Facebook App Issue - Can not obtain Permissions , Keeps on refreshing - javascript

I found this Love Calculator app online , It is open source and free to use, I setted it up on my test server, I added all the app Id's and secrets and did all the setting but I am getting this permissions issue when I or Someone else try to use it , There are 3 Important files in this script,
Config.php (i setted it up , it has only 4 fields for the app id,secret,canvas url,app domain)
Index.php
Facebook.php (this is the sdk I figure)
Config.php is loaded in Index.php with the following code
include_once ('lib/facebook.php'); // Facebook client library
include_once ('config.php'); // Config file
// Constants are located in config.php file
$facebook = new Facebook(
array(
'appId' => FACEBOOK_APP_ID,
'secret' => FACEBOOK_SECRET_KEY,
'cookie' => true,
'domain' => FACEBOOK_DOMAIN
)
);
Now , When I tried to figure out the problem , I found this code in index.php for obtaining permissions
$session = $facebook->getSession();
if (!$session) {
$url = $facebook->getLoginUrl(array(
'canvas' => 1,
'fbconnect' => 0,
'scope' => 'publish_stream'
));
echo "<script type='text/javascript'>top.location.href = '$url';</script>";
} else {
try {
$uid = $facebook->getUser();
$me = $facebook->api('/me');
$updated = date("l, F j, Y", strtotime($me['updated_time']));
} catch (FacebookApiException $e) {
echo "<script type='text/javascript'>top.location.href = '$url';</script>";
exit;
}
}
The canvas app url is https://apps.facebook.com/fb-love-calculator-f
The domain url is https://apps.mjobz.com/love/

You are using and out dated version of facebook sdk, Facebook sdk has updated a couple of times after this one

Related

Sentry.io JavaScript tunnel on Laravel route?

The issue:
Because of issues with the JavaScript code loading I am trying to integrate sentry with the tunnel option. This would prevent the blocking, if a user has an ad-blocker enabled.
https://docs.sentry.io/platforms/javascript/troubleshooting/#using-the-tunnel-option
Now they provide an example code for this tunnel in their documentation:
<?php
// Change $host appropriately if you run your own Sentry instance.
$host = "sentry.io";
// Set $known_project_ids to an array with your Sentry project IDs which you
// want to accept through this proxy.
$known_project_ids = array( );
$envelope = stream_get_contents(STDIN);
$pieces = explode("\n", $envelope, 2);
$header = json_decode($pieces[0], true);
if (isset($header["dsn"])) {
$dsn = parse_url($header["dsn"]);
$project_id = intval(trim($dsn["path"], "/"));
if (in_array($project_id, $known_project_ids)) {
$options = array(
'http' => array(
'header' => "Content-type: application/x-sentry-envelope\r\n",
'method' => 'POST',
'content' => $envelope
)
);
echo file_get_contents(
"https://$host/api/$project_id/envelope/",
false,
stream_context_create($options));
}
}
In the app.php, the layout file of my project, I am calling the JavaScript Sentry like this:
<script src="{{ asset('/assets/js/app.js') }}" crossorigin="anonymous"></script>
My question:
What I don't understand is how to integrate this into the web.php as a route. So it gets called everytime an JavaScript error occured.
You should be able to define a route like this:
Route::post('/sentry-tunnel', function (Request $request) {
// Change $host appropriately if you run your own Sentry instance.
$host = "sentry.io";
// Set $known_project_ids to an array with your Sentry project IDs which you
// want to accept through this proxy.
$known_project_ids = [];
$envelope = $request->getContent();
$pieces = explode("\n", $envelope, 2);
$header = json_decode($pieces[0], true);
if (isset($header['dsn'])) {
$dsn = parse_url($header['dsn']);
$project_id = intval(trim($dsn['path'], '/'));
if (in_array($project_id, $known_project_ids)) {
return Http::withBody($envelope, "application/x-sentry-envelope")
->post("https://$host/api/$project_id/envelope/");
}
}
});
And then call the URL '/sentry-tunnel' from your JavaScript. Don't forget to add your project ID and credentials if necessary.

Change Register/Lost Password "action links" URLs, titles & Modify Error pages. Theme My Login plugin driven Wordpress network multisite

I have set up a huge a network multisite for my client which receives 1000's of new users per month and is already 5 clone network sites deep and counting It has a static Home page with the Theme-my-login plugin running on a customised Divi child theme.
On the customised login page there is the login itself which works fine, and below that two "action links" for "Register" and "Lost Password". I have two external custom pages to link to for both links.
So I edit the child theme's functions.php file which already has a few working filters in it handling external authentication, video (popcorn.js), dynamic copyright and hiding the Wordpress Logo from the Admin Bar.
I wanted to change the default Register/Lost Password "action links" to different URLs, change their link titles and Modify the Error pages so that the "Lost Password?" Link would lead to the same URL as the Lost Password "action link".
Below is the Functions.php file before above required changes:
<?php
/*
PHP script content in functions.php of Child Theme in Wordpress Network
Multisite.
Functions to add new externally authenticated users as wordpress users
at subscriber level via email field using HTTP POST.
Usernames expected in the format: user#DOMAIN.com or user#role.DOMAIN.com
(also all variations of .com.au, .co.nz, etc.)
New Wordpress Network MultiSite Subfolders are assigned to their own groups of users.
On login their WordPress profile is automatically created in the MultiSite
Subfolder for that user; based on the DOMAIN portion of username/email.
Accordingly, Wordpress Network Subfolder names match the DOMAIN exactly.
eg: "http://wpsite.com/DOMAIN/Home" is the landing page for the user:
"user#DOMAIN.com" or "user#DOMAIN.com.au" and so on.
The Logic flow is below annotated and step by step along with the script:
1.Do the external check: The external login must be successful and the return
value must be validated with a "200" response from the external auth' server.
If response is anything else give an error.
2.Do another check to see if they exist in the WP DB, if not; create them
first (EVERY user in WordPress has a unique ID, so using this ID to identify a user in this script.)
If the ID is found, our user is automatically logged in
and lands on their home page.
If the user does NOT exist, the user should be created automatically on the
relevant subfolder site (see notes ablove)
*/
// PHP code starts here:
// The two lines of filters below are executed just before the invocation of the
// WordPress authentication process.
add_filter( 'authenticate', 'external_auth', 10, 3 );
add_filter( 'login_redirect', 'ds_login_redirect', 10, 3 );
function external_auth( $user, $username, $password ){
// Make sure a username and password are present for us to work with
if($username == '' || $password == '') return;
// Try to log into the external service or database with username and password
$args = array(
'method' => 'POST',
'timeout' => 45,
'redirection' => 5,
'httpversion' => '1.0',
'blocking' => true,
'headers' => array(),
'body' => array( 'username' => $username, 'password' => $password ),
'cookies' => array()
);
$ext_auth = wp_remote_post("http://IP.OF.EXTERNAL.AUTH:SERVER/api-token-auth/",$args);
// If external authentication was successful
if($ext_auth['response']['code'] == 200) {
$userobj = new WP_User();
$user = $userobj->get_data_by( 'login', $username );
// Does not return a WP_User object :(
$user = new WP_User($user->ID);
// Attempt to load up the user with that ID
if( $user->ID == 0 ) {
// The user does not currently exist in the WordPress user table.
// If you don't want to add new users to WordPress when they don't already
// exist; uncomment the following line and remove the create WP user code
//$user = new WP_Error( 'denied', __("ERROR: Not a valid user for this system") );
// Setup minimum required user information and create WP user
$new_user_id = wpmu_create_user($username, $password, $username);
// A new user has been created
// Match DOMAIN in username/email to WordPress Subfolder and add permission to relevent blog
$domain_end = explode('#', $username);
//var_dump($domain_end);
$match = explode('.', $domain_end[1]);
//var_dump($match);
$domain = 'YOUR_DOMAIN.com';
foreach ($match as $blog_key){
$path = '/'.$blog_key.'/';
$blog_id = get_blog_id_from_url ( $domain, $path );
if ($blog_id != 0) break;
}
//Specify their role
$role = 'subscriber';
// Give the user access to their blog.
add_user_to_blog($blog_id, $new_user_id, $role);
// Load the new user info
$user = new WP_User ($new_user_id);
}
}else if($ext_auth['response']['code'] == 400){
$user = new WP_Error( 'denied', __("ERROR: User/pass bad") );
}
// Comment below line to fall back to WordPress authentication
// (in case external service offline for maintenance)
remove_action('authenticate', 'wp_authenticate_username_password', 20);
return $user;
}
function ds_login_redirect( $redirect_to, $request_redirect_to, $user )
{
if ($user->ID != 0) {
$user_info = get_userdata($user->ID);
if ($user_info->primary_blog) {
$primary_url = get_blogaddress_by_id($user_info->primary_blog) . 'index/';
if ($primary_url) {
//echo $primary_url; die();
wp_redirect($primary_url);
die();
}
}
}
return $redirect_to;
}
/* Include popcorn.js --------------------- */
function theme_name_scripts() {
wp_enqueue_script( 'popcorn', get_template_directory_uri() . '/js/popcorn.js', array(), '1.0.0', true );
}
add_action( 'wp_enqueue_scripts', 'theme_name_scripts' );
/* Dynamic Copyright---------------------WPN-10-03-2016--*/
function dynamic_copyright() {
global $wpdb;
$copyright_dates = $wpdb->get_results("
SELECT
YEAR(min(post_date_gmt)) AS firstdate,
YEAR(max(post_date_gmt)) AS lastdate
FROM
$wpdb->posts
WHERE
post_status = 'publish'
");
$output = '';
if($copyright_dates) {
$copyright = $copyright_dates[0]->firstdate;
if($copyright_dates[0]->firstdate != $copyright_dates[0]->lastdate) {
$copyright .= '-' . $copyright_dates[0]->lastdate;
}
$output = $copyright;
}
return $output;
}
/* Remove WP Logo -------------------------- */
function annointed_admin_bar_remove() {
global $wp_admin_bar;
/* Remove their stuff */
$wp_admin_bar->remove_menu('wp-logo');
}
add_action('wp_before_admin_bar_render', 'annointed_admin_bar_remove', 0);
if ( ! function_exists( 'get_custom_header' ) ) {
// compatibility with versions of WordPress prior to 3.4.
add_custom_background();
} else {
add_theme_support( 'custom-background', apply_filters( 'et_custom_background_args', array() ) );
}
?>
Here is the final working code I added just above /* Include popcorn.js --------------------- */ of functions.php after much testing and changing:
/* Filter to redirect register and lost password pages-------------WPN-09-03-2016--*/
function tml_action_url( $url, $action, $instance ) {
if ( 'register' == $action )
$url = 'https://EXTERNAL-REGISTRATION-PAGE/';
elseif ( 'lostpassword' == $action )
$url = 'https://EXTERNAL-PASSWORD-RESET-PAGE';
return $url;
}
add_filter( 'tml_action_url', 'tml_action_url', 10, 3 );
/* Filter to change titles of links to above--------------------WPN-09-03-2016--*/
function tml_title( $title, $action ) {
if ( is_user_logged_in() ) {
$user = wp_get_current_user;
if ( 'profile' == $action )
$title = 'Your Profile';
else
$title = sprintf( 'Welcome, %s', $user->display_name );
} else {
switch ( $action ) {
case 'register' :
$title = 'Not a member? Register';
break;
case 'lostpassword':
$title = 'Forgot your password? Reset it';
break;
case 'retrievepassword':
case 'resetpass':
case 'rp':
case 'login':
default:
$title = 'Sign In';
}
}
return $title;
}
add_filter( 'tml_title', 'tml_title', 11, 2 );
/* Filter to change link in user error message------------------WPN-10-03-2016--*/
function login_error_message($error){
//check if that's the error you are looking for
$pos = strpos($error, 'incorrect');
if (is_int($pos)) {
//its the right error so you can overwrite it
$error = "<strong>ERROR</strong>: Invalid username/password. <a href= https://EXTERNAL-PASSWORD-RESET-PAGE/>Lost Password?</a>";
}
else $error = "<strong>ERROR</strong>: Invalid username/password. <a href= https://EXTERNAL-PASSWORD-RESET-PAGE/>Lost Password?</a>";
return $error;
}
add_filter('login_errors','login_error_message');
Kudos to Igor Yavych who bailed me out while I was making a rookie mistake very early hours of the morning after no sleep last night while experimenting with code to finally get the working result! ( See here: Wordpress PHP issue in functions.php regarding if and else if statement )

Facebook Api Friends List Not Working server

i trying get friends list from facebook using graph api and Graph secret. first i have tired Localhost its Working well.i got taotal friends of facebook. i have used Graph api and secret key.
My code Looks like
facebook.php
<?php
require '/src/facebook.php';
$facebook = new Facebook(array(
'appId' => 'XXXXXXXXXXXXXXXXX',
'secret' => 'XXXXXXXXXXXXXXXXX',
));
$app_id = 'xxxxxxxxxxxxxxxxxx';
$app_secret = 'xxxxxxxxxxxxxxxx';
$user = $facebook->getUser();
if ($user) {
try {
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
}
if ($user) {
$logoutUrl = $facebook->getLogoutUrl();
$result = $facebook->api('/me/friends');
print "<pre>";
//print_r($result);
$json_output=($result['summary']['total_count']);
// echo "<h1>".'<p>Following</p>'. $json_output. "</h1>";
echo '<p>Friends</p>'. "<h1>".$json_output. "</h1>";
//echo '<div class="col-md-6 two">."<span>".$json_output."</span>""<p>FRIENDS COUNTR</p></div>';
print "</pre>";
} else {
$statusUrl = $facebook->getLoginUrl();
$loginUrl = $facebook->getLoginUrl(array('scope' => 'user_friends'));
}
?>
this code i called my index html code
my top of the page i have write Looks like
<?php
session_start();
?>
i have include facebook.php in my html page assign particular place its Looks like
<div class="col-md-6 two">
<!--
<span>36</span>
<p>Following</p>--->
<?php include("facebook.php"); ?>
</div>
this code working localhost xampp. When i move this code server side its showing that particular place blank page ?
There is probably some error on your page when running it on the server but you probably have error reporting turned off on the server. If you can turn on PHP error reporting on your server you'll probably be able to track down the problem pretty quickly.
A quick guess would be that you haven't uploaded the required file 'src/facebook.php'

Jquery and Swfupload causing whole website to slow down drastically

I have been working on a website for a while and I recently encountered a problem that I can't seem to figure out. I am a relatively new web developer so help would be greatly appreciated.
I am using swfupload to handle audio uploads to my website. I am aware that swfupload has the power to handle multiple file uploads at once through a queue. However, when I queue up a long list of audio files, the uploading would begin to get slow and slower with each file...The php code used to handle the uploading is given below. Even though the code references a lot of other helper functions, I will do my best to explain what I am trying to do...
Essentially with all the fluff aside such as user authorization checks..etc, the code creates a temporary "track" which is stored in my database. Tracks are stored under a certain album(I refer to albums as releases) and once a temporary track is created under that certain album, I can then upload an audio file under that database entry. I use getID3 to parse the media file and then update the track information in the database by whatever I can pull from the audio.
This code works fine but if I select over (queue up) 15ish tracks to upload, the tracks after the 15th one becomes slow and by the 50th track...uploading will take over 10 minutes for just 1 file. I know there can be a lot of issues causing this but I was just wondering if anyone had a hint on where this issue might be?
Thanks a lot!
<?php
private function saveBatchAudio($artist) {
Utils::checkFileUpload();
if ($this->isEditable($artist['artist_id'])) {
require_once "Db/DbTracks.php";
require_once "Db/DbReleases.php";
$trackList = DbTracks::getTracksByReleaseHash($_POST['ReleaseHash'], 0, 100);
$trackListOrder = count($trackList);
$row = array(
'track_name' => Utils::escape($_POST['Name']),
'artist_id' => $artist['artist_id'],
'release_hash' => Utils::escape($_POST['ReleaseHash']),
'track_order' => $trackListOrder+1,
'user_id' => $_SESSION['user']['user_id'],
'track_upload_user_ip' => Utils::getIpAddress()
);
$id = DbTracks::newTrack($row);
$this->log($artist, "User [{$_SESSION['user']['user_name']}] has created track:" . var_export($row, true));
}
else {
echo json_encode(array(
'message' => Utils::getMessage('e001')
));
}
require_once "Db/DbTracks.php";
$track = DbTracks::getTrackById($id);
if (!empty($track)) {
$f = __FFM_ARCHIVE__ . $track['release_hash'] . '/' . $track['track_filename'];
if (!empty($track['track_filename']) && file_exists($f)) {
unlink($f);
}
include_once "formatting.php";
$filename = wp_unique_filename(__FFM_ARCHIVE__ . $track['release_hash'], $_FILES['Filedata']['name']);
$path = __FFM_ARCHIVE__ . $track['release_hash'] . '/' . $filename;
if (!is_dir(dirname($path))) {
wp_mkdir_p(dirname($path));
}
move_uploaded_file($_FILES["Filedata"]["tmp_name"], $path);
require_once(dirname(__FILE__) . '/../../getid3/getid3.php');
$getID3 = new getID3;
$getID3->setOption(array('encoding' => 'UTF-8'));
$info = $getID3->analyze($path);
getid3_lib::CopyTagsToComments($info);
$data = array(
'track_name' => isset($info['tags']['id3v2']['title']['0']) ? $info['tags']['id3v2']['title']['0'] : $filename,
'track_label' => isset($info['tags']['id3v2']['album']['0']) ? $info['tags']['id3v2']['album']['0'] : Utils::escape($_POST['Label']),
'track_year' => isset($info['tags']['id3v2']['year']['0']) ? $info['tags']['id3v2']['year']['0'] : Utils::escape($_POST['Year']),
'track_filename' => $filename,
'track_size' => filesize($path),
'track_length' => isset($info['playtime_seconds']) ? $info['playtime_seconds'] : 0,
'track_bitrate' => isset($info['audio']['bitrate']) ? $info['audio']['bitrate'] : 0,
);
DbTracks::updateTrackById($track['track_id'], $data);
$this->zipFolder(__FFM_ARCHIVE__ . $track['release_hash'], $track['release_hash']);
$this->log($artist, "User [{$_SESSION['user']['user_name']}] has uploaded track");
echo json_encode(array(
'mp3' => $mp3 = __FFM_ARCHIVE_FRONT__ . $track['release_hash'] . '/' . $filename
));
} else {
echo json_encode(array(
'message' => Utils::getMessage('e002')
));
}
}
?>

jQuery File Upload with Wistia API

I've got an demo page with jQuery File Upload that is currently allowing upload of video files to the web hosting through PHP.
Code:
<?
// A list of permitted file extensions
$allowed = array('mov', 'mp4', 'avi');
if(isset($_FILES['upl']) && $_FILES['upl']['error'] == 0){
$extension = pathinfo($_FILES['upl']['name'], PATHINFO_EXTENSION);
if(!in_array(strtolower($extension), $allowed)){
echo '{"status":"error"}';
exit;
}
if(move_uploaded_file($_FILES['upl']['tmp_name'], 'uploads/'.$_FILES['upl']['name'])){
echo '{"status":"success"}';
exit;
}
}
echo '{"status":"error"}';
exit;
?>
I need this demo to be fully working to upload video files to my Wistia gallery through their API instead of upload directory.
Working snippet for upload.php to Wistia API with video url:
<?
$data = array(
'api_password' => '[password]',
'project_id' => '[project_id]',
'url' => '[video_url]'
);
$wistia = curl_init('https://upload.wistia.com');
curl_setopt_array($wistia, array(
CURLOPT_POST => TRUE,
CURLOPT_RETURNTRANSFER => TRUE,
CURLOPT_POSTFIELDS => http_build_query($data)
));
// Send the request
$wistia_request = curl_exec($wistia);
?>
However changing these values and using it in my form doesn't work:
$data = array(
'api_password' => '[password]',
'project_id' => '[project_id]',
'file' => '#' . $_FILES['upl']['name']
);
As you can see I need guidance and help. Any hints are much appreciated.
Here's some docs for this project:
http://wistia.com/doc/upload-api
https://github.com/blueimp/jQuery-File-Upload
Solved!
$data = [
'file' => "#{$_FILES['upl']['tmp_name']};filename={$_FILES['upl']['name']};type={$_FILES['upl']['type']}"
]
If you are going to upload the file directly there is no reason to move the uploaded file. You could probably just use the tmp-file directly.
$data= [
'file' => '#' . $_FILES['upl']['tmp_name']
]
The next problem is that you are now doing 2 video uploads. 1 from the users computer to your server and then one from your server to Wistia.
So instead of letting the user wait for 2 uploads you should move the second one into a background task.

Categories

Resources