Overview

Namespaces

  • None
  • PHP

Classes

  • BaseFacebook
  • Facebook

Exceptions

  • FacebookApiException
  • Overview
  • Namespace
  • Class
  • Tree

Class BaseFacebook

Provides access to the Facebook Platform. This class provides a majority of the functionality needed, but the class is abstract because it is designed to be sub-classed. The subclass must implement the four abstract methods listed at the bottom of the file.

Direct known subclasses

Facebook
Abstract
Author: Naitik Shah <naitik@facebook.com>
Located at base_facebook.php
Methods summary
public
# __construct( array $config )

Initialize a Facebook Application.

Initialize a Facebook Application.

The configuration:

  • appId: the application ID
  • secret: the application secret
  • fileUpload: (optional) boolean indicating if file uploads are enabled

Parameters

$config
array
The application configuration
public BaseFacebook
# setAppId( string $appId )

Set the Application ID.

Set the Application ID.

Parameters

$appId
string
The Application ID

Returns

BaseFacebook
public string
# getAppId( )

Get the Application ID.

Get the Application ID.

Returns

string
the Application ID
public BaseFacebook
# setAppSecret( string $appSecret )

Set the App Secret.

Set the App Secret.

Parameters

$appSecret
string
The App Secret

Returns

BaseFacebook
public string
# getAppSecret( )

Get the App Secret.

Get the App Secret.

Returns

string
the App Secret
public BaseFacebook
# setFileUploadSupport( boolean $fileUploadSupport )

Set the file upload support status.

Set the file upload support status.

Parameters

$fileUploadSupport
boolean
The file upload support status.

Returns

BaseFacebook
public boolean
# getFileUploadSupport( )

Get the file upload support status.

Get the file upload support status.

Returns

boolean
true if and only if the server supports file upload.
public boolean
# useFileUploadSupport( )

DEPRECATED! Please use getFileUploadSupport instead.

DEPRECATED! Please use getFileUploadSupport instead.

Get the file upload support status.

Returns

boolean
true if and only if the server supports file upload.
public BaseFacebook
# setAccessToken( string $access_token )

Sets the access token for api calls. Use this if you get your access token by other means and just want the SDK to use it.

Sets the access token for api calls. Use this if you get your access token by other means and just want the SDK to use it.

Parameters

$access_token
string
an access token.

Returns

BaseFacebook
public string
# getAccessToken( )

Determines the access token that should be used for API calls. The first time this is called, $this->accessToken is set equal to either a valid user access token, or it's set to the application access token if a valid user access token wasn't available. Subsequent calls return whatever the first call returned.

Determines the access token that should be used for API calls. The first time this is called, $this->accessToken is set equal to either a valid user access token, or it's set to the application access token if a valid user access token wasn't available. Subsequent calls return whatever the first call returned.

Returns

string
The access token
protected string
# getUserAccessToken( )

Determines and returns the user access token, first using the signed request if present, and then falling back on the authorization code if present. The intent is to return a valid user access token, or false if one is determined to not be available.

Determines and returns the user access token, first using the signed request if present, and then falling back on the authorization code if present. The intent is to return a valid user access token, or false if one is determined to not be available.

Returns

string
A valid user access token, or false if one could not be determined.
public string
# getSignedRequest( )

Retrieve the signed request, either from a request parameter or, if not present, from a cookie.

Retrieve the signed request, either from a request parameter or, if not present, from a cookie.

Returns

string
the signed request, if available, or null otherwise.
public string
# getUser( )

Get the UID of the connected user, or 0 if the Facebook user is not connected.

Get the UID of the connected user, or 0 if the Facebook user is not connected.

Returns

string
the UID if available.
protected integer
# getUserFromAvailableData( )

Determines the connected user by first examining any signed requests, then considering an authorization code, and then falling back to any persistent store storing the user.

Determines the connected user by first examining any signed requests, then considering an authorization code, and then falling back to any persistent store storing the user.

Returns

integer
The id of the connected Facebook user, or 0 if no such user exists.
public string
# getLoginUrl( array $params = array() )

Get a Login URL for use with redirects. By default, full page redirect is assumed. If you are using the generated URL with a window.open() call in JavaScript, you can pass in display=popup as part of the $params.

Get a Login URL for use with redirects. By default, full page redirect is assumed. If you are using the generated URL with a window.open() call in JavaScript, you can pass in display=popup as part of the $params.

The parameters:

  • redirect_uri: the url to go to after a successful login
  • scope: comma separated list of requested extended perms

Parameters

$params
array
Provide custom parameters

Returns

string
The URL for the login flow
public string
# getLogoutUrl( array $params = array() )

Get a Logout URL suitable for use with redirects.

Get a Logout URL suitable for use with redirects.

The parameters:

  • next: the url to go to after a successful logout

Parameters

$params
array
Provide custom parameters

Returns

string
The URL for the logout flow
public string
# getLoginStatusUrl( array $params = array() )

Get a login status URL to fetch the status from Facebook.

Get a login status URL to fetch the status from Facebook.

The parameters:

  • ok_session: the URL to go to if a session is found
  • no_session: the URL to go to if the user is not connected
  • no_user: the URL to go to if the user is not signed into facebook

Parameters

$params
array
Provide custom parameters

Returns

string
The URL for the logout flow
public mixed
# api( )

Make an API call.

Make an API call.

Returns

mixed
The decoded response
protected string
# getSignedRequestCookieName( )

Constructs and returns the name of the cookie that potentially houses the signed request for the app user. The cookie is not set by the BaseFacebook class, but it may be set by the JavaScript SDK.

Constructs and returns the name of the cookie that potentially houses the signed request for the app user. The cookie is not set by the BaseFacebook class, but it may be set by the JavaScript SDK.

Returns

string
the name of the cookie that would house the signed request value.
protected string
# getMetadataCookieName( )

Constructs and returns the name of the coookie that potentially contain metadata. The cookie is not set by the BaseFacebook class, but it may be set by the JavaScript SDK.

Constructs and returns the name of the coookie that potentially contain metadata. The cookie is not set by the BaseFacebook class, but it may be set by the JavaScript SDK.

Returns

string
the name of the cookie that would house metadata.
protected mixed
# getCode( )

Get the authorization code from the query parameters, if it exists, and otherwise return false to signal no authorization code was discoverable.

Get the authorization code from the query parameters, if it exists, and otherwise return false to signal no authorization code was discoverable.

Returns

mixed
The authorization code, or false if the authorization code could not be determined.
protected integer
# getUserFromAccessToken( )

Retrieves the UID with the understanding that $this->accessToken has already been set and is seemingly legitimate. It relies on Facebook's Graph API to retrieve user information and then extract the user ID.

Retrieves the UID with the understanding that $this->accessToken has already been set and is seemingly legitimate. It relies on Facebook's Graph API to retrieve user information and then extract the user ID.

Returns

integer
Returns the UID of the Facebook user, or 0 if the Facebook user could not be determined.
protected string
# getApplicationAccessToken( )

Returns the access token that should be used for logged out users when no authorization code is available.

Returns the access token that should be used for logged out users when no authorization code is available.

Returns

string
The application access token, useful for gathering public information about users and applications.
protected
# establishCSRFTokenState( )

Lays down a CSRF state token for this process.

Lays down a CSRF state token for this process.

protected mixed
# getAccessTokenFromCode( string $code, $redirect_uri = null )

Retrieves an access token for the given authorization code (previously generated from www.facebook.com on behalf of a specific user). The authorization code is sent to graph.facebook.com and a legitimate access token is generated provided the access token and the user for which it was generated all match, and the user is either logged in to Facebook or has granted an offline access permission.

Retrieves an access token for the given authorization code (previously generated from www.facebook.com on behalf of a specific user). The authorization code is sent to graph.facebook.com and a legitimate access token is generated provided the access token and the user for which it was generated all match, and the user is either logged in to Facebook or has granted an offline access permission.

Parameters

$code
string
An authorization code.
$redirect_uri

Returns

mixed
An access token exchanged for the authorization code, or false if an access token could not be generated.
protected mixed
# _restserver( array $params )

Invoke the old restserver.php endpoint.

Invoke the old restserver.php endpoint.

Parameters

$params
array
Method call object

Returns

mixed
The decoded response object

Throws

FacebookApiException
protected boolean
# isVideoPost( string $path, string $method = 'GET' )

Return true if this is video post.

Return true if this is video post.

Parameters

$path
string
The path
$method
string
The http method (default 'GET')

Returns

boolean
true if this is video post
protected mixed
# _graph( string $path, string $method = 'GET', array $params = array() )

Invoke the Graph API.

Invoke the Graph API.

Parameters

$path
string
The path (required)
$method
string
The http method (default 'GET')
$params
array
The query/post data

Returns

mixed
The decoded response object

Throws

FacebookApiException
protected string
# _oauthRequest( string $url, array $params )

Make a OAuth Request.

Make a OAuth Request.

Parameters

$url
string
The path (required)
$params
array
The query/post data

Returns

string
The decoded response object

Throws

FacebookApiException
protected string
# makeRequest( string $url, array $params, CurlHandler $ch = null )

Makes an HTTP request. This method can be overridden by subclasses if developers want to do fancier things or use something other than curl to make the request.

Makes an HTTP request. This method can be overridden by subclasses if developers want to do fancier things or use something other than curl to make the request.

Parameters

$url
string
The URL to make the request to
$params
array
The parameters to use for the POST body
$ch
CurlHandler
Initialized curl handle

Returns

string
The response text
protected array
# parseSignedRequest( string $signed_request )

Parses a signed_request and validates the signature.

Parses a signed_request and validates the signature.

Parameters

$signed_request
string
A signed token

Returns

array
The payload inside it or null if the sig is wrong
protected string
# getApiUrl( $method $method )

Build the URL for api given parameters.

Build the URL for api given parameters.

Parameters

$method
$method
String the method name.

Returns

string
The URL for the given parameters
protected string
# getUrl( $name $name, $path $path = '', $params $params = array() )

Build the URL for given domain alias, path and parameters.

Build the URL for given domain alias, path and parameters.

Parameters

$name
$name
string The name of the domain
$path
$path
string Optional path (without a leading slash)
$params
$params
array Optional query parameters

Returns

string
The URL for the given parameters
protected string
# getCurrentUrl( )

Returns the Current URL, stripping it of known FB parameters that should not persist.

Returns the Current URL, stripping it of known FB parameters that should not persist.

Returns

string
The current URL
protected boolean
# shouldRetainParam( string $param )

Returns true if and only if the key or key/value pair should be retained as part of the query string. This amounts to a brute-force search of the very small list of Facebook-specific params that should be stripped out.

Returns true if and only if the key or key/value pair should be retained as part of the query string. This amounts to a brute-force search of the very small list of Facebook-specific params that should be stripped out.

Parameters

$param
string
A key or key/value pair within a URL's query (e.g. 'foo=a', 'foo=', or 'foo'.

Returns

boolean
protected
# throwAPIException( $result $result )

Analyzes the supplied result to see if it was thrown because the access token is no longer valid. If that is the case, then we destroy the session.

Analyzes the supplied result to see if it was thrown because the access token is no longer valid. If that is the case, then we destroy the session.

Parameters

$result
$result
array A record storing the error message returned by a failed API call.
protected static
# errorLog( string $msg )

Prints to the error log if you aren't in command line mode.

Prints to the error log if you aren't in command line mode.

Parameters

$msg
string
Log message
protected static string
# base64UrlDecode( string $input )

Base64 encoding that doesn't need to be urlencode()ed. Exactly the same as base64_encode except it uses

  • instead of +

_ instead of /

Base64 encoding that doesn't need to be urlencode()ed. Exactly the same as base64_encode except it uses

  • instead of +

_ instead of /

Parameters

$input
string
base64UrlEncoded string

Returns

string
public
# destroySession( )

Destroy the current session

Destroy the current session

protected an
# getMetadataCookie( )

Parses the metadata cookie that our Javascript API set

Parses the metadata cookie that our Javascript API set

Returns

an
array mapping key to value
abstract protected
# setPersistentData( string $key, array $value )

Stores the given ($key, $value) pair, so that future calls to getPersistentData($key) return $value. This call may be in another request.

Stores the given ($key, $value) pair, so that future calls to getPersistentData($key) return $value. This call may be in another request.

Parameters

$key
string
$value
array
abstract protected mixed
# getPersistentData( string $key, boolean $default = false )

Get the data for $key, persisted by BaseFacebook::setPersistentData()

Get the data for $key, persisted by BaseFacebook::setPersistentData()

Parameters

$key
string
The key of the data to retrieve
$default
boolean
The default value to return if $key is not found

Returns

mixed
abstract protected
# clearPersistentData( string $key )

Clear the data with $key from the persistent storage

Clear the data with $key from the persistent storage

Parameters

$key
string
abstract protected
# clearAllPersistentData( )

Clear all data from the persistent storage

Clear all data from the persistent storage

Constants summary
string VERSION '3.1.1'
#

Version.

Version.

Properties summary
public static array $CURL_OPTS array( CURLOPT_CONNECTTIMEOUT => 10, CURLOPT_RETURNTRANSFER => true, CURLOPT_TIMEOUT => 60, CURLOPT_USERAGENT => 'facebook-php-3.1', )
#

Default options for curl.

Default options for curl.

protected static array $DROP_QUERY_PARAMS array( 'code', 'state', 'signed_request', )
#

List of query parameters that get automatically dropped when rebuilding the current URL.

List of query parameters that get automatically dropped when rebuilding the current URL.

public static array $DOMAIN_MAP array( 'api' => 'https://api.facebook.com/', 'api_video' => 'https://api-video.facebook.com/', 'api_read' => 'https://api-read.facebook.com/', 'graph' => 'https://graph.facebook.com/', 'graph_video' => 'https://graph-video.facebook.com/', 'www' => 'https://www.facebook.com/', )
#

Maps aliases to Facebook domains.

Maps aliases to Facebook domains.

protected string $appId
#

The Application ID.

The Application ID.

protected string $appSecret
#

The Application App Secret.

The Application App Secret.

protected integer $user
#

The ID of the Facebook user, or 0 if the user is logged out.

The ID of the Facebook user, or 0 if the user is logged out.

protected $signedRequest
#

The data from the signed_request token.

The data from the signed_request token.

protected $state
#

A CSRF state variable to assist in the defense against CSRF attacks.

A CSRF state variable to assist in the defense against CSRF attacks.

protected string $accessToken null
#

The OAuth access token received in exchange for a valid authorization code. null means the access token has yet to be determined.

The OAuth access token received in exchange for a valid authorization code. null means the access token has yet to be determined.

protected boolean $fileUploadSupport false
#

Indicates if the CURL based @ syntax for file uploads is enabled.

Indicates if the CURL based @ syntax for file uploads is enabled.

Facebook PHP SDK (v.3.1.1) API documentation generated by ApiGen 2.5.0