function fb_user_fb in Drupal for Facebook 6.2
Same name and namespace in other branches
- 5.2 fb_user.module \fb_user_fb()
- 5 fb_user.module \fb_user_fb()
- 6.3 fb_user.module \fb_user_fb()
- 7.4 fb_user.module \fb_user_fb()
- 7.3 fb_user.module \fb_user_fb()
Implementation of hook_fb.
File
- ./
fb_user.module, line 140 - This module manages relations between local Drupal user accounts and their accounts on facebook.com.
Code
function fb_user_fb($op, $data, &$return) {
$fb_app = isset($data['fb_app']) ? $data['fb_app'] : NULL;
$fb = isset($data['fb']) ? $data['fb'] : NULL;
global $user;
if ($fb_app) {
$fb_user_data = _fb_user_get_config($fb_app);
}
if ($op == FB_OP_POST_INIT) {
// Observe special rules for canvas page users without local accounts
if (!$user->uid && !_fb_user_special_page() && !isset($_REQUEST['form_id'])) {
if ($fbu = fb_facebook_user($fb) && fb_api_check_session($fb) && !$fb->api_client
->users_isAppUser()) {
$uid = $fb_user_data['logged_in_uid'];
}
elseif (isset($fb_user_data['fb_user'])) {
$uid = $fb_user_data['fb_user']['not_logged_in_uid'];
}
if (isset($uid)) {
// Be careful on maintenance pages.
if (!variable_get('site_offline', FALSE) || user_access('administer site configuration', $account)) {
$account = user_load(array(
'uid' => $uid,
));
$valid_user = user_external_login($account);
if (!$valid_user) {
drupal_access_denied();
exit;
}
if (fb_verbose() === 'extreme') {
watchdog("fb_user", "fb_user_fb changing user to {$uid}");
}
// debug
}
}
}
}
elseif ($op == FB_OP_APP_IS_AUTHORIZED) {
// This hook is called on every page request, if the user has authorized the app.
$fbu = $data['fbu'];
// The user id on facebook.
// Remember the original uid, in case we have to change it.
$original_uid = $user->uid;
// Make sure session is valid and authmap table is correct.
// Relatively expensive operations, so we perform them only once per session.
if (!isset($_SESSION['fb_user_fbu']) || $_SESSION['fb_user_fbu'] != $fbu) {
if ($valid_session = fb_api_check_session($fb)) {
$_SESSION['fb_user_fbu'] = $fbu;
if ($user->uid != 0 && $user->uid != $fb_user_data['logged_in_uid']) {
// Ensure local user has proper authmap entry.
_fb_user_set_authmap($fb_app, $fbu, $user);
}
else {
// We're anonymous. Check authmap to see if there is a local user for this fbu.
$account = fb_user_get_local_user($fbu, $fb_app);
if ($account) {
// Honoring facebook accounts in off-line mode causes problems.
if (!variable_get('site_offline', FALSE) || user_access('administer site configuration', $account)) {
if (fb_verbose() === 'extreme') {
watchdog("fb_user", "fb_user_fb changing user to {$account->uid}");
}
$valid_user = user_external_login($account);
if (!$valid_user) {
drupal_access_denied();
exit;
}
}
}
}
}
}
// If we've confirmed the session, user is a facebook user.
if ($user->uid != 0 && $user->uid != $fb_user_data['logged_in_uid'] && isset($_SESSION['fb_user_fbu']) && $_SESSION['fb_user_fbu'] == $fbu) {
$user->fbu = $fbu;
}
// Check if the local account needs to be made.
if (!variable_get('site_offline', FALSE) && $user->fbu != $fbu && !_fb_user_special_page() && isset($_SESSION['fb_user_fbu'])) {
if ($fb_user_data['create_account'] == FB_USER_OPTION_CREATE_LOGIN && $fb->api_client
->users_isAppUser()) {
// We need to make a local account for this facebook user.
// A name that is likely to be unique.
$username = "{$fbu}@facebook";
if ($fb_user_data['new_user_rid']) {
$roles = array(
$fb_user_data['new_user_rid'] => TRUE,
);
}
else {
$roles = array();
}
$user = fb_user_create_local_user($fb, $fb_app, fb_facebook_user($fb), array(
'name' => $username,
'roles' => $roles,
));
$user->fbu = $fbu;
watchdog('fb_user', t("Created new user !username for application %app", array(
'!username' => l($user->name, 'user/' . $user->uid),
'%app' => $fb_app->label,
)));
}
}
// It's possible the user was already created by another app.
// In this case we need to add our role.
if ($user->fbu == $fbu && $fb_user_data['new_user_rid'] && !$user->roles[$fb_user_data['new_user_rid']]) {
// there should be an API for this...
db_query('INSERT INTO {users_roles} (uid, rid) VALUES (%d, %d)', $user->uid, $fb_user_data['new_user_rid']);
watchdog('fb_user', "Added role %role to existing user !username for application %app", array(
'!username' => theme('username', $user),
'%app' => $fb_app->label,
'%role' => $fb_user_data['new_user_rid'],
));
}
// Keep a record of user visiting this app.
_fb_user_track($fb, $fb_app, $user);
}
elseif ($op == FB_OP_GET_FBU) {
// This is a request to learn the user's FB id.
$return = _fb_user_get_fbu($data['uid'], $fb_app);
}
elseif ($op == FB_OP_GET_USER_SESSION) {
// Still necessary???
// The fb module is asking for session login information. For example, to
// log in as the user when not on a canvas page. This module may be able
// to provide it, depending on whether the user has logged in, and whether
// the session has expired.
$fbu = $data['fbu'];
$result = db_query("SELECT * FROM {fb_user_app} WHERE apikey = '%s' and fbu = %d AND session_key_expires > %d", $fb_app->apikey, $fbu, time());
$data = db_fetch_object($result);
if ($data && $data->session_key) {
// Return array with FB id and apikey.
$return = array(
$data->fbu,
$data->session_key,
);
}
}
elseif ($op == FB_APP_OP_EVENT) {
// Facebook has notified us of some event.
// We handle some of the events here.
$event_type = $data['event_type'];
// Ensure fb_user_app table accurately reflects whether user has authorized.
if ($event_type == FB_APP_EVENT_POST_AUTHORIZE) {
// User has authorized us to know some details about her.
$fbu = fb_facebook_user($fb);
$proxied_email = fb_user_get_proxied_email($fbu, $fb_app);
// In special cases, do not store the uid column.
$fb_user_data = _fb_user_get_config($fb_app);
if (variable_get(FB_USER_VAR_STATS, TRUE)) {
// If user has authorized then later removed, there will be a row we can replace
db_query("DELETE FROM {fb_user_app} WHERE apikey = '%s' AND fbu = %d", $fb_app->apikey, $fbu);
if ($user->uid || $user->uid == $fb_user_data['not_logged_in_uid'] || $user->uid == $fb_user_data['logged_in_uid']) {
db_query("INSERT INTO {fb_user_app} (apikey, fbu, uid, added, session_key, session_key_expires, time_cron, time_access, proxied_email) VALUES ('%s', %d, %d, 1, '%s', %d, %d, %d, '%s')", $fb_app->apikey, $fbu, $user->uid, $fb->api_client->session_key, $fb->session_expires, 0, time(), $proxied_email);
}
else {
db_query("INSERT INTO {fb_user_app} (apikey, fbu, uid, added, session_key, session_key_expires, time_cron, time_access, proxied_email) VALUES ('%s', %d, %d, 1, '%s', %d, %d, %d, '%s')", $fb_app->apikey, $fbu, 0, $fb->api_client->session_key, $fb->session_expires, 0, time(), $proxied_email);
}
}
}
elseif ($event_type == FB_APP_EVENT_POST_REMOVE) {
// User has removed the app from their account.
// Should we delete the row here???
db_query("UPDATE {fb_user_app} SET added=0, session_key=NULL, session_key_expires=NULL WHERE apikey='%s' AND fbu=%d", $fb_app->apikey, fb_facebook_user($fb));
}
}
}