diff --git a/actions/facebookremove.php b/actions/facebookremove.php new file mode 100644 index 0000000000..2a7bdd03e0 --- /dev/null +++ b/actions/facebookremove.php @@ -0,0 +1,65 @@ +. + */ + +if (!defined('LACONICA')) { exit(1); } + +require_once(INSTALLDIR.'/lib/facebookaction.php'); + +class FacebookremoveAction extends FacebookAction { + + function handle($args) { + parent::handle($args); + + $secret = common_config('facebook', 'secret'); + + $sig = ''; + + ksort($_POST); + + foreach ($_POST as $key => $val) { + if (substr($key, 0, 7) == 'fb_sig_') { + $sig .= substr($key, 7) . '=' . $val; + } + } + + $sig .= $secret; + $verify = md5($sig); + + if ($verify == $this->arg('fb_sig')) { + + $flink = Foreign_link::getByForeignID($this->arg('fb_sig_user'), 2); + + common_debug("Removing foreign link to Facebook - local user ID: $flink->user_id, Facebook ID: $flink->foreign_id"); + + $result = $flink->delete(); + + if (!$result) { + common_log_db_error($flink, 'DELETE', __FILE__); + common_server_error(_('Couldn\'t remove Facebook user.')); + return; + } + + } else { + # Someone bad tried to remove facebook link? + common_log(LOG_ERR, "Someone from $_SERVER[REMOTE_ADDR] " . + 'unsuccessfully tried to remove a foreign link to Facebook!'); + } + } + +} diff --git a/htaccess.sample b/htaccess.sample index b15ab664fc..bd29d318f5 100644 --- a/htaccess.sample +++ b/htaccess.sample @@ -26,6 +26,7 @@ RewriteRule ^facebook/$ index.php?action=facebookhome [L,QSA] RewriteRule ^facebook/index.php$ index.php?action=facebookhome [L,QSA] RewriteRule ^facebook/settings.php$ index.php?action=facebooksettings [L,QSA] RewriteRule ^facebook/invite.php$ index.php?action=facebookinvite [L,QSA] +RewriteRule ^facebook/remove$ index.php?action=facebookremove [L,QSA] RewriteRule ^main/login$ index.php?action=login [L,QSA] RewriteRule ^main/logout$ index.php?action=logout [L,QSA]