댓글을 sns 와 연동하기 위한 기초 작업

config.php

@@ -1,8 +1,9 @@
 <?php
 
-//==============================================================================
-// 상수 선언
-//------------------------------------------------------------------------------
+/********************
+    상수 선언
+********************/
+
 // 이 상수가 정의되지 않으면 각각의 개별 페이지는 별도로 실행될 수 없음
 define('_GNUBOARD_', true);
 
@@ -11,9 +12,10 @@ if (PHP_VERSION >= '5.3.0') {
     date_default_timezone_set("Asia/Seoul");
 }
 
- //==============================================================================
-// 경로 상수
-//------------------------------------------------------------------------------
+
+/********************
+    경로 상수
+********************/
 
 /*
 보안서버 도메인
@@ -29,25 +31,26 @@ define('G4_HTTPS_DOMAIN', '');
 www.sir.co.kr 과 sir.co.kr 도메인은 서로 다른 도메인으로 인식합니다. 쿠키를 공유하려면 .sir.co.kr 과 같이 입력하세요.
 이곳에 입력이 없다면 www 붙은 도메인과 그렇지 않은 도메인은 쿠키를 공유하지 않으므로 로그인이 풀릴 수 있습니다.
 */
-define('G4_COOKIE_DOMAIN', '');
+define('G4_COOKIE_DOMAIN',  '');
 
-define('G4_DBCONFIG_FILE', 'dbconfig.php');
+define('G4_DBCONFIG_FILE',  'dbconfig.php');
 
-define('G4_ADMIN_DIR', 'adm');
-define('G4_BBS_DIR', 'bbs');
-define('G4_CSS_DIR', 'css');
-define('G4_DATA_DIR', 'data');
-define('G4_EXTEND_DIR', 'extend');
-define('G4_IMG_DIR', 'img');
-define('G4_JS_DIR', 'js');
-define('G4_LIB_DIR', 'lib');
-define('G4_PLUGIN_DIR', 'plugin');
-define('G4_SKIN_DIR', 'skin');
-define('G4_GCAPTCHA_DIR', 'gcaptcha');
-define('G4_CKEDITOR_DIR', 'ckeditor');
-define('G4_MOBILE_DIR', 'mobile');
-define('G4_KCP_DIR', 'kcp');
-define('G4_SYNDI_DIR', 'syndi');
+define('G4_ADMIN_DIR',      'adm');
+define('G4_BBS_DIR',        'bbs');
+define('G4_CSS_DIR',        'css');
+define('G4_DATA_DIR',       'data');
+define('G4_EXTEND_DIR',     'extend');
+define('G4_IMG_DIR',        'img');
+define('G4_JS_DIR',         'js');
+define('G4_LIB_DIR',        'lib');
+define('G4_PLUGIN_DIR',     'plugin');
+define('G4_SKIN_DIR',       'skin');
+define('G4_GCAPTCHA_DIR',   'gcaptcha');
+define('G4_CKEDITOR_DIR',   'ckeditor');
+define('G4_MOBILE_DIR',     'mobile');
+define('G4_KCP_DIR',        'kcp');
+define('G4_SNS_DIR',        'sns');
+define('G4_SYNDI_DIR',      'syndi');
 
 // URL 은 브라우저상에서의 경로 (도메인으로 부터의)
 if (G4_DOMAIN) {
@@ -65,67 +68,80 @@ if (isset($g4_path['path'])) {
     define('G4_PATH', '');
 }
 
-define('G4_ADMIN_URL', G4_URL.'/'.G4_ADMIN_DIR);
-define('G4_BBS_URL', G4_URL.'/'.G4_BBS_DIR);
-define('G4_CSS_URL', G4_URL.'/'.G4_CSS_DIR);
-define('G4_DATA_URL', G4_URL.'/'.G4_DATA_DIR);
-define('G4_IMG_URL', G4_URL.'/'.G4_IMG_DIR);
-define('G4_JS_URL', G4_URL.'/'.G4_JS_DIR);
-define('G4_SKIN_URL', G4_URL.'/'.G4_SKIN_DIR);
-define('G4_PLUGIN_URL', G4_URL.'/'.G4_PLUGIN_DIR);
-define('G4_GCAPTCHA_URL', G4_PLUGIN_URL.'/'.G4_GCAPTCHA_DIR);
-define('G4_CKEDITOR_URL', G4_PLUGIN_URL.'/'.G4_CKEDITOR_DIR); // CKEDITOR 의 라이브러리 경로
-define('G4_KCP_URL', G4_PLUGIN_URL.'/'.G4_KCP_DIR);
-define('G4_SYNDI_URL', G4_PLUGIN_URL.'/'.G4_SYNDI_DIR);
-define('G4_MOBILE_URL', G4_URL.'/'.G4_MOBILE_DIR);
+define('G4_ADMIN_URL',      G4_URL.'/'.G4_ADMIN_DIR);
+define('G4_BBS_URL',        G4_URL.'/'.G4_BBS_DIR);
+define('G4_CSS_URL',        G4_URL.'/'.G4_CSS_DIR);
+define('G4_DATA_URL',       G4_URL.'/'.G4_DATA_DIR);
+define('G4_IMG_URL',        G4_URL.'/'.G4_IMG_DIR);
+define('G4_JS_URL',         G4_URL.'/'.G4_JS_DIR);
+define('G4_SKIN_URL',       G4_URL.'/'.G4_SKIN_DIR);
+define('G4_PLUGIN_URL',     G4_URL.'/'.G4_PLUGIN_DIR);
+define('G4_GCAPTCHA_URL',   G4_PLUGIN_URL.'/'.G4_GCAPTCHA_DIR);
+define('G4_CKEDITOR_URL',   G4_PLUGIN_URL.'/'.G4_CKEDITOR_DIR); // CKEDITOR 의 라이브러리 경로
+define('G4_KCP_URL',        G4_PLUGIN_URL.'/'.G4_KCP_DIR);
+define('G4_SNS_URL',        G4_PLUGIN_URL.'/'.G4_SNS_DIR);
+define('G4_SYNDI_URL',      G4_PLUGIN_URL.'/'.G4_SYNDI_DIR);
+define('G4_MOBILE_URL',     G4_URL.'/'.G4_MOBILE_DIR);
 
 // PATH 는 서버상에서의 절대경로
-define('G4_ADMIN_PATH', G4_PATH.'/'.G4_ADMIN_DIR);
-define('G4_BBS_PATH', G4_PATH.'/'.G4_BBS_DIR);
-define('G4_DATA_PATH', G4_PATH.'/'.G4_DATA_DIR);
-define('G4_EXTEND_PATH', G4_PATH.'/'.G4_EXTEND_DIR);
-define('G4_LIB_PATH', G4_PATH.'/'.G4_LIB_DIR);
-define('G4_PLUGIN_PATH', G4_PATH.'/'.G4_PLUGIN_DIR);
-define('G4_SKIN_PATH', G4_PATH.'/'.G4_SKIN_DIR);
-define('G4_GCAPTCHA_PATH', G4_PLUGIN_PATH.'/'.G4_GCAPTCHA_DIR);
-define('G4_CKEDITOR_PATH', G4_PLUGIN_PATH.'/'.G4_CKEDITOR_DIR);
-define('G4_KCP_PATH', G4_PLUGIN_PATH.'/'.G4_KCP_DIR);
-define('G4_SYNDI_PATH', G4_PLUGIN_PATH.'/'.G4_SYNDI_DIR);
-define('G4_MOBILE_PATH', G4_PATH.'/'.G4_MOBILE_DIR);
+define('G4_ADMIN_PATH',     G4_PATH.'/'.G4_ADMIN_DIR);
+define('G4_BBS_PATH',       G4_PATH.'/'.G4_BBS_DIR);
+define('G4_DATA_PATH',      G4_PATH.'/'.G4_DATA_DIR);
+define('G4_EXTEND_PATH',    G4_PATH.'/'.G4_EXTEND_DIR);
+define('G4_LIB_PATH',       G4_PATH.'/'.G4_LIB_DIR);
+define('G4_PLUGIN_PATH',    G4_PATH.'/'.G4_PLUGIN_DIR);
+define('G4_SKIN_PATH',      G4_PATH.'/'.G4_SKIN_DIR);
+define('G4_GCAPTCHA_PATH',  G4_PLUGIN_PATH.'/'.G4_GCAPTCHA_DIR);
+define('G4_CKEDITOR_PATH',  G4_PLUGIN_PATH.'/'.G4_CKEDITOR_DIR);
+define('G4_KCP_PATH',       G4_PLUGIN_PATH.'/'.G4_KCP_DIR);
+define('G4_SNS_PATH',       G4_PLUGIN_PATH.'/'.G4_SNS_DIR);
+define('G4_SYNDI_PATH',     G4_PLUGIN_PATH.'/'.G4_SYNDI_DIR);
+define('G4_MOBILE_PATH',    G4_PATH.'/'.G4_MOBILE_DIR);
 //==============================================================================
 
 
-define('G4_USE_CACHE', true); // 최신글등에 cache 기능 사용 여부
+define('G4_USE_CACHE',  true); // 최신글등에 cache 기능 사용 여부
 
 
-// 시간 상수
+/********************
+    시간 상수
+********************/
 // 서버의 시간과 실제 사용하는 시간이 틀린 경우 수정하세요.
 // 하루는 86400 초입니다. 1시간은 3600초
 // 6시간이 빠른 경우 time() + (3600 * 6);
 // 6시간이 느린 경우 time() - (3600 * 6);
-define('G4_SERVER_TIME', time());
-define('G4_TIME_YMDHIS', date('Y-m-d H:i:s', G4_SERVER_TIME));
-define('G4_TIME_YMD', substr(G4_TIME_YMDHIS, 0, 10));
-define('G4_TIME_HIS', substr(G4_TIME_YMDHIS, 11, 8));
+define('G4_SERVER_TIME',    time());
+define('G4_TIME_YMDHIS',    date('Y-m-d H:i:s', G4_SERVER_TIME));
+define('G4_TIME_YMD',       substr(G4_TIME_YMDHIS, 0, 10));
+define('G4_TIME_HIS',       substr(G4_TIME_YMDHIS, 11, 8));
 
 // 입력값 검사 상수 (숫자를 변경하시면 안됩니다.)
-define('G4_ALPHAUPPER', 1); // 영대문자
-define('G4_ALPHALOWER', 2); // 영소문자
-define('G4_ALPHABETIC', 4); // 영대,소문자
-define('G4_NUMERIC', 8); // 숫자
-define('G4_HANGUL', 16); // 한글
-define('G4_SPACE', 32); // 공백
-define('G4_SPECIAL', 64); // 특수문자
+define('G4_ALPHAUPPER',      1); // 영대문자
+define('G4_ALPHALOWER',      2); // 영소문자
+define('G4_ALPHABETIC',      4); // 영대,소문자
+define('G4_NUMERIC',         8); // 숫자
+define('G4_HANGUL',         16); // 한글
+define('G4_SPACE',          32); // 공백
+define('G4_SPECIAL',        64); // 특수문자
 
 // 모바일 인지 결정 $_SERVER['HTTP_USER_AGENT']
-define('G4_MOBILE_AGENT', 'phone|samsung|lgtel|mobile|skt|nokia|blackberry|android|sony');
+define('G4_MOBILE_AGENT',   'phone|samsung|lgtel|mobile|skt|nokia|blackberry|android|sony');
 
-//
-// 기타
-//
+
+/********************
+    SNS 상수
+********************/
+
+define('G4_FACEBOOK_APPID',     '119146498278078');
+define('G4_FACEBOOK_SECRET',    '311e0d6ff8ff43cfe0e75fe82d71777c');
+define('G4_FACEBOOK_CALLBACK',  G4_SNS_URL.'/facebook/callback.php');
+
+
+/********************
+    기타 상수
+********************/
 
 // 게시판에서 링크의 기본갯수를 말합니다.
 // 필드를 추가하면 이 숫자를 필드수에 맞게 늘려주십시오.
-//$g4['link_count'] = 2;
 define('G4_LINK_COUNT', 2);
 ?>

plugin/sns/facebook/.gitignore

@@ -0,0 +1 @@
+/coverage/

plugin/sns/facebook/.travis.yml

@@ -0,0 +1,5 @@
+language: php
+php:
+  - 5.3
+  - 5.4
+script: phpunit --stderr --bootstrap tests/bootstrap.php tests/tests.php

plugin/sns/facebook/_common.php

@@ -0,0 +1,4 @@
+<?php
+$g4_path = "../.."; // common.php 의 상대 경로
+include_once($g4_path."/common.php");
+?>

plugin/sns/facebook/callback.php

@@ -0,0 +1,41 @@
+<?php
+include_once("./_common.php");
+
+require_once(G4_SNS_PATH."/facebook/src/facebook.php");
+
+//https://www.facebook.com/dialog/oauth?client_id=440461349373258&redirect_uri=http%3A%2F%2Fchin.so%2Fbbs%2Fajax.sns.php%3Fsns_name%3Dfacebook%26_%3D1364434991642&state=951675978f0f4a6f5a2dfc01fb45e653
+
+//http://chin.so/plugin/facebook/callback.php?code=AQDKN0YBYm9NB_Ca_XtFZckplQk74Oubsd8OVuFDMHGiXDdiZ9cxr-Sw2cs37XvKQ4h0ryhC21nAbB2I0KhqtWaFyPGpDEnQuMMxZRdwKZvvwRRQrGzl7ttI9oQAQ5Y0_WuROIl-4lKTifbZseSP5tJt_YTX8CXfc7h5w6C73N7tPS66UvtsmbJTYT02uXjTiCKPGnqeTgZjZ7XjzRYEn_l_&state=951675978f0f4a6f5a2dfc01fb45e653#_=_
+
+$config = array(
+    'appId' => FACEBOOK_APPID,
+    'secret' => FACEBOOK_SECRET,
+);
+
+$facebook = new Facebook($config);
+
+if ($_GET['logout'] == 'yes') {
+    unset($_SESSION['fb_'.FACEBOOK_APPID.'_code']);
+    unset($_SESSION['fb_'.FACEBOOK_APPID.'_user_id']);
+    unset($_SESSION['fb_'.FACEBOOK_APPID.'_access_token']);
+    header("Location: ".$_SERVER['PHP_SELF']."");
+}
+
+$user = $facebook->getUser();
+
+if ($user) {
+    try {
+        $user_profile = $facebook->api('/me');
+    } catch (FacebookApiException $e) {
+        error_log($e);
+        $user = NULL;
+    }
+}
+
+if ($user_profile) {
+    sql_query(" update {$g4['member_table']} set mb_sns_facebook = '{$_REQUEST['code']}' where mb_id = '{$member['mb_id']}' ");
+    alert_close("페이스북 승인이 성공 했습니다.\\n\\n댓글의 체크를 해제하지 않으시면 모든 댓글 등록시 페이스북에도 자동 등록됩니다.");
+} else {
+    sql_query(" update {$g4['member_table']} set mb_sns_facebook = '' where mb_id = '{$member['mb_id']}' ");
+    alert_close("페이스북을 로그아웃 했습니다.");
+}

plugin/sns/facebook/changelog.md

@@ -0,0 +1,28 @@
+Facebook PHP SDK (v.3.0.0)
+==========================
+
+The new PHP SDK (v3.0.0) is a major upgrade to the older one (v2.2.x):
+
+- Uses OAuth authentication flows instead of our legacy authentication flow
+- Consists of two classes. The first (class BaseFacebook) maintains the core of the upgrade, and the second one (class Facebook) is a small subclass that uses PHP sessions to store the user id and access token.
+
+If you’re currently using the PHP SDK (v2.2.x) for authentication, you will recall that the login code looked like this:
+
+     $facebook = new Facebook(…);
+     $session = $facebook->getSession();
+     if ($session) {
+       // proceed knowing you have a valid user session
+     } else {
+       // proceed knowing you require user login and/or authentication
+     }
+
+The login code is now:
+
+     $facebook = new Facebook(…);
+     $user = $facebook->getUser();
+     if ($user) {
+       // proceed knowing you have a logged in user who's authenticated
+     } else {
+       // proceed knowing you require user login and/or authentication
+     }
+

plugin/sns/facebook/composer.json

@@ -0,0 +1,22 @@
+{
+    "name": "facebook/php-sdk",
+    "description": "Facebook PHP SDK",
+    "keywords": ["facebook", "sdk"],
+    "type": "library",
+    "homepage": "https://github.com/facebook/facebook-php-sdk",
+    "license": "Apache2",
+    "authors": [
+        {
+            "name": "Facebook",
+            "homepage": "https://github.com/facebook/facebook-php-sdk/contributors"
+        }
+    ],
+    "require": {
+        "php": ">=5.2.0",
+        "ext-curl": "*",
+        "ext-json": "*"
+    },
+    "autoload": {
+        "classmap": ["src"]
+    }
+}

plugin/sns/facebook/examples/example.php

@@ -0,0 +1,102 @@
+<?php
+/**
+ * Copyright 2011 Facebook, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License. You may obtain
+ * a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+
+require '../src/facebook.php';
+
+// Create our Application instance (replace this with your appId and secret).
+$facebook = new Facebook(array(
+  'appId'  => '119146498278078',
+  'secret' => '311e0d6ff8ff43cfe0e75fe82d71777c',
+));
+
+// Get User ID
+$user = $facebook->getUser();
+
+// We may or may not have this data based on whether the user is logged in.
+//
+// If we have a $user id here, it means we know the user is logged into
+// Facebook, but we don't know if the access token is valid. An access
+// token is invalid if the user logged out of Facebook.
+
+if ($user) {
+  try {
+    // Proceed knowing you have a logged in user who's authenticated.
+    $user_profile = $facebook->api('/me');
+  } catch (FacebookApiException $e) {
+    error_log($e);
+    $user = null;
+  }
+}
+
+// Login or logout url will be needed depending on current user state.
+if ($user) {
+  $logoutUrl = $facebook->getLogoutUrl();
+} else {
+  $loginUrl = $facebook->getLoginUrl();
+}
+
+// This call will always work since we are fetching public data.
+$naitik = $facebook->api('/naitik');
+
+?>
+<!doctype html>
+<html xmlns:fb="http://www.facebook.com/2008/fbml">
+  <head>
+    <title>php-sdk</title>
+    <style>
+      body {
+        font-family: 'Lucida Grande', Verdana, Arial, sans-serif;
+      }
+      h1 a {
+        text-decoration: none;
+        color: #3b5998;
+      }
+      h1 a:hover {
+        text-decoration: underline;
+      }
+    </style>
+  </head>
+  <body>
+    <h1>php-sdk</h1>
+
+    <?php if ($user): ?>
+      <a href="<?php echo $logoutUrl; ?>">Logout</a>
+    <?php else: ?>
+      <div>
+        Login using OAuth 2.0 handled by the PHP SDK:
+        <a href="<?php echo $loginUrl; ?>">Login with Facebook</a>
+      </div>
+    <?php endif ?>
+
+    <h3>PHP Session</h3>
+    <pre><?php print_r($_SESSION); ?></pre>
+
+    <?php if ($user): ?>
+      <h3>You</h3>
+      <img src="https://graph.facebook.com/<?php echo $user; ?>/picture">
+
+      <h3>Your User Object (/me)</h3>
+      <pre><?php print_r($user_profile); ?></pre>
+    <?php else: ?>
+      <strong><em>You are not Connected.</em></strong>
+    <?php endif ?>
+
+    <h3>Public profile of Naitik</h3>
+    <img src="https://graph.facebook.com/naitik/picture">
+    <?php echo $naitik['name']; ?>
+  </body>
+</html>

plugin/sns/facebook/examples/with_js_sdk.php

@@ -0,0 +1,59 @@
+<?php
+
+require '../src/facebook.php';
+
+$facebook = new Facebook(array(
+  'appId'  => '344617158898614',
+  'secret' => '6dc8ac871858b34798bc2488200e503d',
+));
+
+// See if there is a user from a cookie
+$user = $facebook->getUser();
+
+if ($user) {
+  try {
+    // Proceed knowing you have a logged in user who's authenticated.
+    $user_profile = $facebook->api('/me');
+  } catch (FacebookApiException $e) {
+    echo '<pre>'.htmlspecialchars(print_r($e, true)).'</pre>';
+    $user = null;
+  }
+}
+
+?>
+<!DOCTYPE html>
+<html xmlns:fb="http://www.facebook.com/2008/fbml">
+  <body>
+    <?php if ($user) { ?>
+      Your user profile is
+      <pre>
+        <?php print htmlspecialchars(print_r($user_profile, true)) ?>
+      </pre>
+    <?php } else { ?>
+      <fb:login-button></fb:login-button>
+    <?php } ?>
+    <div id="fb-root"></div>
+    <script>
+      window.fbAsyncInit = function() {
+        FB.init({
+          appId: '<?php echo $facebook->getAppID() ?>',
+          cookie: true,
+          xfbml: true,
+          oauth: true
+        });
+        FB.Event.subscribe('auth.login', function(response) {
+          window.location.reload();
+        });
+        FB.Event.subscribe('auth.logout', function(response) {
+          window.location.reload();
+        });
+      };
+      (function() {
+        var e = document.createElement('script'); e.async = true;
+        e.src = document.location.protocol +
+          '//connect.facebook.net/en_US/all.js';
+        document.getElementById('fb-root').appendChild(e);
+      }());
+    </script>
+  </body>
+</html>

plugin/sns/facebook/readme.md

@@ -0,0 +1,85 @@
+Facebook PHP SDK (v.3.2.2)
+
+The [Facebook Platform](http://developers.facebook.com/) is
+a set of APIs that make your app more social.
+
+This repository contains the open source PHP SDK that allows you to
+access Facebook Platform from your PHP app. Except as otherwise noted,
+the Facebook PHP SDK is licensed under the Apache Licence, Version 2.0
+(http://www.apache.org/licenses/LICENSE-2.0.html).
+
+
+Usage
+-----
+
+The [examples][examples] are a good place to start. The minimal you'll need to
+have is:
+
+    require 'facebook-php-sdk/src/facebook.php';
+
+    $facebook = new Facebook(array(
+      'appId'  => 'YOUR_APP_ID',
+      'secret' => 'YOUR_APP_SECRET',
+    ));
+
+    // Get User ID
+    $user = $facebook->getUser();
+
+To make [API][API] calls:
+
+    if ($user) {
+      try {
+        // Proceed knowing you have a logged in user who's authenticated.
+        $user_profile = $facebook->api('/me');
+      } catch (FacebookApiException $e) {
+        error_log($e);
+        $user = null;
+      }
+    }
+
+Login or logout url will be needed depending on current user state.
+
+    if ($user) {
+      $logoutUrl = $facebook->getLogoutUrl();
+    } else {
+      $loginUrl = $facebook->getLoginUrl();
+    }
+
+[examples]: http://github.com/facebook/facebook-php-sdk/blob/master/examples/example.php
+[API]: http://developers.facebook.com/docs/api
+
+
+Tests
+-----
+
+In order to keep us nimble and allow us to bring you new functionality, without
+compromising on stability, we have ensured full test coverage of the SDK.
+We are including this in the open source repository to assure you of our
+commitment to quality, but also with the hopes that you will contribute back to
+help keep it stable. The easiest way to do so is to file bugs and include a
+test case.
+
+The tests can be executed by using this command from the base directory:
+
+    phpunit --stderr --bootstrap tests/bootstrap.php tests/tests.php
+
+
+Contributing
+===========
+For us to accept contributions you will have to first have signed the
+[Contributor License Agreement](https://developers.facebook.com/opensource/cla).
+
+When commiting, keep all lines to less than 80 characters, and try to
+follow the existing style.
+
+Before creating a pull request, squash your commits into a single commit.
+
+Add the comments where needed, and provide ample explanation in the
+commit message.
+
+
+Report Issues/Bugs
+===============
+[Bugs](https://developers.facebook.com/bugs)
+
+[Questions](http://facebook.stackoverflow.com)

plugin/sns/facebook/src/facebook.php

@@ -0,0 +1,160 @@
+<?php
+/**
+ * Copyright 2011 Facebook, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License. You may obtain
+ * a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations
+ * under the License.
+ */
+
+require_once "base_facebook.php";
+
+/**
+ * Extends the BaseFacebook class with the intent of using
+ * PHP sessions to store user ids and access tokens.
+ */
+class Facebook extends BaseFacebook
+{
+  const FBSS_COOKIE_NAME = 'fbss';
+
+  // We can set this to a high number because the main session
+  // expiration will trump this.
+  const FBSS_COOKIE_EXPIRE = 31556926; // 1 year
+
+  // Stores the shared session ID if one is set.
+  protected $sharedSessionID;
+
+  /**
+   * Identical to the parent constructor, except that
+   * we start a PHP session to store the user ID and
+   * access token if during the course of execution
+   * we discover them.
+   *
+   * @param Array $config the application configuration. Additionally
+   * accepts "sharedSession" as a boolean to turn on a secondary
+   * cookie for environments with a shared session (that is, your app
+   * shares the domain with other apps).
+   * @see BaseFacebook::__construct in facebook.php
+   */
+  public function __construct($config) {
+    if (!session_id()) {
+      session_start();
+    }
+    parent::__construct($config);
+    if (!empty($config['sharedSession'])) {
+      $this->initSharedSession();
+    }
+  }
+
+  protected static $kSupportedKeys =
+    array('state', 'code', 'access_token', 'user_id');
+
+  protected function initSharedSession() {
+    $cookie_name = $this->getSharedSessionCookieName();
+    if (isset($_COOKIE[$cookie_name])) {
+      $data = $this->parseSignedRequest($_COOKIE[$cookie_name]);
+      if ($data && !empty($data['domain']) &&
+          self::isAllowedDomain($this->getHttpHost(), $data['domain'])) {
+        // good case
+        $this->sharedSessionID = $data['id'];
+        return;
+      }
+      // ignoring potentially unreachable data
+    }
+    // evil/corrupt/missing case
+    $base_domain = $this->getBaseDomain();
+    $this->sharedSessionID = md5(uniqid(mt_rand(), true));
+    $cookie_value = $this->makeSignedRequest(
+      array(
+        'domain' => $base_domain,
+        'id' => $this->sharedSessionID,
+      )
+    );
+    $_COOKIE[$cookie_name] = $cookie_value;
+    if (!headers_sent()) {
+      $expire = time() + self::FBSS_COOKIE_EXPIRE;
+      setcookie($cookie_name, $cookie_value, $expire, '/', '.'.$base_domain);
+    } else {
+      // @codeCoverageIgnoreStart
+      self::errorLog(
+        'Shared session ID cookie could not be set! You must ensure you '.
+        'create the Facebook instance before headers have been sent. This '.
+        'will cause authentication issues after the first request.'
+      );
+      // @codeCoverageIgnoreEnd
+    }
+  }
+
+  /**
+   * Provides the implementations of the inherited abstract
+   * methods.  The implementation uses PHP sessions to maintain
+   * a store for authorization codes, user ids, CSRF states, and
+   * access tokens.
+   */
+  protected function setPersistentData($key, $value) {
+    if (!in_array($key, self::$kSupportedKeys)) {
+      self::errorLog('Unsupported key passed to setPersistentData.');
+      return;
+    }
+
+    $session_var_name = $this->constructSessionVariableName($key);
+    $_SESSION[$session_var_name] = $value;
+  }
+
+  protected function getPersistentData($key, $default = false) {
+    if (!in_array($key, self::$kSupportedKeys)) {
+      self::errorLog('Unsupported key passed to getPersistentData.');
+      return $default;
+    }
+
+    $session_var_name = $this->constructSessionVariableName($key);
+    return isset($_SESSION[$session_var_name]) ?
+      $_SESSION[$session_var_name] : $default;
+  }
+
+  protected function clearPersistentData($key) {
+    if (!in_array($key, self::$kSupportedKeys)) {
+      self::errorLog('Unsupported key passed to clearPersistentData.');
+      return;
+    }
+
+    $session_var_name = $this->constructSessionVariableName($key);
+    unset($_SESSION[$session_var_name]);
+  }
+
+  protected function clearAllPersistentData() {
+    foreach (self::$kSupportedKeys as $key) {
+      $this->clearPersistentData($key);
+    }
+    if ($this->sharedSessionID) {
+      $this->deleteSharedSessionCookie();
+    }
+  }
+
+  protected function deleteSharedSessionCookie() {
+    $cookie_name = $this->getSharedSessionCookieName();
+    unset($_COOKIE[$cookie_name]);
+    $base_domain = $this->getBaseDomain();
+    setcookie($cookie_name, '', 1, '/', '.'.$base_domain);
+  }
+
+  protected function getSharedSessionCookieName() {
+    return self::FBSS_COOKIE_NAME . '_' . $this->getAppId();
+  }
+
+  protected function constructSessionVariableName($key) {
+    $parts = array('fb', $this->getAppId(), $key);
+    if ($this->sharedSessionID) {
+      array_unshift($parts, $this->sharedSessionID);
+    }
+    return implode('_', $parts);
+  }
+}

plugin/sns/facebook/tests/bootstrap.php

@@ -0,0 +1,5 @@
+<?php
+
+$base = realpath(dirname(__FILE__) . '/..');
+require "$base/src/base_facebook.php";
+require "$base/src/facebook.php";