Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Facebook authorisation doesn't work.

2»

Comments

  • AaronWebsteyAaronWebstey ✭✭✭
    edited April 2017

    I don't have time to read all the back-and-forth and am not positive whether this got resolved or not, but I did get the UniqueID issue fixed on my forum. Found this:

    http://nutmedia.co.uk/snippets/vanilla-forums-facebook-login-uniqueid-required-issue-fix/

    In summary,

    go to plugins/Facebook/class.facebook.plugins.php find function getAccessToken() and change following part:

    if (strpos(val('content_type', $Info, ''), '/javascript') !== false) {
    $Tokens = json_decode($Contents, true);
    } else {
    parse_str($Contents, $Tokens);
    }
    

    To

    if (strpos(val('content_type', $Info, ''), '/json') !== false) {
    $Tokens = json_decode($Contents, true);
    } else {
    parse_str($Contents, $Tokens);
    }
    

    Oh and I actually used this in the end, slightly different from http://stackoverflow.com/questions/43380648/vanilla-forums-facebook-authentication-error-uniqueid-is-required

    For now I fixed the function getAccessToken() replacing this:

        if (strpos(val('content_type', $Info, ''), '/javascript') !== false) {
            $Tokens = json_decode($Contents, true);
        } else {
            parse_str($Contents, $Tokens);
        }
    

    with this:

        if (strpos(val('content_type', $Info, ''), '/javascript') !== false) {
            $Tokens = json_decode($Contents, true);
        } else if (strpos(val('content_type', $Info, ''), '/json') !== false) {
            $Tokens = json_decode($Contents, true);
        } else {
            parse_str($Contents, $Tokens);
        }
    
  • @Koriakin said:
    @vrijvlinder did that, also tried the same with 2.4b1.

    No need to try out a Beta version at this time. It's only for developers. I said it several times I think..

    Later I've tried to do it under different domain, completely from scratch... under >different browsers, everytime between attempts I was clearing cookies etc. tried >all php versions between 5.6 - 7.1.

    It is not Vanilla that is the problem, it's the plugin.. If everything else works , then it's the plugin..

    I presume this script is fine as it is, just "plug'n'play", and I like to think I'm not >that dumb to tried so many times with no effect because of my mistake >somwhere... it's so fu.ng simple that there is literally only 4 things crucial to >work.

    But you failed to follow the installation instructions I gave you.I strictly said do not unpack the zip after upload. I said upload after unzipping. Can't know what you did wrong other than not follow instructions... making it hard to help you. It is not difficult if you follow instructions. The way you are doing it is wrong.

    At this point I'm 75% sure there are some weird circumstances on my host which >are making it impossible.

    It is possible that it could be your host, or it can be your doing. Hard to say.
    But if everything else works fine, then it's not your installation, it's the plugin.

    I've mentioned before about file permitions and that is actualy very strange. >Everytime I'm installing any script, I always send it just as it came from developer >in package - untouched, staright to server via ftp, and unpacking is done there >via DirectAdmin or cPanel or whatever there is.

    That is wrong. Doing that can mess up your installation by adding unwanted code.
    It is best to unzip and then upload.

    it alwas worked for me better than sending it unpacked because: 1. Time, and 2. File permitions issues when sending it unpacked under windows.

    I would use Filezilla then. I mean something is obviously wrong with the one you are using, because that never happens to me.

    For some reason when I'm unpacking Vanilla it comes out with 777 dirs and 666 >files. It doesn't happen with other scripts.
    There is something in my environment not compatible with Vanilla.
    I have no other host to try.

    If this is a free host then you might not be able to use Vanilla at all. But if you installed other software and it worked, then it may be the settings or something else. But we can't guess.

    Because I have totaly no progress in 3 days now, I need to give up this project.
    Later in free time I will make some other investigations, I will try do it with WAMP >for example.

    Ok Good luck, but I recommend you try this https://open.vanillaforums.com/discussion/comment/247087/#Comment_247087

  • KoriakinKoriakin New
    edited April 2017

    @vrijvlinder

    No need to try out a Beta version at this time.

    I have tried it, I don't see reason why not to do it, since plugin is newer

    It is not Vanilla that is the problem, it's the plugin.. If everything else works , then it's the plugin..

    I have never stated it's Vanilla problem

    But you failed to follow the installation instructions I gave you.

    I think I was was clear enough when I wrote "I did that" but I will say it again: I did send all stuff like you said!

    The way you are doing it is wrong.

    That is wrong. Doing that can mess up your installation by adding unwanted code.
    It is best to unzip and then upload.

    Well I absolutely don't agree with you. In this way files and dirs come out exactly how the have been zipped by developer. I'm doing like that for about 15 years now and for the first time I see files comming out with full permit.
    By the way, you are using windows or linux (inculding mac) to send it?

    I would use Filezilla then. I mean something is obviously wrong with the one you are using, because that never happens to me.

    There is nothing wrong with TotalCommander, how even can it be if I don't even using it to open package, it's only to send it to host.

    If this is a free host then ...

    It's well paid service

    I've actualy tried already both ways.

  • edited April 2017

    Uploading a zipped folder via an ftp client is wrong. Because in order to extract it then you need to use cpanel from the host. It's a waste of ftp. And you face the kind of issues with permissions.

    I prefer to know exactly what I am uploading and be able to not upload certain files which would get overwritten on my installation.

    You are free to do as you please and ignore my advice,My advice comes with some experience. But also know that I have successfully installed and updated several forums , maybe a dozen and helped other people in the hundreds to get their forum going. I have also written themes and plugins for this community, for four plus years. So before you discard what I have said, keep that in mind.

    Also Using a Beta version on a production site is wrong if you are not a developer. The plugins are the same ones. And if you want a plugin you can always get it from Github if indeed it is newer. Since it does not work either with 2.4 , then it's not newer. You tend to assume too much..

  • KoriakinKoriakin New
    edited April 2017

    Uploading unziped files and folders, especialy using windows is wrong, because windows doesn't give a s.it about linux file permitions and after uploading you need to double check all of them.
    With unzipping files by cPanel or DirectAdmin there maybe only one problem - file ownage - but it's only when hosting isn't setup correctly. Beside that it's the quickest and safest method of uploading any script, because like I said files coming out that package are with oryginal permits.

    My expirence comes from a lot of websites (mainly joomla, phpbb, prestashop, opencart, webtrees etc) also successsfuly instaled. I've made few times joomla themes, I did not made any plugins, but I've tranaslated a lot of them. I do nto discard your knowledge about Vanilla because is for sure more superior than mine, but everything else is just your opinion.

    Using a Beta version on a production site is wrong... it's not newer. You tend to assume too much..

    Oh dear God... I'm TESTING what is working and how and are... compare FB plugin from 2.3 and 2.4, they where different enough to TRY...

  • Beside that it's the quickest and safest method of uploading any script, because like I said files coming out that package are with oryginal permits.

    There are no original permits. Not sure what you mean by that. There are hidden files that will be overwritten if not removed from the package, such as the htaccess file... your statement makes no sense practical or otherwise.

    Oh dear God... I'm TESTING what is working and how and are... compare FB plugin from 2.3 and 2.4, they where different enough to TRY...

    Ok so long as you know that you are on your own when using a Beta version. The support here is limited to stable versions we use in real time on real forums with real people. Some people might be testing it and might be able to help. However as with all Beta versions of any software, they are best not used in production scenarios.

    All of the advice you have gotten from me and the others, is based on 2.3. We wasted your time.

  • R_JR_J Admin

    What the hell is going on here?

    The best hints what fails were already given in the 1. comment (which could be counted as the opening post).

    All the rest seems to be silly noise.

    1. File upload? Why the heck should it matter how a file has been copied from A to B when it is obviously the same at A and B? (No, please! This is only a rhetorical question, really!)
    2. File permissions? 777/666 from security point of view that is not good. For testing that is optimal, since with this permissions it is granted that your problem has nothing to do with file permissions

    If anybody wants to drop a line concerning this two points, feel free, but since I would split such a comment into a new discussion, please do it by yourself.

    I think it is hard to follow the real problem when there is so much talk about not related "problems".


    @Koriakin: thanks for testing what you could think of before asking your question! I guess the most important hint what is going on here, has been posted by yourself in your very first comment.

    @Koriakin said:
    Info from debug:

    Notice 1
    file_get_contents(): SSL operation failed with code 1. OpenSSL Error messages:
    error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

    Notice 2
    file_get_contents(): Failed to enable crypto

    Notice 3
    file_get_contents(https://graph.facebook.com/me?access_token=EAAH.....D&fields=name,id,email): failed to open stream: operation failed

    Notice 2 and 3 are simply follow ups of the first error (when "SSL operation failed", all the following communication with that server must fail, too)

    So we should focus on the first point. A look at Stack Overflow shows that this seems to be
    a) quite a common problem
    b) independent from the PHP script used
    c) connected somehow to curl

    If it is really independent from the PHP script, I'm not surprised that using Vanilla 2.3 or the beta version or any version of the Facebook plugin fail all the same. They are not the reason, the way the connection is established seems to be the reason - that is my best guess.

    If MyBB doesn't have that problem, it might because they send other curl headers or do not use curl at all - I don't know and I wouldn't investigate in that direction first.

    I think the best thing to do would go through some of the questions on Stack Overflow and try what has been advised there. From having a quick look at it, I would say that this answer is most promising.

    I respect the endurance you have shown by now and it would be great if you could keep on testing and reporting back!

  • R_JR_J Admin

    Just one simple addition: if you ask questions here, you will get answers from the open source community. This is great for asking "how to"/"help" questions.

    If you think you have found an error/issue, the Vanilla developers are happy if you file an issue on GitHub and certainly they are thankful if you directly make a pull request ;)

    I have no experience with Facebook, but I thought I report that scope problem as an issue: https://github.com/vanilla/vanilla/issues/5458
    I would say that you really found something which could be improved! =)

  • @R_J Well, I described what I've saw, and permitions were one of unusual things.

    Personaly I don't mind spliting this topic with @vrijvlinder , because clearly he doesn't get what I mean.

    I will still try whatever new I will find to make it work, because I love how simple Vanilla looks on mobile devices.

    I'm glad my effort may bring some improvements, but I'm sure I'm not the first one who found that ( @Caylus for example), but maybe I'm first who described it here.

Sign In or Register to comment.