add.php?api_key='.$this->api_key .
213	($next ? '&next=' . urlencode($next) : '');
214	}
215
216	public function get_login_url($next, $canvas) {
217	return self::get_facebook_url().'/login.php?v=1.0&api_key=' . $this->api_key .
218	($next ? '&next=' . urlencode($next) : '') .
219	($canvas ? '&canvas' : '');
220	}
221
222	public static function generate_sig($params_array, $secret) {
223	$str = '';
224
225	ksort($params_array);
226	// Note: make sure that the signature parameter is not already included in
227	// $params_array.
228	foreach ($params_array as $k=>$v) {
229	$str .= "$k=$v";
230	}
231	$str .= $secret;
232
233	return md5($str);
234	}
235
236	public function set_user($user, $session_key, $expires=null, $session_secret=null) {
237	if (!$this->in_fb_canvas() && (!isset($_COOKIE[$this->api_key . '_user'])
238	\|\| $_COOKIE[$this->api_key . '_user'] != $user)) {
239	$this->set_cookies($user, $session_key, $expires, $session_secret);
240	}
241	$this->user = $user;
242	$this->api_client->session_key = $session_key;
243	$this->session_expires = $expires;
244	}
245
246	public function set_cookies($user, $session_key, $expires=null, $session_secret=null) {
247	$cookies = array();
248	$cookies['user'] = $user;
249	$cookies['session_key'] = $session_key;
250	if ($expires != null) {
251	$cookies['expires'] = $expires;
252	}
253	if ($session_secret != null) {
254	$cookies['ss'] = $session_secret;
255	}
256	foreach ($cookies as $name => $val) {
257	setcookie($this->api_key . '_' . $name, $val, (int)$expires);
258	$_COOKIE[$this->api_key . '_' . $name] = $val;
259	}
260	$sig = self::generate_sig($cookies, $this->secret);
261	setcookie($this->api_key, $sig, (int)$expires);
262	$_COOKIE[$this->api_key] = $sig;
263	}
264
265	/**
266	* Tries to undo the badness of magic quotes as best we can
267	* @param string $val Should come directly from $_GET, $_POST, etc.
268	* @return string val without added slashes
269	*/
270	public static function no_magic_quotes($val) {
271	if (get_magic_quotes_gpc()) {
272	return stripslashes($val);
273	} else {
274	return $val;
275	}
276	}
277
278	public function get_valid_fb_params($params, $timeout=null, $namespace='fb_sig') {
279	$prefix = $namespace . '_';
280	$prefix_len = strlen($prefix);
281	$fb_params = array();
282	foreach ($params as $name => $val) {
283	if (strpos($name, $prefix) === 0) {
284	$fb_params[substr($name, $prefix_len)] = self::no_magic_quotes($val);
285	}
286	}
287	if ($timeout && (!isset($fb_params['time']) \|\| time() - $fb_params['time'] > $timeout)) {
288	return array();
289	}
290	if (!isset($params[$namespace]) \|\| (!$this->verify_signature($fb_params, $params[$namespace]))) {
291	return array();
292	}
293	return $fb_params;
294	}
295
296	public function verify_signature($fb_params, $expected_sig) {
297	return self::generate_sig($fb_params, $this->secret) == $expected_sig;
298	}
299
300	public function encode_validationError($summary, $message) {
301	return json_encode(
302	array('errorCode' => FACEBOOK_API_VALIDATION_ERROR,
303	'errorTitle' => $summary,
304	'errorMessage' => $message));
305	}
306
307	public function encode_multiFeedStory($feed, $next) {
308	return json_encode(
309	array('method' => 'multiFeedStory',
310	'content' =>
311	array('next' => $next,
312	'feed' => $feed)));
313	}
314
315	public function encode_feedStory($feed, $next) {
316	return json_encode(
317	array('method' => 'feedStory',
318	'content' =>
319	array('next' => $next,
320	'feed' => $feed)));
321	}
322
323	public function create_templatizedFeedStory($title_template, $title_data=array(),
324	$body_template='', $body_data = array(), $body_general=null,
325	$image_1=null, $image_1_link=null,
326	$image_2=null, $image_2_link=null,
327	$image_3=null, $image_3_link=null,
328	$image_4=null, $image_4_link=null) {
329	return array('title_template'=> $title_template,
330	'title_data' => $title_data,
331	'body_template'=> $body_template,
332	'body_data' => $body_data,
333	'body_general' => $body_general,
334	'image_1' => $image_1,
335	'image_1_link' => $image_1_link,
336	'image_2' => $image_2,
337	'image_2_link' => $image_2_link,
338	'image_3' => $image_3,
339	'image_3_link' => $image_3_link,
340	'image_4' => $image_4,
341	'image_4_link' => $image_4_link);
342	}
343
344
345	}
346