summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorZach Copley <zach@controlyourself.ca>2008-12-07 19:55:22 -0500
committerZach Copley <zach@controlyourself.ca>2008-12-07 19:55:22 -0500
commitff766572e7f4940d66137f7dd0d8f09df1fbaf1c (patch)
treed4eb8ce26b7a842045aae833197e981b97855b78
parentbdb27cfce8337e96ccafc52721e3d41de9b02e0e (diff)
trac750 Remove foreign link when Facebook user removes our app
darcs-hash:20081208005522-7b5ce-84325ed13fd5e59ac07640089806a507c7168170.gz
-rw-r--r--actions/facebookremove.php65
-rw-r--r--htaccess.sample1
2 files changed, 66 insertions, 0 deletions
diff --git a/actions/facebookremove.php b/actions/facebookremove.php
new file mode 100644
index 000000000..2a7bdd03e
--- /dev/null
+++ b/actions/facebookremove.php
@@ -0,0 +1,65 @@
+<?php
+/*
+ * Laconica - a distributed open-source microblogging tool
+ * Copyright (C) 2008, Controlez-Vous, Inc.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+if (!defined('LACONICA')) { exit(1); }
+
+require_once(INSTALLDIR.'/lib/facebookaction.php');
+
+class FacebookremoveAction extends FacebookAction {
+
+ function handle($args) {
+ parent::handle($args);
+
+ $secret = common_config('facebook', 'secret');
+
+ $sig = '';
+
+ ksort($_POST);
+
+ foreach ($_POST as $key => $val) {
+ if (substr($key, 0, 7) == 'fb_sig_') {
+ $sig .= substr($key, 7) . '=' . $val;
+ }
+ }
+
+ $sig .= $secret;
+ $verify = md5($sig);
+
+ if ($verify == $this->arg('fb_sig')) {
+
+ $flink = Foreign_link::getByForeignID($this->arg('fb_sig_user'), 2);
+
+ common_debug("Removing foreign link to Facebook - local user ID: $flink->user_id, Facebook ID: $flink->foreign_id");
+
+ $result = $flink->delete();
+
+ if (!$result) {
+ common_log_db_error($flink, 'DELETE', __FILE__);
+ common_server_error(_('Couldn\'t remove Facebook user.'));
+ return;
+ }
+
+ } else {
+ # Someone bad tried to remove facebook link?
+ common_log(LOG_ERR, "Someone from $_SERVER[REMOTE_ADDR] " .
+ 'unsuccessfully tried to remove a foreign link to Facebook!');
+ }
+ }
+
+}
diff --git a/htaccess.sample b/htaccess.sample
index b15ab664f..bd29d318f 100644
--- a/htaccess.sample
+++ b/htaccess.sample
@@ -26,6 +26,7 @@ RewriteRule ^facebook/$ index.php?action=facebookhome [L,QSA]
RewriteRule ^facebook/index.php$ index.php?action=facebookhome [L,QSA]
RewriteRule ^facebook/settings.php$ index.php?action=facebooksettings [L,QSA]
RewriteRule ^facebook/invite.php$ index.php?action=facebookinvite [L,QSA]
+RewriteRule ^facebook/remove$ index.php?action=facebookremove [L,QSA]
RewriteRule ^main/login$ index.php?action=login [L,QSA]
RewriteRule ^main/logout$ index.php?action=logout [L,QSA]