--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/user/getFBSession.php	Thu Feb 16 22:29:02 2017 +0000
@@ -0,0 +1,115 @@
+<?php
+
+	//we are in facebook canvas so react appropriately
+	include_once '../facebook.php';
+
+	$facebook = new Facebook(array(
+		'appId'  => '128245333876633',
+		'secret' => 'f51afc7e04289db62448edd8b70d83bf',
+		'cookie' => true,
+		'domain' => 'yournextread.com'
+	));
+
+	$session = $facebook->getSession();
+
+	if ($session) {
+		//login user
+		try {
+		$uid = $facebook->getUser();
+		$me = $facebook->api('/me');
+		
+		include "../../private/db.php"; 
+		$Email = $me['email'];
+		$FirstName = $me['first_name'];
+		$Surname = $me['last_name'];
+		//echo $Email;
+		$sql1="SELECT FirstName, Surname, DisplayName, u.UserID, ReceiveEmail, GoodreadsState, LocID
+		from user u, userpref p 
+		WHERE Email ='$Email'
+		and u.UserID = p.UserID";
+		//echo $sql1;
+		$result1=mysqli_query($link,$sql1);
+
+		// If successfully queried
+		if($result1){
+			$count=mysqli_num_rows($result1);
+			if($count==0){
+				//User doesn't already exist
+				$add="CALL addNewUser('$Email', 'facebook', '$FirstName', '$Surname', 0, '', 0)";
+				//echo $add;
+				$result2 = mysqli_query($link, $add);
+				
+				//reset connection
+				mysqli_close($link);
+				include "../../private/db.php"; 
+				
+				$sql3="SELECT FirstName, Surname, DisplayName, u.UserID, ReceiveEmail, GoodreadsState, LocID
+						from user u, userpref p 
+						WHERE Email ='$Email'
+						and u.UserID = p.UserID";
+				//echo $sql3;
+				$resultFull=mysqli_query($link,$sql3);
+			}
+			else{
+				$resultFull = $result1;
+			}
+			if($resultFull){	
+				//User Exists
+				$line=mysqli_fetch_array($resultFull, MYSQLI_ASSOC);
+				$firstName=$line['FirstName'];
+				$surname=$line['Surname'];
+				$displayName=$line['DisplayName'];
+				$id=$line['UserID'];
+				$receiveEmail = trim($line['ReceiveEmail']);
+				$GRState=trim($line['GoodreadsState']);
+				$LocID=trim($line['LocID']);
+		
+				if($displayName == "")
+				{
+					if($firstName == "")
+						$displayName=$Email;
+					else
+						$displayName = $firstName;
+				}
+				
+				//session_start();
+				$_SESSION['displayName']=$displayName;
+				$_SESSION['email']=$Email;
+				$_SESSION['surname']=$surname;
+				$_SESSION['UserID']=$id;
+				$_SESSION['receiveEmail']=$receiveEmail;
+				$_SESSION['GRState']=$GRState;
+				$_SESSION['Loc']=$LocID;
+				echo session_id();
+				echo ":::" . $displayName . ":::" . $surname . ":::" . $receiveEmail . ":::" . $GRState . ":::" . $LocID . ":::" . $Email . ":::" . $id;
+			}
+		}
+		
+		$postMsgRoulette = rand(0,4);
+		
+		if($postMsgRoulette == 0)
+		{
+			//post message saying they are looking for Presents on YourNextPresent
+			$api_call = array(// use this instead? FQL or fb_sig_ext_perms http://forum.developers.facebook.net/viewtopic.php?id=58565
+			'method' => 'users.hasAppPermission',
+			'uid' => $uid,
+			'ext_perm' => 'publish_stream'
+			);
+			$can_post = $facebook->api($api_call);
+			if($can_post){
+				$facebook->api('/'.$uid.'/feed', 'post', array('message' => "$firstName is looking for books at YourNextRead",
+				'name' => 'YourNextRead',
+				'description' => 'All you need to get started is a book you already like...',
+				'caption' => 'Find great books ideas!',
+				'picture' => 'http://www.yournextread.com/images/YNR_icon.png',
+				'link' => 'http://apps.facebook.com/yournextread/' 
+				));
+				//echo 'Posted!';
+			}
+		}
+					
+	  } catch (FacebookApiException $e) {
+		error_log($e);
+	  }
+	}				
+?>				
\ No newline at end of file