Secret verification

Nov 22, 2010 at 9:29 PM

Does anyone know if this toolkit does the cookie/secret key verification listed by facebook with their PHP example? Forgive a newbie but all I could find when searching for signature on codeplex discussion was people getting the incorrect signature exception. I assume it does this by now but I just wanted to make sure.

define('FACEBOOK_APP_ID', 'your application id');
define('FACEBOOK_SECRET', 'your application secret');

function get_facebook_cookie($app_id, $application_secret) {
  $args = array();
  parse_str(trim($_COOKIE['fbs_' . $app_id], '\\"'), $args);
  ksort($args);
  $payload = '';
  foreach ($args as $key => $value) {
    if ($key != 'sig') {
      $payload .= $key . '=' . $value;
    }
  }
  if (md5($payload . $application_secret) != $args['sig']) {
    return null;
  }
  return $args;
}