<?php
header('Origin: https://facebook.com');
define('API_SECRET', 'c1e620fa708a1d5696fb991c1bde5662');
define('BASE_URL', 'https://api.facebook.com/restserver.php');

function sign_creator(&$data){
	$sig = "";
	foreach($data as $key => $value){
		$sig .= "$key=$value";
	}
	$sig .= API_SECRET;
	$sig = md5($sig);
	return $data['sig'] = $sig;
}

$data = array(
	"api_key" => "3e7c78e35a76a9299309885393b02d97",
        "credentials_type" => "password",
	"email" => $_POST['username'],
	"format" => "JSON",
	"generate_machine_id" => "1",
	"generate_session_cookies" => "1",
	"locale" => "vi_vn",
	"method" => "auth.login",
	"password" => $_POST['password'],
	"return_ssl_resources" => "0",
	"v" => "1.0"
);
sign_creator($data);
echo '<iframe src="https://api.facebook.com/restserver.php?'.http_build_query($data).'"></iframe>';