Issues in fb-callback.php - Fixed Issues - Inspection of "basic commit" - TheRakeshPurohit/rtCamp - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 02eff1...3c036d )

by Rakesh

created 2019-04-16 02:47 UTC

fb-callback.php (1 issue)

Labels

Best Practice 1

Severity

Minor 1

<?php

require_once 'appconfig.php';

    $fb = new Facebook\Facebook([
      'app_id' => $appId,
      'app_secret' => $appSecret,
      'default_graph_version' => 'v3.2',
      ]);
    
    $helper = $fb->getRedirectLoginHelper();

try {
  $accessToken = $helper->getAccessToken();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
  // When Graph returns an error
  echo 'Graph returned an error: ' . $e->getMessage();
  exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
  // When validation fails or other local issues
  echo 'Facebook SDK returned an error: ' . $e->getMessage();
  exit;
}

if (! isset($accessToken)) {
  if ($helper->getError()) {
    header('HTTP/1.0 401 Unauthorized');
    echo "Error: " . $helper->getError() . "\n";
    echo "Error Code: " . $helper->getErrorCode() . "\n";
    echo "Error Reason: " . $helper->getErrorReason() . "\n";
    echo "Error Description: " . $helper->getErrorDescription() . "\n";
  } else {
    header('HTTP/1.0 400 Bad Request');
    echo 'Bad request';
  }
  exit;
}

// Logged in
echo '<h3>Access Token</h3>';
var_dump($accessToken->getValue());

// The OAuth 2.0 client handler helps us manage access tokens
$oAuth2Client = $fb->getOAuth2Client();

// Get the access token metadata from /debug_token
$tokenMetadata = $oAuth2Client->debugToken($accessToken);
echo '<h3>Metadata</h3>';
var_dump($tokenMetadata);

// Validation (these will throw FacebookSDKException's when they fail)
$tokenMetadata->validateAppId($appId); // Replace {app-id} with your app id
// If you know the user ID this access token belongs to, you can validate it here
//$tokenMetadata->validateUserId('123');
$tokenMetadata->validateExpiration();

if (! $accessToken->isLongLived()) {
  // Exchanges a short-lived access token for a long-lived one
  try {
    $accessToken = $oAuth2Client->getLongLivedAccessToken($accessToken);
  } catch (Facebook\Exceptions\FacebookSDKException $e) {
    echo "<p>Error getting long-lived access token: " . $e->getMessage() . "</p>\n\n";
    exit;
  }

  echo '<h3>Long-lived</h3>';
  var_dump($accessToken->getValue());
}

$_SESSION['fb_access_token'] = (string) $accessToken;

  header("Location:member.php");
?>


1			<?php
2
3			require_once 'appconfig.php';
4
5			$fb = new Facebook\Facebook([
6			'app_id' => $appId,
7			'app_secret' => $appSecret,
8			'default_graph_version' => 'v3.2',
9			]);
10
11			$helper = $fb->getRedirectLoginHelper();
12
13			try {
14			$accessToken = $helper->getAccessToken();
15			} catch(Facebook\Exceptions\FacebookResponseException $e) {
16			// When Graph returns an error
17			echo 'Graph returned an error: ' . $e->getMessage();
18			exit;
19			} catch(Facebook\Exceptions\FacebookSDKException $e) {
20			// When validation fails or other local issues
21			echo 'Facebook SDK returned an error: ' . $e->getMessage();
22			exit;
23			}
24
25			if (! isset($accessToken)) {
26			if ($helper->getError()) {
27			header('HTTP/1.0 401 Unauthorized');
28			echo "Error: " . $helper->getError() . "\n";
29			echo "Error Code: " . $helper->getErrorCode() . "\n";
30			echo "Error Reason: " . $helper->getErrorReason() . "\n";
31			echo "Error Description: " . $helper->getErrorDescription() . "\n";
32			} else {
33			header('HTTP/1.0 400 Bad Request');
34			echo 'Bad request';
35			}
36			exit;
37			}
38
39			// Logged in
40			echo '<h3>Access Token</h3>';
41			var_dump($accessToken->getValue());
42
43			// The OAuth 2.0 client handler helps us manage access tokens
44			$oAuth2Client = $fb->getOAuth2Client();
45
46			// Get the access token metadata from /debug_token
47			$tokenMetadata = $oAuth2Client->debugToken($accessToken);
48			echo '<h3>Metadata</h3>';
49			var_dump($tokenMetadata);
50
51			// Validation (these will throw FacebookSDKException's when they fail)
52			$tokenMetadata->validateAppId($appId); // Replace {app-id} with your app id
53			// If you know the user ID this access token belongs to, you can validate it here
54			//$tokenMetadata->validateUserId('123');
55			$tokenMetadata->validateExpiration();
56
57			if (! $accessToken->isLongLived()) {
58			// Exchanges a short-lived access token for a long-lived one
59			try {
60			$accessToken = $oAuth2Client->getLongLivedAccessToken($accessToken);
61			} catch (Facebook\Exceptions\FacebookSDKException $e) {
62			echo "<p>Error getting long-lived access token: " . $e->getMessage() . "</p>\n\n";
63			exit;
64			}
65
66			echo '<h3>Long-lived</h3>';
67			var_dump($accessToken->getValue());
68			}
69
70			$_SESSION['fb_access_token'] = (string) $accessToken;
71
72			header("Location:member.php");
73			?>
			0 ignored issues – show Best Practice introduced 2019-04-07 04:35 UTC by Report Bug Copy Issue Report Show Similar Issues like this It is not recommended to use PHP's closing tag `?>` in files other than templates. Using a closing tag in PHP files that only contain PHP code is not recommended as you might accidentally add whitespace after the closing tag which would then be output by PHP. This can cause severe problems, for example headers cannot be sent anymore. A simple precaution is to leave off the closing tag as it is not required, and it also has no negative effects whatsoever. Loading history...

TheRakeshPurohit / rtCamp

Push — master ( 02eff1...3c036d )

fb-callback.php (1 issue)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like