summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--fb.admin.inc29
-rw-r--r--fb.module7
-rw-r--r--fb.process.inc5
-rw-r--r--fb_app.module2
-rw-r--r--fb_canvas.admin.inc8
-rw-r--r--fb_canvas.js4
-rw-r--r--fb_connect.admin.inc7
-rw-r--r--fb_form.module27
-rw-r--r--fb_tab.admin.inc7
9 files changed, 72 insertions, 24 deletions
diff --git a/fb.admin.inc b/fb.admin.inc
index 9f71030..2b2c301 100644
--- a/fb.admin.inc
+++ b/fb.admin.inc
@@ -31,6 +31,7 @@ function fb_admin_page() {
t('Local Operations'),
t('Remote Settings'),
);
+ $protocol = fb_protocol();
foreach ($apps as $fb_app) {
// Get properties from facebook.
@@ -41,7 +42,7 @@ function fb_admin_page() {
$row[] = $fb_app->label . ($fb_app->status ? '' : ' ' . t('(<em>not enabled</em>)'));
// About.
- $row[] = l(isset($fb_app->application_name) ? $fb_app->application_name : $fb_app->label, 'http://www.facebook.com/apps/application.php?id=' . $fb_app->id);
+ $row[] = l(isset($fb_app->application_name) ? $fb_app->application_name : $fb_app->label, $protocol . '://www.facebook.com/apps/application.php?id=' . $fb_app->id);
// Canvas Page.
if (isset($fb_app->canvas_name) &&
@@ -49,7 +50,7 @@ function fb_admin_page() {
drupal_set_message(t('Canvas page for %label is out of sync! Facebook believes it is %fbcanvas, while our database believes %canvas. Edit and save the application to remedy this.', array('%label' => $fb_app->label, '%fbcanvas' => $fb_app->canvas_name, '%canvas' => $fb_app->canvas)), 'error');
}
if ($fb_app->canvas) {
- $row[] = l($fb_app->canvas, 'http://apps.facebook.com/' . $fb_app->canvas);
+ $row[] = l($fb_app->canvas, $protocol . '://apps.facebook.com/' . $fb_app->canvas);
}
else {
$row[] = t('n/a');
@@ -73,7 +74,7 @@ function fb_admin_page() {
$row[] = theme('links', array('links' => $links));
// Remote Settings
- $row[] = l($fb_app->id, 'http://www.facebook.com/developers/editapp.php?app_id=' . $fb_app->id);
+ $row[] = l($fb_app->id, 'https://www.facebook.com/developers/editapp.php?app_id=' . $fb_app->id);
$rows[] = $row;
}
@@ -230,14 +231,14 @@ function fb_admin_set_properties_form($form, &$form_state, $fb_app) {
// @TODO - beautify display of properties.
$form['props'] = array(
'#type' => 'markup',
- '#value' => print_r($props, 1),
+ '#markup' => print_r($props, 1),
'#prefix' => '<pre>',
'#suffix' => '</pre>',
);
$form['desc2'] = array(
'#type' => 'markup',
- '#value' => t('Syncing will also update local settings with values learned from facebook (i.e. if you have changed your canvas page).'),
+ '#markup' => t('Syncing will also update local settings with values learned from facebook (i.e. if you have changed your canvas page).'),
'#prefix' => '<p>',
'#suffix' => '</p>',
);
@@ -302,6 +303,24 @@ function fb_admin_set_properties_form_submit($form, &$form_state) {
function fb_admin_settings() {
$form = array();
+ // @TODO would be nice to automatically test whether HTTPS is supported.
+ $form['fb_admin_secure'] = array(
+ '#title' => t('Secure URLs'),
+ '#type' => 'fieldset',
+ '#description' => t('Canvas Pages and Page Tabs require a server that supports SSL encrypted HTTPS. Without HTTPS, those features will only work in "sandbox mode."'),
+ );
+ $form['fb_admin_secure'][FB_VAR_SECURE_URLS] = array(
+ '#type' => 'radios',
+ '#title' => t('Use Secure URLs'),
+ '#default_value' => variable_get(FB_VAR_SECURE_URLS, FB_SECURE_URLS_SOMETIMES),
+ '#description' => t('This setting affects your applications\' connect_url, callback_url, secure_callback_url, profile_tab_url, and secure_page_tab_url properties.'),
+ '#options' => array(
+ FB_SECURE_URLS_NEVER => t('Never use HTTPS. (I.e. this server does not support it.)'),
+ FB_SECURE_URLS_SOMETIMES => t('Use HTTPS only when Facebook expects a secure URL. (Recommended.)'),
+ FB_SECURE_URLS_ALWAYS => t('Always use HTTPS for both secure urls and also other url callbacks.'),
+ ),
+ );
+
$form['fb_admin_session'] = array(
'#title' => t('Sessions'),
'#type' => 'fieldset',
diff --git a/fb.module b/fb.module
index 062622d..f2678a9 100644
--- a/fb.module
+++ b/fb.module
@@ -52,6 +52,12 @@ define('FB_VAR_USE_COOKIE', 'fb_use_cookie');
define('FB_VAR_USE_SESSION', 'fb_use_session');
define('FB_VAR_RELOAD_APPEND_HASH', 'fb_reload_append_hash');
define('FB_VAR_CURL_NOVERIFY', 'fb_curl_noverify');
+define('FB_VAR_SECURE_URLS', 'fb_secure_urls');
+
+// Possible choices for secure urls.
+define('FB_SECURE_URLS_ALWAYS', 1);
+define('FB_SECURE_URLS_SOMETIMES', 0);
+define('FB_SECURE_URLS_NEVER', -1);
// node_access realms (belongs here?)
define('FB_GRANT_REALM_FRIEND', 'fb_friend');
@@ -989,6 +995,7 @@ function fb_get_friends($fbu, $fb_app = NULL) {
$items = fb_call_method($fb, 'friends.get', array(
'uid' => $fbu,
));
+ $cache[$fbu] = $items;
}
catch (Exception $e) {
fb_log_exception($e, t('Failed call to friends.get'), $fb);
diff --git a/fb.process.inc b/fb.process.inc
index 710627d..7dece04 100644
--- a/fb.process.inc
+++ b/fb.process.inc
@@ -53,10 +53,11 @@ function fb_process($output, $options = array()) {
$base = $base_path;
}
+ $protocol = fb_protocol(); // http or https
if (isset($options['to_canvas']) && ($canvas = $options['to_canvas'])) {
// Make relative links point to canvas pages.
$patterns[] = "|<a([^>]*)href=\"{$base}|";
- $replacements[] = "<a $1 href=\"http://apps.facebook.com/{$canvas}/";
+ $replacements[] = "<a $1 href=\"$protocol://apps.facebook.com/{$canvas}/";
}
else {
// Make relative links point to website.
@@ -90,7 +91,7 @@ function fb_process($output, $options = array()) {
// Make absolute links point to canvas pages.
$absolute_base = url('<front>', array('absolute' => TRUE));
$patterns[] = "|<a([^>]*)href=\"{$absolute_base}|";
- $replacements[] = "<a $1 href=\"http://apps.facebook.com/{$_fb_app->canvas}/";
+ $replacements[] = "<a $1 href=\"$protocol://apps.facebook.com/{$_fb_app->canvas}/";
}
}
if (count($patterns)) {
diff --git a/fb_app.module b/fb_app.module
index 81e765c..3803bf7 100644
--- a/fb_app.module
+++ b/fb_app.module
@@ -284,7 +284,7 @@ function fb_app_token_values($type = 'all', $object = NULL) {
if ($type == 'fb_app' && $object) {
$fb_app = $object;
$values['fb-app-label'] = $fb_app->label;
- $values['fb-app-url'] = 'http://apps.facebook.com/' . $fb_app->canvas;
+ $values['fb-app-url'] = fb_protocol() . '://apps.facebook.com/'. $fb_app->canvas;
}
return $values;
}
diff --git a/fb_canvas.admin.inc b/fb_canvas.admin.inc
index 0afde15..2328a42 100644
--- a/fb_canvas.admin.inc
+++ b/fb_canvas.admin.inc
@@ -22,9 +22,17 @@ function fb_canvas_fb_admin($op, $data, &$return) {
$callback_url = url('', array('absolute' => TRUE));
}
$return['callback_url'] = $callback_url;
+ if (variable_get(FB_VAR_SECURE_URLS, FB_SECURE_URLS_SOMETIMES) >= FB_SECURE_URLS_SOMETIMES) {
+ $return['secure_callback_url'] = str_replace('http://', 'https://', $callback_url);
+ }
+ if (variable_get(FB_VAR_SECURE_URLS, FB_SECURE_URLS_SOMETIMES) <= FB_SECURE_URLS_SOMETIMES) {
+ // Make callback_url HTTP, even if we administer drupal via HTTPS.
+ $return['callback_url'] = str_replace('https://', 'http:', $return['callback_url']);
+ }
}
elseif ($op == FB_ADMIN_OP_LIST_PROPERTIES) {
$return[t('Callback URL')] = 'callback_url';
+ $return[t('Secure Callback URL')] = 'secure_callback_url';
}
}
diff --git a/fb_canvas.js b/fb_canvas.js
index 3c55123..da22652 100644
--- a/fb_canvas.js
+++ b/fb_canvas.js
@@ -23,10 +23,10 @@ Drupal.behaviors.fb_canvas = {
});
// Logout of facebook when logging out of drupal.
- jQuery("a[href^='http://apps.facebook.com/" + Drupal.settings.fb_canvas.canvas + "/logout']", context).click(FB_Canvas.logout);
+ jQuery("a[href^='https://apps.facebook.com/" + Drupal.settings.fb_canvas.canvas + "/logout']", context).click(FB_Canvas.logout);
// Change 'user/login' links to popup fb connect dialog.
- jQuery("a[href^='http://apps.facebook.com/" + Drupal.settings.fb_canvas.canvas + "/user/']", context).click(FB_Canvas.login);
+ jQuery("a[href^='https://apps.facebook.com/" + Drupal.settings.fb_canvas.canvas + "/user/']", context).click(FB_Canvas.login);
}
};
diff --git a/fb_connect.admin.inc b/fb_connect.admin.inc
index f6ad429..6595c31 100644
--- a/fb_connect.admin.inc
+++ b/fb_connect.admin.inc
@@ -10,8 +10,13 @@
*/
function fb_connect_fb_admin($op, $data, &$return) {
if ($op == FB_ADMIN_OP_SET_PROPERTIES) {
- // We need to set the Facebook Connect URL, but currently Facebook's APIs do not allow it.
$return['connect_url'] = fb_connect_get_connect_url($data['fb_app']);
+ if (variable_get(FB_VAR_SECURE_URLS, FB_SECURE_URLS_SOMETIMES) == FB_SECURE_URLS_ALWAYS) {
+ $return['connect_url'] = str_replace('http://', 'https://', $return['connect_url']);
+ }
+ else {
+ $return['connect_url'] = str_replace('https://', 'http://', $return['connect_url']);
+ }
}
elseif ($op == FB_ADMIN_OP_LIST_PROPERTIES) {
$return[t('Connect URL')] = 'connect_url';
diff --git a/fb_form.module b/fb_form.module
index 6259361..6c8e9fa 100644
--- a/fb_form.module
+++ b/fb_form.module
@@ -104,23 +104,24 @@ function fb_form_multi_add_invite_form() {
$content = $node->teaser;
// Do we need to append &next=[someURL] to the url here?
- $content .= "<fb:req-choice url=\"http://www.facebook.com/add.php?api_key={$_fb_app->apikey}\" label=\"" . t('Add !title application.',
- array('!title' => $_fb_app->label)) . "\" />";
+ $content .= "<fb:req-choice url=\"http://www.facebook.com/add.php?api_key={$_fb_app->apikey}\" label=\"" . t('Add !title application.', array('!title' => $_fb_app->label)) . "\" />";
// form type fb:request-form
- $form = array('#fb_form_type_hack' => 'fb_form_request', /* becomes #type during form_alter */
- '#attributes' => array('type' => $_fb_app->label,
- 'content' => htmlentities($content),
- 'invite' => 'true',
- ),
- '#action' => 'http://apps.facebook.com/' . $_fb_app->canvas,
+ $form = array(
+ '#fb_form_type_hack' => 'fb_form_request', /* becomes #type during form_alter */
+ '#attributes' => array(
+ 'type' => $_fb_app->label,
+ 'content' => htmlentities($content),
+ 'invite' => 'true',
+ ),
+ '#action' => fb_protocol() . '://apps.facebook.com/' . $_fb_app->canvas,
);
- $form['friends'] =
- array('#type' => 'fb_form_request_selector',
- '#title' => t('Select the friends to invite.'),
- '#attributes' => array('exclude_ids' => $arFriends),
- );
+ $form['friends'] = array(
+ '#type' => 'fb_form_request_selector',
+ '#title' => t('Select the friends to invite.'),
+ '#attributes' => array('exclude_ids' => $arFriends),
+ );
return $form;
}
diff --git a/fb_tab.admin.inc b/fb_tab.admin.inc
index f0007f3..fdb6b5a 100644
--- a/fb_tab.admin.inc
+++ b/fb_tab.admin.inc
@@ -21,6 +21,12 @@ function fb_tab_fb_admin($op, $data, &$return) {
'absolute' => TRUE,
'fb_canvas' => FALSE,
));;
+ if (variable_get(FB_VAR_SECURE_URLS, FB_SECURE_URLS_SOMETIMES) >= FB_SECURE_URLS_SOMETIMES) {
+ $return['secure_page_tab_url'] = str_replace('http://', 'https://', $return['profile_tab_url']) . '/'; // Must end with '/' ???
+ }
+ if (variable_get(FB_VAR_SECURE_URLS, FB_SECURE_URLS_SOMETIMES) <= FB_SECURE_URLS_SOMETIMES) {
+ $return['profile_tab_url'] = str_replace('https://', 'http://', $return['profile_tab_url']);
+ }
}
else {
$return['profile_tab_url'] = '';
@@ -40,6 +46,7 @@ function fb_tab_fb_admin($op, $data, &$return) {
elseif ($op == FB_ADMIN_OP_LIST_PROPERTIES) {
$return[t('Profile Tab Name')] = 'tab_default_name';
$return[t('Profile Tab URL')] = 'profile_tab_url';
+ $return[t('Secure Page Tab URL')] = 'secure_page_tab_url';
$return[t('Profile Tab Edit URL')] = 'edit_url';
$return[t('Installable')] = 'installable';
}