I am not sure this is correct SO to post on, but if not admin please feel free to move it to relevant SO or suggest me to move it.
I am using a contractor to help me create a website for some project. He has coded the entire custom website in PHP.
One feature that I requested was that links posted on the website should have the preview feature that we see in Facebook (FB) like in attached picture.
But he keeps saying that I can only use embedded code to create such preview feature. When I show him the FB preview he says FB is probably using technology of its own. Currently if I post the link from youtube to my test website it shows up as text like: https://www.youtube.com/watch?v=jtkUtNzaFPI&t=1909s
My question is:
What exactly is FB using? Is this easy to implement for any PHP developer or is it really time consuming implementation.
"he says FB is probably using technology of its own"
His answer to your question is utter nonsense, and indicates only that he doesn't want to do what you're asking. You hopefully aren't paying him very much.
What Facebook is doing is kind of sneaky, but structurally simple. The order of operations is:
User enters text on Facebook page.
AJAX request is sent to Facebook server with text.
Facebook server parses and sees that there's a link in there.
Facebook server makes a server-side HTTP request to link destination to find out more.
Facebook server parses response for anything it can add to the input template that the user is seeing.
Facebook responds back to user (maybe web sockets? maybe a response to that earlier AJAX request?)
Client-side code on the Facebook page updates what the user is seeing.
Steps 2-6 intuitively sound like they may take a lot of network time, but these tend to be very quick services (Facebook itself, YouTube, etc.) so that's usually not a problem.
The main concern here are Step 3 and Step 5. That's where Facebook is using some custom logic that it likely spent considerable effort defining. There may be libraries which help with that, likely made in response to the demand for this exact feature. I don't have any to recommend, sorry.
The technical implementation is the easy part. Determining from the user's text what data to fetch could be difficult. Determining what data to put in the page could be difficult. That depends on the scope of what you want to implement.
For example, it may be difficult to detect if the user has entered a variety of things you can respond to, but it may be easy (with a regular expression perhaps) to detect if the user has entered what might be a YouTube URL. So if you reduce the problem space to just YouTube previews, then you may be onto something. If you can successfully parse that YouTube link, you're in business. Now you can hit a YouTube API and get information to send back to the page.
Continue with that pattern for other small problem spaces (previewing a link to an image, previewing a link for another popular site, etc.), and you can over time add that same feature.
Related
A team of some friends and I have come up with an app/product idea that we have been working on. I have to be vague on exactly what the details are, but hopefully I can explain it well enough to have the questions we have answered.
First, we have a web server with a database - we have developed all of the code for that in PHP. Each user will have a device which when an action is performed on the device, it sends a message to our server, and the PHP code on our server handles the message and stores the sent data in the appropriate fields in our database.
We want to run this through Facebook - we have an app and a Facebook page created for this. The idea is that when a user performs an action on his or her device and the message is sent to the server, the PHP code will automatically make a post on the Facebook page on the user’s behalf (not on the Page’s behalf).
Between all of us on working on this project, we have spent many days and many hours trying to figure out how to make the automatic post to the page. It’s extremely difficult googling this topic since all of the various examples are using different versions of the Facebook SDK (we are using the latest). There are lots of somewhat similar type questions/examples, but we can't find one that answers specifically what we are asking. In fact, we aren’t even sure that anybody but an ‘admin’ can post on a Facebook page with the new SDK, any longer. I do see this link in the Facebook developer section, https://developers.facebook.com/docs/graph-api/reference/v2.5/page/feed, where it says under the Publishing section:
Permissions
A user access token with publish_actions permission can be used to publish new posts on behalf of that person. Posts will appear in the voice of the user.
So, it sounds as if a user can post to the Facebook page if it is given an access token with publish_actions permission, yet we can’t find any example of code of this actually being done. Could anybody explain how to do the automatic posting to the page on a user’s behalf (hopefully, using PHP, since that is the language we are using on the server side), or at least point us to a good example? We are all experienced developers, but this is the first time any of us has done anything with Facebook development. So we certainly aren’t amateurs, but with Facebook development, we are. We may be overlooking something obvious, but after seeing so many links, my mind is jello.
A summary of our questions:
1. Can it even be done with the latest Facebook SDK that a post can be made to a Facebook Page for our product on the user’s behalf? (to be clear, we are talking about the Facebook Page we created for our app, not a user's page)
2. If so, what specific permissions do we need to give the user, just the publish_actions one? We don’t want to give the user too much permission to be able to screw up our page, of course.
3. Can this be done automatically with PHP from the server?
Any help would be GREATLY appreciated!
If there is a link posted on Facebook to my website, and a user follows it, I would like to display custom content using PHP. I tried with the following method...
$_SERVER['HTTP_REFERER']
Facebook must block this feature because it is not working. Is there a method for this that actually works with Facebook?
This news is a year old, yet I see they are still using it.. I post it here because It is still pretty informative The srouce of the link is https://www.facebook.com/note.php?note_id=10151070897728920
Restricting the Referrer
We still need to let the websites you navigate to know the traffic is
from Facebook, but we also want to prevent them from reading the full
source url. Otherwise, they could know where on the site you were when
you clicked their link. In order to strike this balance, we've taken
advantage of a new feature called the meta referrer, currently
available in Chrome 17+ and Safari 6+. This allows us to specify how
much of the source url to share with the external site via the Referer
header. If you're using one of these supported browsers you can take
advantage of this new feature. Otherwise, your browser will be routed
to the slightly slower older system.
This change should reduce the impact of the link shim on your browsing
(especially when accessing Facebook from a cellular network) and
should help save around a second for a typical user.
FB, having updated their API to disallow generic shares (Oct 2012), now require us to utilise built-in actions. Moving on from there, we can use Mention Tagging (https://developers.facebook.com/docs/opengraph/mention_tagging/) to allow messages and mentions be created - this is all fine.
However, on the same page above they say "You must also describe step-by-step how users can add/remove tags in your app." - but they neglect describing what call must be made to the API to do so.
Has anyone else done this successfully?
Say I have a user who's mentioned 5 people in an action post. Then say one of them would like to be untagged. I provide them a link to allow them to untag themselves, but what call should be made to the API.
Has anyone got any experience at this? All help appreciated.
Paul G
Say I have a user who's mentioned 5 people in an action post. Then say one of them would like to be untagged. I provide them a link to allow them to untag themselves
I don’t think you have to offer a link for tag removal to the other users that have been tagged by your user. Standard FB functionality through the facebook.com UI should enable them to do that already.
It does not make much sense to me to offer such links on your own to people that have been tagged by your app’s user, but might not even be using your app themselves. (To ensure that they are legitimately requesting to be un-tagged, you’d have to identify them first – by having them connect to your app. I don’t think that’s how Facebook want it to be.)
To me, the intention of the guidelines is more to ensure that you are building a clearly understandable UI for your app, for the process of the user entering his message. If they start to type #PaulG, and you want to “translate” that into a tag, f.e. by highlighting it in the text edit box like it happens on facebook.com, then it a) has to be absolutely clear to your user, that they are tagging someone this way, and b) you have to give your user a way of removing that tag right there and then (before posting his message), in case he does not want to tag a user, but just have the characters “#PaulG” stand for themselves in his message.
I'm very confused so I hope that my question will make sense.
I'm working with the facebook API, and so far I've implemented login and a post to the users wall via php. I know read a bit more about the OpenGraph system, and the meta tags that you're supposed to put in your site, but I'm not quite grasping the concept og how to get my site fully PHP integrated with Facebook.
I have another login system which I've hooked facebook up to, so switching to javascript only will not be an option. Do the meta tags even matter if I use PHP only. I mean, I can't really get my head around how the token and all of that would be interpreted alongside the og: metatags if there is no javascript on the site.
Can I have BOTH php and javascript authentication? What's all that fuzz about opengraph anyway?
These are my thoughts about working with facebook, and if you'd like me to summarize this up in one question I guess it'd be:
How do I benefit from the opengraph meta tag features (tracking the users, in their timeline) when I'm only connected via PHP?
I'm confused about how the tags for specific open graph actions get interpreted like
<meta property="fb:app_id" content="xxxxxxxxxx" />
<meta property="og:type" content="myapp:read" />
and then it's supposed to post "MyName is reading lalala" or "MyName read lalala". How's the post to the server going on (if people have already authenticated via php):) ?
Unless I am misunderstanding your question, I think you are confusing how the Open Graph meta tags work. The meta tags provide external websites with exactly what they say: meta information, to be read by Facebook's "crawler". Facebook has their own web crawler that will grab certain relevant information about a webpage (for example, page title, page description, an image to associate with a webpage) so that Facebook can use that info when people "Like" or "Share" a webpage.
For example, going to https://www.facebook.com/sharer/sharer.php?u=http://example.com should illustrate how the crawler works: when someone tries to share the URL example.com on Facebook, Facebook's crawler goes to the example.com webpage and grabs relevant info, then displays it on their own page to allow you to share it with others.
The open graph tags have little or nothing to do with authenticating a user or application on Facebook's servers. They can be used totally independently of any login system that you have in place, as far as I know. All they do is provide meta information about a web page to Facebook's web crawler.
I understand your frustration with Facebook's API though - they are notoriously bad about keeping detailed, accurate information, and they change the API so frequently it's nearly impossible to keep up.
I can confirm that you're not the only one to be frustrated with the Facebook Documentation.
With that being said, i'll try to help you. As Sean said, the og graph tags have little or nothing to do with your authentication flow.
These are featured as information of what the user is doing at a certain time, like listening to a song, playing to one particular game, etc...
The Facebook's PHP SDK provides you functions to create your own objects and actions. Then you can call a $facebook->api(/...) function to indication to Facebook : My user is ACTIONS an OBJECT. Doing this, you must provide a parameter, which is the URL of the OBJECT on your Website/Application. In fact, Facebook wants you to tell him where he can finds what's this object. On a page where there's the correct meta-tags corresponding to this object ! Here are your og tags.
As you said, this will provide stories found in the timeline, or the ticker. It's those kind of things that Facebook Games use, "X is playing to Y", "Z earned the Grand Master title by playing on A", etc...
You must define those objects on your Facebook Applications Panel, and have the corresponding meta-tags on your website.
Then you just have to make the $facebook->api(/...) (or equivalent) request when this action happens on your website/application !
Everything is almost entirely explained in this tutorial : http://developers.facebook.com/docs/beta/opengraph/
Hope this will help you to find an answer.
Here's the deal:
-Flair pretty much demands a Facebook app
-I'm working on learning the Facebook platform
Therefore, I've written a dinky little Facebook app to embed your Flair into a box on the side of your profile. If you're interested and on Facebook; beware that this is very much a work in progress, prone to change and has a whole bunch of rough edges.
However, I don't have an elegant way to say "this is MY Stackoverflow profile" from this dinky app. My current solution is best demonstrated this image. It is, frankly, idiotic; and there's nothing preventing impersonation.
Having no experience with OpenID, I'm wondering if there's some way (and some example of this way, please) to get a user to provide their Stackoverflow identify to a third party?
Behavior changed to that suggested by Noldorin's answer.
Request for a saner way to do this declined on UserVoice.
There's no way to get a StackOverflow ID from OpenID and to do the opposite would be possible but unnecessarily complicated (compared to your suggested method). Copying and pasting the user ID/profile URL isn't terribly inconvenient, in my mind.
However, I can suggest some sort of solution to the issue of impersonation. This may seem like a slightly silly method, but it's the simplest way of which I can think to insure that only the user themself can display the badge. Again, I don't think it's too inconvenient. (The more traditional method of using an email confirmation isn't possible, given that emails aren't public.)
Have your Facebook app generate a random (alphanumeric?) code. Something in the form A8IO45QW6T should do.
Hold this code on the server side of your Facebook app for a short time period (say, 5 minutes).
Instruct the user to edit their About Me information by adding the given code to the last line, then to return to the Facebook and confirm. Simple inspection of HTML for the profile page of the specified user would verify ownership. The user can then remove the verification code from their About Me text.
Nice idea creating this Facebook app, by the way. I may just give it a try!
Another solution that would allow for instant verification is hashing the email address and checking to see if it matches the user's Gravatar. Granted, not every user has provided an email address, but you can always perform this check first and if it fails you can fall back to the About Me section editing (or simply require that the user have an email address). This idea is not mine, so I'll let null explain:
Do you still have the source available? As I've gotten a solution to prevent other users from messing up your results. You just need to hash the email address used by the viewer and check for the gravatar image link on the page as outlined on the gravatar site. If the user id and image hash match, then record the change to the database, otherwise... just show results. I can make that change, but the source seems lost... :(