PHP

Login User for a Facebook Application

This tutorial will teach the user how to use the Facebook platform to control user logins to their Facebook application.
//some more content

Here is an example class of what I created for some other random app. As you can see I have created a class (acting much like a wrapper really) around the Facebook login method: facebook->require_login(). This particular app required the user to be registered on their own database after connecting through Facebook. The function _f_checkRegistered($fb_user) will check first time registration, this could act like a start screen for a new player to a Facebook game for example.

<?php
class Facebook_User{
	
	var $db = null;
	var $msg = '&nbsp;';
	var $date;
	var $ip = '';
	var $myKey = '';
	var $facebook = null;
	var $user_details = '&nbsp;';
	
	function Facebook_User(&$db, &$facebook){
		$this->db = $db;
		$this->facebook = $facebook;
		$this->date = $GLOBALS['date'];
		$this->ip = $_SERVER['REMOTE_ADDR'];
		$this->myKey = "54M_i1lM4N";
		
		$expires = $facebook->session_expires;
		$time = time();
		if($expires < $time){
			//$facebook->expire_session();
		}
		if($_SESSION['logged']){
		}else{
			if($_SESSION['F_LOG']){
				if($_SESSION['logged']){
					$this->_f_sessionDefaults();
				}
				$this->_f_checkSession();
			}
		}
	}
	
	function generatePassword() {
		$length=9; 
		$strength=8;
		$vowels = 'aeuy';
		$consonants = 'bdghjmnpqrstvz';
		if ($strength & 1) {
			$consonants .= 'BDGHJLMNPQRSTVWXZ';
		}
		if ($strength & 2) {
			$vowels .= "AEUY";
		}
		if ($strength & 4) {
			$consonants .= '23456789';
		}
		if ($strength & 8) {
			$consonants .= '@#$%';
		}
	 
		$password = '';
		$alt = time() % 2;
		for ($i = 0; $i < $length; $i++) {
			if ($alt == 1) {
				$password .= $consonants[(rand() % strlen($consonants))];
				$alt = 0;
			} else {
				$password .= $vowels[(rand() % strlen($vowels))];
				$alt = 1;
			}
		}
		return $password;
	}
	
	function linEncrypt($pass) {
		$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
		$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); //Creating the vector
		$cryptedpass = mcrypt_encrypt (MCRYPT_RIJNDAEL_256, $this->mykey, $pass, MCRYPT_MODE_ECB, $iv);
		return $cryptedpass;
	}
	
	
	function _f_sessionDefaults(){
		$_SESSION['uid'] = 0;
		$_SESSION['name'] = '';
		$_SESSION['FP_TEMP'] = '';
		$_SESSION['F_LOG'] = false;
	}
	
	function _f_checkSession(){
		
		$facebook_uid = $this->db->quote($_SESSION['uid']);
		$fullName = $this->db->quote($_SESSION['name']);
		
		$sql = "SELECT * FROM facebook_User WHERE UID = $facebook_uid AND Name = $fullName";
		
		$result = $this->db->getRow($sql);
		
		if(is_object($result)){
			if($_SESSION['FP_TEMP'] == md5($result->TMP_PW)){
				$this->_f_login();
			}else{
				$this->_f_sessionDefaults();
				return false;				
			}
		}else{
			$this->_f_sessionDefaults();
			return false;
		}
		
	}
	
	function _f_login(){
			
		$fb_user = $this->facebook->require_login();
		$this->_f_checkRegistered($fb_user);
	}
	
	function _f_Logout(){
		$this->facebook->expire_session();
		$this->facebook->clear_cookie_state();
	}
	
	function _f_assignCred($facebook_uid, $fullName){
		
		$TMP_PW = $this->linEncrypt($this->generatePassword());
		$F_PWTMP = $this->db->quote($TMP_PW);
		
		$_SESSION['uid'] = $facebook_uid;
		$_SESSION['name'] = $fullName;
		$_SESSION['FP_TEMP'] = md5($TMP_PW);
		$_SESSION['F_LOG'] = true;
		
		$sql = "UPDATE facebook_User SET TEMP_PW = $F_PWTMP WHERE UID = $facebook_uid AND Name = $fullName";
		$this->db->query($sql);
		
	}
	
	function _f_checkRegistered($fb_user){
		
		$user_details = $this->facebook->api_client->users_getInfo($fb_user, array('name'));
		$facebook_uid = $this->db->quote($fb_user); 
		$fullName = $this->db->quote($user_details[0]['name']);
		
		$sql = "SELECT * FROM facebook_User WHERE UID = $facebook_uid AND Name = $fullName";
		$result = $this->db->getRow($sql);
		
		if(is_object($result)){
			$this->_f_assignCred($facebook_uid, $fullName);
			return true;
		}else{ 
			return false;
		}
	}
	
	function _f_URegister($fb_user){
		//XXX @todo: make registration script
	}
}
?>

I should just mention this class is incomplete so don’t blame me if all of it does not work. But this is the basic structure I use for Facebook apps.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s