Here's the error code:
"The app you are using is not responding. Please try again later."
The callback is set to the php file (via https). I have no idea why it's not working.
Here's the JS (binded to var dr):
dr.buyCoins = function(){
var obj = {
method: 'pay',
order_info: order_info,
action: 'buy_item',
dev_purchase_params: {'oscif': true}
};
FB.ui(obj, dr.coinCheck);
}
dr.coinCheck = function(d){
if (d['order_id']) {
return true;
} else {
return false;
}
}
and here's the PHP:
<?php
$app_secret = '...';
// Validate request is from Facebook and parse contents for use.
$request = parse_signed_request($_POST['signed_request'], $app_secret);
// Get request type.
// Two types:
// 1. payments_get_items.
// 2. payments_status_update.
$request_type = $_POST['method'];
// Setup response.
$response = '';
if ($request_type == 'payments_get_items') {
// Get order info from Pay Dialog's order_info.
// Assumes order_info is a JSON encoded string.
$order_info = json_decode($request['credits']['order_info'], true);
// Get item id.
$item_id = $order_info['item_id'];
// Simulutates item lookup based on Pay Dialog's order_info.
if ($item_id == '1a') {
$item = array(
'title' => '100 some game cash',
'description' => 'Spend cash in some game.',
// Price must be denominated in credits.
'price' => 1,
'image_url' => 'http://some_image_url/coin.jpg',
);
// Construct response.
$response = array(
'content' => array(
0 => $item,
),
'method' => $request_type,
);
// Response must be JSON encoded.
$response = json_encode($response);
}
} else if ($request_type == "payments_status_update") {
// Get order details.
$order_details = json_decode($request['credits']['order_details'], true);
// Determine if this is an earned currency order.
$item_data = json_decode($order_details['items'][0]['data'], true);
$earned_currency_order = (isset($item_data['modified'])) ?
$item_data['modified'] : null;
// Get order status.
$current_order_status = $order_details['status'];
if ($current_order_status == 'placed') {
// Fulfill order based on $order_details unless...
if ($earned_currency_order) {
// Fulfill order based on the information below...
// URL to the application's currency webpage.
$product = $earned_currency_order['product'];
// Title of the application currency webpage.
$product_title = $earned_currency_order['product_title'];
// Amount of application currency to deposit.
$product_amount = $earned_currency_order['product_amount'];
// If the order is settled, the developer will receive this
// amount of credits as payment.
$credits_amount = $earned_currency_order['credits_amount'];
}
$next_order_status = 'settled';
// Construct response.
$response = array(
'content' => array(
'status' => $next_order_status,
'order_id' => $order_details['order_id'],
),
'method' => $request_type,
);
// Response must be JSON encoded.
$response = json_encode($response);
} else if ($current_order_status == 'disputed') {
// 1. Track disputed item orders.
// 2. Investigate user's dispute and resolve by settling or refunding the order.
// 3. Update the order status asychronously using Graph API.
} else if ($current_order_status == 'refunded') {
// Track refunded item orders initiated by Facebook. No need to respond.
} else {
// Track other order statuses.
}
}
// Send response.
echo $response;
// These methods are documented here:
// https://developers.facebook.com/docs/authentication/signed_request/
function parse_signed_request($signed_request, $secret) {
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
// decode the data
$sig = base64_url_decode($encoded_sig);
$data = json_decode(base64_url_decode($payload), true);
if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
error_log('Unknown algorithm. Expected HMAC-SHA256');
return null;
}
// check sig
$expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
if ($sig !== $expected_sig) {
error_log('Bad Signed JSON signature!');
return null;
}
return $data;
}
function base64_url_decode($input) {
return base64_decode(strtr($input, '-_', '+/'));
}
?>
Check your server logs and make sure you're receiving the request and responding to it correctly - note that if your callback is HTTPS your certificate needs to be fully valid including all intermediate certificates
In your case sslchecker said you're possibly missing the intermediate chain - https://www.sslshopper.com/ssl-checker.html#hostname=https://drawabble.com
Related
Hi everyone,
this is the code in slim php:
$app->post('/checkSignIn', function () use ($app) {
$params = $app->request->post()['body'] ;
if(!empty($params))
{
$jsonRequest = json_decode($params);
//echo $jsonRequest->email;
$delikatesDbConnect = new DelikatesDbConnect ('localhost', 'gontar_delikates', 'DgDgDg11', 'gontar_delikates');
$id = $delikatesDbConnect->findUserIdByMail($jsonRequest->email);
//echo $id;
if ($id>0) // if $id exists fetch hashed password and email_verfied values
{
$hashed_password = $delikatesDbConnect->findPasswordById($id);
$email_verified = $delikatesDbConnect->findEmailVerifiedById($id);
if (password_verify($jsonRequest->password,$hashed_password) and ($email_verified))
{
$arr = $delikatesDbConnect->json_user_details($id);
$jsonResponse = json_encode($arr);
$response = new HttpResponse($jsonResponse,202);
return $response;
}
else
{
return '';
}
}
else
{
return '';
}
}
else
{
return '';
}
})->name('register');
this is the request code in typscript ng2:
sendUserAndPass(userDetails:JSON)
{
const body = JSON.stringify(userDetails);
console.log(body);
const headers = new Headers();
headers.append('Content-Type','application/json');
this.http.post("http://www.delikates.co.il/backend/checkSignIn", body, {headers: headers})
.subscribe((data:Response)=>console.log(data));
}
Why do i get in chrome console err message like that :
OPTIONS http://www.delikates.co.il/backend/checkSignIn net::ERR_EMPTY_RESPONSE
EXCEPTION: Response with status: 0 for URL: null
Uncaught Response {_body: ProgressEvent, status: 0, ok: false, statusText: "", headers: Headers…}
This seems like an issue with how you are handling the response. What is HttpResponse?
A typical way of handling responses is to use the existing response object and write to that.
return $response->withJson($arr, 202);
https://www.slimframework.com/docs/objects/response.html#returning-json
A PHP Error was encountered
Severity: Warning
Message: ini_set(): A session is active. You cannot change the session module's ini settings at this time
Filename: Session/Session.php
Line Number: 316
Backtrace:
File: C:\xampp\htdocs\testing\index.php
Line: 315
Function: require_once
<?php
session_start(); //we need to start session in order to access it through CI
class Adminlogin extends CI_Controller {
public function _construct(){
parent::_construct();
//Load form helper library
$this->load->helper('form');
//Load form validation library
$this->load->library('form_validation');
//Load session library
$this->load->library('session');
//Load database
$this->load->model('login_database');
}
//show login page
public function index()
{
$this->load->view('admin_login');
}
//show registration page
public function user_registration_show(){
$this->load->view('admin_signup');
}
//Validate and store registration data in database
public function new_user_registration(){
//Check Validation for user input in SignUp form
$this->form_validation->set_rules('admin_username', 'Username','trim|required|xss_clean');
$this->form_validation->set_rules('admin_password', 'Password','trim|required|xss_clean');
if($this->form_validation->run()== FALSE){
$this->load->view('admin_signup');}
else{
$data = array(
'admin_username' => $this->input->post('username'),
'admin_password' => $this->input->post('password'));
$result = $this->login_database->registration_insert($data);
if($result == TRUE){
$data['message_display'] = 'Registration Successfully !';
$this->load->view('admin_login', $data);
}else{
$data['message_display'] = 'Username already exist';
$this->load->view('admin_signup',$data);
}
}
}
//Check for user login process
public function user_login_process(){
$this->form_validation->set_rules('admin_username','Username', 'trim|required|xss_clean');
$this->form_validation->set_rules('admin_password','Password', 'trim|required|xss_clean');
if($this->form_validation->run() == FALSE){
if(isset($this->session->userdata['loggen_in'])){
$this->load->view('Admin/admin_dashboard');
}else{
$this->load->view('admin_login');
}
}else{
$data = array(
'admin_username' => $this->input->post('username'),
'admin_password' => $this->input->post('password'));
$result = $this->login_database->login($data);
if($result == TRUE) {
$username = $this->input->post('username');
$result = $this->login_database->read_user_information($username);
if($result != false){
$session_data = array(
'username' => $result[0]->admin_username,
'password' => $result[0]->admin_password);
//Add user data in session
$this->session->set_userdata('logged_in', $session_data);
$this->load->view('Admin/admin_dashboard');
}else{
$data = array(
'error_message' => 'Invalid Username or Password');
$this->load->view('admin_login',$data);
}
}
}
}
}
?>
Please remove the 1st line session_start(); or change it to..
// session_start(); //I do Not need this as I am using CI Sessions.
You are using CodeIgniters Sessions which you have loaded in your code...
$this->load->library('session');
As an Aside:
You don't need the end ?> in your PHP files where it is the last tag in the file.
I have an issue with a some of the jQuery notifications I have created to trigger based on information echo'd from a PHP file after a user submits a sign up HTML form via AJAX. The notifications for errors work, but not for a successful post to the database. I know that the success notification should show because the data is validated and written to the database and AJAX post is successful. However the success notification does not want to work. What could be the reason for this technicality?
I have the following set up:
signup.html (contains the following ajax within the page*):
function registerUser(formKey) {
$.ajax({
type:"POST",
url:"engine/new_user.php",
data: $("#"+formKey).serialize(),
cache:false,
success: function(data) {
if(data == -3){
$("html, body").animate({ scrollTop: 0 }, 600);
$("#user-exists-notification").fadeIn(1000);
}
if(data == -4){
$("#account-created").fadeIn(1000);
}
if(data == -1){
$("html, body").animate({ scrollTop: 0 }, 600);
$("#fields-complete-notification").delay(1000).fadeIn(1000);
}
if(data == -2){
$("html, body").animate({ scrollTop: 0 }, 600);
$("#pw-confirm-notification").delay(1000).fadeIn(1000);
}
},
error: function(data) {
}
});
}
new_user.php
require("register-classes.php");
$register=new Register($_POST['fname'], $_POST['lname'], $_POST['email'], $_POST['sex'], $_POST['birthdate'], $_POST['phone'], $_POST['country'], $_POST['alias'], $_POST['handle'], $_POST["password"], $_POST["cpassword"], $_POST['network']);
if($register->checkFields()== false){
echo -1;
} else if($register->confirmPasswords()== false){
echo -2;
}else if($register->registerUser()!=false){
echo -4;
} else if($register->registerUser()==false){
echo -3;
}
and register-classes.php (which contains classes for processing sign up form)
class Register {
public function __construct($fname, $lname, $mail, $sex,
$birthday, $phonenumber, $regCountry, $alias, $username,
$password, $conf_password, $network_site) {
//Copy Constructor
$this->site=$network_site;
$this->firstname=$fname;
$this->lastname=$lname;
$this->email=$mail;
$this->sex=$sex;
$this->birthdate=$birthday;
$this->phone=$phonenumber;
$this->country=$regCountry;
$this->displayname=$alias;
$this->handle=$username;
$this->salt="a2cflux9e8g7ds6ggty589498j8jko007876j89j8j7";
$this->password=crypt($this->salt.$password);
$this->joindate=date("Y-m-d H:i:s");
$this->confirm_password1=$password;
$this->confirm_password2=$conf_password;
}
public function registerUser(){
$database=new Database();
$database->getConnection();
$database->startConnection();
//Check database to insure user and email address is not already in the system.
$checkUsers= mysql_query("SELECT network_users.network_id
FROM network_users, network_profile
WHERE network_users.handle = '$this->handle'
OR network_profile.email = '$this->email'");
$numRecords= mysql_num_rows($checkUsers);
if($numRecords == 0){
$addUser= mysql_query("INSERT INTO network_users(handle, password, date_created, parent_network, site_created, active, account_type, del)
values('$this->handle', '$this->password', '$this->joindate',' fenetwork', 'network', 'active', 'standard', 'F')") or die(mysql_error());
$networkId=mysql_insert_id();
$addProfile= mysql_query("INSERT INTO network_profile(network_id, first_name, last_name, email, sex, birthdate, phone, country, display_name, del)
values('$networkId', '$this->firstname', '$this->lastname', '$this->email','$this->sex', '$this->birthdate', '$this->phone', '$this->country', '$this->displayname', 'F')") or die(mysql_error());
$this->addUser;
$this->addProfile;
return true;
}
else{
return false;
}
}
public function checkFields(){
if(($this->firstname)!="" && ($this->lastname)!="" && ($this->email)!="" && ($this->sex)!="" &&
($this->birthdate)!="" &&($this->country)!="" && ($this->handle)!="" && ($this->password)!=""){
return true;
} else {
return false;
}
}
public function confirmPasswords(){
if($this->confirm_password1==$this->confirm_password2){
return true;
} else {
return false;
}
}
private $site, $firstname, $lastname, $email,
$sex, $birthdate, $phone, $country, $displayname,
$handle, $password, $salt, $joindate, $confirm_password1, $confirm_password2;
protected $addUser, $addProfile;
}
I found the issue. The issue was due to printf() functions that were apart of a few class members in the database class. They were causing an interruption with the function completing and returning the boolean value true or false in registerUser();
Thank you all for your help and assistance. I would give up a vote up, but I don't have enough reputation points. haha.
This code used to work fine, but now the user_id is missing in my $data object. I had in mind, that from the moment the User 'Likes' the page, he isn't anonymous anymore and that you can fetch his ID using this code. This is the code I have always used:
require_once 'assets/requests/facebook-php-sdk-dafef11/src/facebook.php';
$secret = "XXX";
$data = parse_signed_request($_REQUEST['signed_request'], $secret);
function parse_signed_request($signed_request, $secret) {
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
// decode the data
$sig = base64_url_decode($encoded_sig);
$data = json_decode(base64_url_decode($payload), true);
echo ' FUID: ', $fuid = $data['user_id']; // NO USER ID HERE ANYMORE
echo '<pre>' , var_dump($data), '</pre>';
if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
error_log('Unknown algorithm. Expected HMAC-SHA256');
return null;
}
// check sig
$expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
if ($sig !== $expected_sig) {
error_log('Bad Signed JSON signature!');
return null;
}
return $data;
}
function base64_url_decode($input) {
return base64_decode(strtr($input, '-_', '+/'));
}
var_dumping the $data object shows this:
array(4) {
["algorithm"]=>
string(11) "HMAC-SHA256"
["issued_at"]=>
int(1321524964)
["page"]=>
array(3) {
["id"]=>
string(15) "227488627318218"
["liked"]=>
bool(true)
["admin"]=>
bool(false)
}
["user"]=>
array(2) {
["locale"]=>
string(5) "de_DE"
["age"]=>
array(1) {
["min"]=>
int(21)
}
}
}
Did facebook change something?
Are you using the old fb_sig stuff? I'm not going to pretend to understand what it means, but fb_sig was removed the other day. They said it was removed on October 1st, but I think they actually removed it late last week:
http://developers.facebook.com/blog/post/497/
Is that possible? I don't actually want to manage their pages, I just want to know if they are an admin of the page so we can grant the user special permission in the Facebook application.
Facebook will send that piece of info when the admin land on your Page Tab inside the signed_request (reference):
<?php
if(!empty($_REQUEST["signed_request"])) {
$app_secret = "APP_SECRET";
$data = parse_signed_request($_REQUEST["signed_request"], $app_secret);
if (empty($data["page"]["admin"])) {
echo "You are not an admin!";
} else {
echo "Welcome Admin!";
}
}
function parse_signed_request($signed_request, $secret) {
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
// decode the data
$sig = base64_url_decode($encoded_sig);
$data = json_decode(base64_url_decode($payload), true);
if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
error_log('Unknown algorithm. Expected HMAC-SHA256');
return null;
}
// check sig
$expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
if ($sig !== $expected_sig) {
error_log('Bad Signed JSON signature!');
return null;
}
return $data;
}
function base64_url_decode($input) {
return base64_decode(strtr($input, '-_', '+/'));
}
?>