<?PHP
session_start();
  
	$proceed = true;
  	if (isset($_SERVER['HTTP_REFERER']))
	{
		$pos = strpos($_SERVER['HTTP_REFERER'], "apps.facebook.com");
		if($pos !== false)
		{
			//we are in facebook canvas so react appropriately
			include_once '../facebook.php';

			$facebook = new Facebook(array(
				'appId'  => '128245333876633',
				'secret' => 'f51afc7e04289db62448edd8b70d83bf',
				'cookie' => true,
				'domain' => 'yournextread.com'
			));

			$session = $facebook->getSession();

			if (!$session) {
				$proceed = false;
				$url = $facebook->getLoginUrl(array(
						   'canvas' => 1,
						   'fbconnect' => 0,
						   'req_perms' => 'email,user_birthday,publish_stream'
					   ));

				echo "<script type='text/javascript'>top.location.href = '$url';</script>";
			} 
			else {
				//login user
				try {
				$uid = $facebook->getUser();
				$me = $facebook->api('/me');
				
				include "../../private/db.php"; 
				$Email = $me['email'];
				$FirstName = $me['first_name'];
				$Surname = $me['last_name'];
				//echo $Email;
				$sql1="SELECT FirstName, Surname, DisplayName, UserID from user WHERE Email ='$Email'";
				//echo $sql1;
				$result1=mysqli_query($link,$sql1);

				// If successfully queried
				if($result1){
					$count=mysqli_num_rows($result1);
					if($count==0){
						//User doesn't already exist
						$add="CALL addNewUser('$Email', 'facebook', '$FirstName', '$Surname', 0, '', 0)";
						//echo $add;
						$result2 = mysqli_query($link, $add);
						
						//reset connection
						mysqli_close($link);
						include "../../private/db.php"; 
						
						$sql3="SELECT FirstName, Surname, DisplayName, UserID from user WHERE Email ='$User'";
						//echo $sql3;
						$resultFull=mysqli_query($link,$sql3);
					}
					else{
						$resultFull = $result1;
					}
					if($resultFull){	
						//User Exists
						//echo "ResultFull!";
						$line=mysqli_fetch_array($resultFull, MYSQLI_ASSOC);
						$firstName=$line['FirstName'];
						$surname=$line['Surname'];
						$displayName=$line['DisplayName'];
						$id=$line['UserID'];
						
						if($displayName == "")
						{
							if($firstName == "")
								$displayName=$Email;
							else
								$displayName = $firstName;
						}
						
						$_SESSION['displayName']=$displayName;
						$_SESSION['email']=$Email;
						$_SESSION['surname']=$surname;
						$_SESSION['UserID']=$id;
						$_SESSION['receiveEmail']=$receiveEmail;
						$_SESSION['GRState']=$GRState;
						$_SESSION['Loc']=$LocID;
					}
				}
							
			  } catch (FacebookApiException $e) {
				error_log($e);
			  }
			}
		}
	}
	echo "<!DOCTYPE html><html>";
	if($proceed)
	{
	echo "<head>";
    echo "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">";
	
	echo "<META NAME=\"Description\" CONTENT=\"Find great present ideas at YourNextRead! YourNextRead makes discovery and recommendation simple - all you need to get started is a book you like. Great books, connected by you...\">";

	echo "<title>Invite your Friends to YourNextRead!</title>";
	
	echo "</head>";

	echo "<body>";
	echo "<div id=\"fb-root\"></div>
	<script type=\"text/javascript\" src=\"http://connect.facebook.net/en_US/all.js\"></script>
	 <script type=\"text/javascript\">
	   FB.init({
		 appId  : '128245333876633',
		 status : true, // check login status
		 cookie : true, // enable cookies to allow the server to access the session
		 xfbml  : true  // parse XFBML
	   });
	 </script>";
	echo "<script type=\"text/javascript\">
	var obj =   new Object;
	obj.height=960;
	FB.Canvas.setSize(obj);
	</script>";
	echo "<fb:serverFbml style=\"width: 755px;\"><script type=\"text/fbml\">
		<fb:fbml>
				<fb:request-form
						action=\"http://apps.facebook.com/yournextread/\"
						invite=\"true\"
						method=\"post\"
						type=\"YourNextRead\"
						content=\"Get book recommendations from YourNextRead!<fb:req-choice label=&quot;YourNextRead!&quot; url=&quot;http://apps.facebook.com/yournextread/&quot;></fb:req-choice>\">
						<fb:multi-friend-selector actiontext=\"Invite your friends to YourNextRead!\"></fb:multi-friend-selector>
				</fb:request-form>
		</fb:fbml>
</script>
</fb:serverFbml>"  ; 
	}
	?>
  
    <iframe src="javascript:''" id="__gwt_historyFrame" tabIndex='-1' style="position:absolute;width:0;height:0;border:0"></iframe>
  </body>
</html>