I have a very strainge issue with Joomla 2.5 and I can't find any answer.
I have a page with some links. Each links are like www.myhost.com/joomla/custom_dev/myscript.php?foo=bar. myscript.php is an external script which is not a part of Joomla but I need Joomla's framework for some functions.
So I use the classical code :
// Get Joomla! framework
define( '_JEXEC', 1 );
define( '_VALID_MOS', 1 );
define( 'JPATH_BASE', realpath(dirname(__FILE__).'/../../'));
define( 'DS', DIRECTORY_SEPARATOR );
require_once ( JPATH_BASE .DS.'includes'.DS.'defines.php' );
require_once ( JPATH_BASE .DS.'includes'.DS.'framework.php' );
$mainframe =& JFactory::getApplication('site');
$mainframe->initialise();
It works great on my test environment.
But on the live server, I got a 404 error. With FireBug, I saw that the link to the external file doesn't work at all : it goes to a 303 redirection, then to a 404 error.
I tried many things... and now I've found what causes this issue :
$mainframe->initialise();
Without this line, there is no redirection and the link works. But I have not the framework functions (and I need them !).
I also tried to access directly to my script.
www.myhost.com/joomla/custom_dev/myscript.php?foo=bar with $mainframe->initialise() -> got a 404 error (caused by many 303 redirections)
www.myhost.com/joomla/custom_dev/myscript.php?foo=bar without $mainframe->initialise() -> no error, displays what can be displayed without Joomla's framework...
I hope I was clear enough !
EDIT : I have deleted my custom 404 page, and the true 404 reason is that the category is not found. When I try www.myhost.com/joomla/custom_dev/another_script.php I have no error.
EDIT 2 : Another info : it seems that when I use $mainframe->initialise(), it automatically add the language somewhere in my URL, so it becomes www.myhost.com/joomla/custom_dev/en/myscript.php?foo=bar
Try using this with a few tweaks and removals:
define('_JEXEC', 1);
define('JPATH_BASE', realpath(dirname(__FILE__)));
require_once ( JPATH_BASE .'/includes/defines.php' );
require_once ( JPATH_BASE .'/includes/framework.php' );
require_once ( JPATH_BASE .'/libraries/joomla/factory.php' );
Related
I am trying to implement Facebook Login to my project however I receive an error:
ClientException in Middleware.php line 69:
Client error: 400
in /Applications/MAMP/htdocs/laratest/vendor/guzzlehttp/guzzle/src/Middleware.php line 69
at Middleware::GuzzleHttp{closure}(object(Response)) in Promise.php line 199
at Promise::callHandler('1', object(Response), array(object(Promise), object(Closure), null)) in Promise.php line 152
at Promise::GuzzleHttp\Promise{closure}() in TaskQueue.php line 60
at TaskQueue->run() in CurlMultiHandler.php line 96
Steps I've gone through:
composer require laravel/socialite & composer update.
In my config>services.app,
'facebook' => [
'client_id' => env('FB_CLIENT_ID'),
'client_secret' => env('FB_SECRET_ID'),
'redirect' => 'http://localhost.com:8888',
],
Added
Laravel\Socialite\SocialiteServiceProvider::class, & 'Socialite' => Laravel\Socialite\Facades\Socialite::class, in config>app.php
Set up the routes successfully.
Route::get('auth/facebook', 'Auth\AuthController#redirectToProvider');
Route::get('auth/facebook', 'Auth\AuthController#handleProviderCallback');
Setup the link successfully in my blade file. Login with Facebook
In my Controller>AuthController.php, I added:
use Laravel\Socialite\Facades\Socialite;
** Beside everything that AuthController has, inside the AuthController class, I added:**
public function redirectToProvider()
{
return Socialite::driver('facebook')
->scopes(['scope1', 'scope2'])->redirect();
}
/**
* Obtain the user information from Facebook.
*
* #return Response
*/
public function handleProviderCallback()
{
$user = Socialite::driver('facebook')->user();
// $user->token;
}
Also users table:
public function up()
{
Schema::create('users', function (Blueprint $table) {
$table->increments('id');
$table->string('username');
$table->string('name');
$table->string('email')->unique();
$table->string('password', 60);
$table->string('avatar');
$table->string('provider');
$table->string('provider_id');
$table->rememberToken();
$table->timestamps();
});
}
Edit:
When I comment out $user = Socialite::driver('facebook')->user(); part, I get redirected to localhost.com/auth/facebook
Edit 2:
My .env file:
'facebook' => [
FB_CLIENT_ID => '###',
FB_SECRET_ID => 'this-is-secret!',
],
I think your two routes should not have the same URL, because Laravel has no way to know which to use.
Facebook returns a ?code parameter, so make use of it! If ?code is included, then handle the login logic from Socialite, if not, redirect to Facebook.
You have two unknown scopes in your code, scope1 and scope2, those are unknown to Facebook and will return an error when trying to access them. Use real scopes like public_profile or email and you should be set. (scopes are the permissions you are requesting)
Make sure Laravel is calling properly your config entries with
php artisan config:clear
And also check your .env file for FB_CLIENT_ID and FB_SECRET_ID entries. Probably client's failing because it's trying to connect to facebook without client and secret, falling into an exception.
I've had the same problem(ClientException in Middleware.php line 69: Client error: 400).
I just switch off "Require App Secret " in the facebook's advanced settings and this solved the problem. Maybe this information will be helpful.
I had a similar problem with Facebook APi - it gave Response code 400
and Ive just tried:
composer require laravel/socialite & composer update
and it updated dependencis:
Updating dependencies (including require-dev)
- Removing laravel/socialite (v2.0.11)
- Installing laravel/socialite (v2.0.14)
Im Using Laravel 5.1:
composer.json:
"laravel/framework": "5.1.*",
"laravel/socialite": "^2.0"
And it seems to work fine now
Hope this helps someone
In facebook documantion
require('include/facebook/autoload.php'); //SDK directory
$fb = new Facebook\Facebook([
'app_id' => '***********',
'app_secret' => '***********************'
]);
$helper = $fb->getRedirectLoginHelper();
$permissions = ['email', 'public_profile']; // optional
$loginUrl = $helper->getLoginUrl('http://www.meusite.com.br/login-callback.php', $permissions);
When direct it to the url $loginUrl, the return is:
Facebook SDK returned an error: Cross-site request forgery validation failed. The "state" param from the URL and session do not match
I had the same error.
The problem occurred because I did getLoginUrl(...) before getAccessToken()
So rid of getLoginUrl(...) in redirected URL and code should works.
I had the same issue and for me that error was occurring because I did not put session_start(); in my login.php page code before calling getLoginUrl(..) and also at the top of login-callback.php page.
Just put session_start(); in your "login" page and "login-callback" page and it will work surely just like it is working for me now.
There could be 2 reason for this error:
you didn't call session_start(); before getLoginUrl call
You executed getLoginUrl again in login-callback.php, so state value regenerated and mismatched with the redirected value
Possible Fixes : I used the following configuration settings .
Enable WebAuthLogin under the advanced tab . Provide the url in the WebAuthLogin settins as same as that you provide in $loginUrl ;
For example if you use $loginUrl as https://example.com/ use that same in the WebAuthlogin Url
$loginUrl = $helper->getLoginUrl('https://example.com/', $permissions);
This problem occures also in case that you generate 2 or more login links on the same page (e.g. one for login and other for registration - even both point to the same url, they have just different labels).
Facebook SDK creates/updates $_SESSION[FBRLH_state] for each new generated loginURL. So if there are 2 generated URLs (using $helper->getLoginUrl()) then the $_SESSION[FBRLH_state] is 2-times rewritten and valid only for the last generated URL. Previous login URL becomes invalid. It means that it is not possible to generate 2 valid loginURLs. In case that 2 same URLs are generated then return the first one and avoid call of Facebook SDK for generation of second one.
I had the same problem.
The reason for this error is because --->
When "$helper->getLoginUrl" calls, it create a session variable "FB_State", and this is something to FB uses to match the token. Every-time getLoginUrl calls, it create new state. Then after user authorized and redirect back, if you codes cannot detect this event and re-run "$helper->getLoginUrl", then this error will occur.
The solution ->
refine your coding, stop run "$helper->getLoginUrl" again if authorized.
if you already rerun, then set the session variable for the token to NULL if you have, then User can re-authorize again.
when user tries re-authorize, they can remove the authorized APP once or you need to generate new link with "$helper->getReRequestUrl"
Yet, token has be called by "getAccessToken()" before the "$helper->getLoginUrl" or "$helper->getReRequestUrl" runs.
Good Luck!!!!!
Finally, looking into FB code, I discovered that the problem "Cross-site request forgery validation failed. Required param “state” missing" and similars are caused by PHP variable $_SESSION['FBRLH_state'] that for some "strange" reason when FB call the login-callback file.
To solve it I store this variable "FBRLH_state" AFTER the call of function $helper->getLoginUrl(...). Is very important to do only after the call of this function due to is inside this function when the variable $_SESSION['FBRLH_state'] is populated.
Below an example of my code in the login.php:
$uri=$helper->getLoginUrl($uri, $permissions);
foreach ($_SESSION as $k=>$v) {
if(strpos($k, "FBRLH_")!==FALSE) {
if(!setcookie($k, $v)) {
//what??
} else {
$_COOKIE[$k]=$v;
}
}
}
var_dump($_COOKIE);
And in the login-callback.php before calling all FB code:
foreach ($_COOKIE as $k=>$v) {
if(strpos($k, "FBRLH_")!==FALSE) {
$_SESSION[$k]=$v;
}
}
Last, but not least, remember also to include code for PHP session so..
if(!session_id()) {
session_start();
}
...
...
...
...
<?php session_write_close() ?>
I hope this response can help you to save 8-10 hours of work :)
Bye, Alex.
This issue was a bit confusing for me, because I had to change a line at the facebook src file:
src/Facebook/Helpers/FacebookRedirectLoginHelper.php
at the function: "validateCsrf" like this:
if ($result !== 0) {
throw new FacebookSDKException('Cross-site request forgery validation failed. The "state" param from the URL and session do not match.');
}
And change it into:
if ($result === 0) {
throw new FacebookSDKException('Cross-site request forgery validation failed. The "state" param from the URL and session do not match.');
}
I don't know if this makes a violation to the facebook SDK security, so I truly opened to any exlanation or recommendation for this answer.
You may also make the following changes at the facebook app manager:
add your site and callback-url into your facebook app account at:
setting->advanced:Valid OAuth redirect URIs
Don't forget to add another url with slash (/) at the end of each url and check all 4 checkboxes at Client OAuth Settings.
I had the same error. Are you using 1 file or 2? I was trying to get by using 1 file but my error was resolved when I split into login.php & fb-callback.php as the documentation recommended. My sessions were being re-written so the state was never saved properly.
Good luck!
Happens when the session in missing a needed variable.
might be caused by several things.
In my case I left the "www" out of the callback URL
You could actually be parsing the data from another domain... for example:
website.com is different from www .website.com
If you're parsing data from http ://website.com/login.php to http://www.website.com/fb-callback.php this would be a cross-domain problem and the error you are receiving would be because of that....
http ://website.com and http ://www.website.com are the same but the script identifies them as different..... hope that gives insight to the problem.
Sorry for such a bad question but I spend 2 hours without any success. Zend Docs are horrible ...
I have found this Zend_Gdata library and Picasa data API -- loader.php file missing, but its crashing at line 2 Class 'Application\Controller\Zend\Loader\StandardAutoloader' not found, which obviously isn't the correct path.
I am not sure why ZF does not use
...\vendor\ZF2\library\Zend\Loader\
Im using https://github.com/zendframework/ZendSkeletonApplication which is working, but nothing else works out of box with zf2 and all help topics are described incompletely. A mess in my eyes ...
However here is the code.
//Change this for your domain
$domain = 'yourdomain.com';
$email = 'ad...#yourdomain.com';
$passwd = 'p#ssword';
$user = 'jsmith';
$newuserpassword = 'secretp#assword';
//Connect as admin to Google Apps
require_once 'Zend/Loader.php';
Zend_Loader::loadClass('Zend_Http_Client');
Zend_Loader::loadClass('Zend_Gdata');
Zend_Loader::loadClass('Zend_Gdata_ClientLogin');
Zend_Loader::loadClass('Zend_Gdata_Gapps');
try {
$client = Zend_Gdata_ClientLogin::getHttpClient($email, $passwd, Zend_Gdata_Gapps::AUTH_SERVICE_NAME);
} catch (Zend_Gdata_App_CaptchaRequiredException $cre) {
echo 'URL of CAPTCHA image: ' . $cre->getCaptchaUrl() . "\n";
echo 'Token ID: ' . $cre->getCaptchaToken() . "\n";
} catch (Zend_Gdata_App_AuthException $ae) {
echo 'Problem authenticating: ' . $ae->exception() . "\n";
}
$gdata = new Zend_Gdata_Gapps($client, $domain);
//Now change the user's password
$updateUser = $gdata->retrieveUser($user);
$updateUser->login->password = $newuserpassword;
$updateUser = $updateUser->save();
There's a new API that you can use even if Zend 1 or 2:
https://github.com/google/google-api-php-client
Here's the page with installation instructions and a getting started:
https://developers.google.com/api-client-library/php/
And here are the available services:
https://github.com/google/google-api-php-client/tree/master/src/Google/Service
Hope it help.
There's no such thing as Zend_Loader in zf2 and the code you have posted is for zf1. If you have the barebones application working, then you will already have the autoloader working correctly (I presume you're using MVC and this code is to go in a controller, not a single file).
If you have the autoloader setup correctly, you also don't need to use Zend_Loader::loadClass.. as they will be autoloaded.
As for Gdata in zf2 - you will need to get the package, which can be found here https://packages.zendframework.com/. Good instructions are here: Zend Framework 2.0.2 YouTube API
Converting the code from zf1 to zf2 should be pretty easy.
However, unfortunately the gdata package is no longer maintained, so you are advised to use https://code.google.com/p/google-api-php-client/
I have two Debian-systems. With both I access the Facebook-API via Perl(Facebook::Graph).
On the first system this works perfectly, on the other system I ran into following problem.
Could not execute request (https://graph.facebook.com): GraphMethodException - Unsupported get request at /usr/local/share/perl/5.10.1/Facebook/Graph/Response.pm line 40
Response.pm:
[...]
has response => (
is => 'rw',
isa => 'HTTP::Response',
required=> 1,
);
[...]
ouch $response->code, 'Could not execute request ('.$response->request->uri->as_string.'): '.$message, $response->request->uri->as_string;
[...]
I know it has something to do with my ssl-libs, but I cannot figure out where the problem is. I reinstalled multiple times the IO:Socket:SSL and SSLeay.
Every help is welcome,
enzo
Don't know if this helps, but came on here looking for help with 'graphMethodException' when trying to access this page: http://graph.facebook.com/doodleembroidery (which works fine now).
Have just tracked it down to the page's country permissions. She didn't realise she had set restrictions when she created the page, now she's removed them the link works fine!
We've developed a few standalone php scripts and want to limit access to them. We use Joomla 1.5 as our main front end and I'm wondering if we can use the authentication from Joomla to determine if a user is logged in or not from within our application which is outside the Joomla framework. If we can avoid integrating the joomla framework into our code, it would be preferred.
Not being an expert on Joomla's authentication system, does anyone have any idea to tell whether a user is logged in or not? I assume we would look at the session id and then use that to do a database query to see who the user is and if they're logged in?
There are some tools found at :
http://extensions.joomla.org/extensions/access-a-security/authentication-external
Which should be able to answer your question. From LDAP to NDIS, there are a variety of ways to make this happen.
This is late in the game, but in case someone else needs it.:
You can access most of the Joomla Envrionment quite easily:
Create a joomla platform file to include as shown below:
Include that file in your script
yourscript.php
require_once('joomla_platform.php');
$user =& JFactory::getUser();
if($user->gid <25) {
die ("YOU CANT BE HERE");
}
joomla_platform.php
<?php
/* Force Debugging here, otherwise the loaded configuration will define it. */
define( 'JDEBUG', 1 );
/* If not already done, initialize Joomla framework */
if (!defined('_JEXEC')) {
define( '_JEXEC', 1 );
// define('JPATH_BASE', dirname(__FILE__) );
define ('JPATH_BASE', "c:\\wamp\\www\\hosted\\newday");
define( 'DS', DIRECTORY_SEPARATOR );
/* Required Files */
require_once ( JPATH_BASE .DS.'includes'.DS.'defines.php' );
require_once ( JPATH_BASE .DS.'includes'.DS.'framework.php' );
/* To use Joomla's Database Class */
require_once ( JPATH_BASE .DS.'libraries'.DS.'joomla'.DS.'factory.php' );
require_once ( JPATH_LIBRARIES.DS.'joomla'.DS.'import.php'); // Joomla library imports.
/* Create the Application */
global $mainframe;
$mainframe =& JFactory::getApplication('site');
global $mainframe;
}
/* $config = new JConfig(); */
/* $db = &JFactory::getDBO(); */
?>