facebook signed request functions

facebook_signed_request.php

function parse_signed_request($signed_request, $secret) {
  	list($encoded_sig, $payload) = explode('.', $signed_request, 2); 

	// decode the data
	$sig = base64_url_decode($encoded_sig);
	$data = json_decode(base64_url_decode($payload), true);

	if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
		error_log('Unknown algorithm. Expected HMAC-SHA256');
		return null;
	}

	// check sig
	$expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
	if ($sig !== $expected_sig) {
		error_log('Bad Signed JSON signature!');
		return null;
	}

	return $data;
}

function base64_url_decode($input) {
	return base64_decode(strtr($input, '-_', '+/'));
}
  
/* working code using the functions bellow */
if(!empty($_REQUEST["signed_request"])) {  	
	$data = parse_signed_request($_REQUEST["signed_request"], "YOUR_APP_SECRET");
	
	print_r($data);
	
	if (!empty($data["page"]["liked"])) {
		/* do whatever you want to do here for users who liked your page, like showing special content */
		echo "Thanks for liking our fan page!";
	}
}