Skip to content

Instantly share code, notes, and snippets.

@mazharul

mazharul/gist:1421582

Created December 2, 2011 03:21
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save mazharul/1421582 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save mazharul/1421582 to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. mazharul revised this gist Dec 2, 2011. 1 changed file with 1 addition and 11 deletions.
    12 changes: 1 addition & 11 deletions gistfile1.aw
    View file
    Original file line number Diff line number Diff line change
    @@ -2,30 +2,20 @@
    session_start();
    $code = $_GET["code"];
    $appId = $common->getAppId(); // your app id

    $myUrl = $_SERVER['HTTP_REFERER'];
    $appSecret = $common->secret(); //your app secret

    if(empty($code)) {
    $_SESSION['state'] = md5(uniqid(rand(), TRUE)); //CSRF protection

    $dialog_url = "http://www.facebook.com/dialog/oauth?client_id="
    . $appId . "&redirect_uri=" . urlencode($myUrl) . "&state="
    . $_SESSION['state']."&scope=email,publish_stream,user_likes";

    echo("<script> top.location.href='" . $dialog_url . "'</script>");
    }

    if($_GET['state'] == $_SESSION['state']){

    $token_url = "https://graph.facebook.com/oauth/access_token?"
    . "client_id=" . $appId . "&redirect_uri=" . urlencode($myUrl)
    . "&client_secret=" . $appSecret . "&code=" . $code;


    $response = file_get_contents($token_url);


    $response = file_get_contents($token_url);
    }else{
    //CSRF protection
    //Somebody or some file is attacking
  2. mazharul revised this gist Dec 2, 2011. 1 changed file with 19 additions and 19 deletions.
    38 changes: 19 additions & 19 deletions gistfile1.aw
    View file
    Original file line number Diff line number Diff line change
    @@ -1,33 +1,33 @@
    <?php
    session_start();
    $code = $_GET["code"];
    $appId = $common->getAppId(); // your app id
    session_start();
    $code = $_GET["code"];
    $appId = $common->getAppId(); // your app id

    $myUrl = $_SERVER['HTTP_REFERER'];
    $appSecret = $common->secret(); //your app secret
    $myUrl = $_SERVER['HTTP_REFERER'];
    $appSecret = $common->secret(); //your app secret

    if(empty($code)) {
    $_SESSION['state'] = md5(uniqid(rand(), TRUE)); //CSRF protection
    if(empty($code)) {
    $_SESSION['state'] = md5(uniqid(rand(), TRUE)); //CSRF protection

    $dialog_url = "http://www.facebook.com/dialog/oauth?client_id="
    . $appId . "&redirect_uri=" . urlencode($myUrl) . "&state="
    . $_SESSION['state']."&scope=email,publish_stream,user_likes";
    $dialog_url = "http://www.facebook.com/dialog/oauth?client_id="
    . $appId . "&redirect_uri=" . urlencode($myUrl) . "&state="
    . $_SESSION['state']."&scope=email,publish_stream,user_likes";

    echo("<script> top.location.href='" . $dialog_url . "'</script>");
    }
    echo("<script> top.location.href='" . $dialog_url . "'</script>");
    }

    if($_GET['state'] == $_SESSION['state']){
    if($_GET['state'] == $_SESSION['state']){

    $token_url = "https://graph.facebook.com/oauth/access_token?"
    $token_url = "https://graph.facebook.com/oauth/access_token?"
    . "client_id=" . $appId . "&redirect_uri=" . urlencode($myUrl)
    . "&client_secret=" . $appSecret . "&code=" . $code;


    $response = file_get_contents($token_url);
    $response = file_get_contents($token_url);


    }else{
    //CSRF protection
    //Somebody or some file is attacking
    }
    }else{
    //CSRF protection
    //Somebody or some file is attacking
    }
    ?>
  3. mazharul revised this gist Dec 2, 2011. 1 changed file with 4 additions and 4 deletions.
    8 changes: 4 additions & 4 deletions gistfile1.aw
    View file
    Original file line number Diff line number Diff line change
    @@ -1,10 +1,10 @@
    <?php
    session_start();
    $code = $_GET["code"];
    $appId = $common->getAppId();
    $appId = $common->getAppId(); // your app id

    $myUrl = $_SERVER['HTTP_REFERER'];
    $appSecret = $common->secret();
    $appSecret = $common->secret(); //your app secret

    if(empty($code)) {
    $_SESSION['state'] = md5(uniqid(rand(), TRUE)); //CSRF protection
    @@ -13,7 +13,7 @@
    . $appId . "&redirect_uri=" . urlencode($myUrl) . "&state="
    . $_SESSION['state']."&scope=email,publish_stream,user_likes";

    // echo("<script> top.location.href='" . $dialog_url . "'</script>");
    echo("<script> top.location.href='" . $dialog_url . "'</script>");
    }

    if($_GET['state'] == $_SESSION['state']){
    @@ -23,7 +23,7 @@
    . "&client_secret=" . $appSecret . "&code=" . $code;


    // $response = file_get_contents($token_url);
    $response = file_get_contents($token_url);


    }else{
  4. mazharul created this gist Dec 2, 2011.
    33 changes: 33 additions & 0 deletions gistfile1.aw
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,33 @@
    <?php
    session_start();
    $code = $_GET["code"];
    $appId = $common->getAppId();

    $myUrl = $_SERVER['HTTP_REFERER'];
    $appSecret = $common->secret();

    if(empty($code)) {
    $_SESSION['state'] = md5(uniqid(rand(), TRUE)); //CSRF protection

    $dialog_url = "http://www.facebook.com/dialog/oauth?client_id="
    . $appId . "&redirect_uri=" . urlencode($myUrl) . "&state="
    . $_SESSION['state']."&scope=email,publish_stream,user_likes";

    // echo("<script> top.location.href='" . $dialog_url . "'</script>");
    }

    if($_GET['state'] == $_SESSION['state']){

    $token_url = "https://graph.facebook.com/oauth/access_token?"
    . "client_id=" . $appId . "&redirect_uri=" . urlencode($myUrl)
    . "&client_secret=" . $appSecret . "&code=" . $code;


    // $response = file_get_contents($token_url);


    }else{
    //CSRF protection
    //Somebody or some file is attacking
    }
    ?>