We Keep Coding

How to get a list of facebook users that also use my app with Laravel socialite?

Like the title says, I have currently implemented a socialite login on my website but I don't know exactly how to get a list of user friends that also use my app when a user logs in.
The socialite documentation states the following code example to change the "scope". I've read somewhere else that you are suppose to use this?
return Socialite::driver('github')
->scopes(['scope1', 'scope2'])->redirect();
Nowhere does it state in the socialite github readme what scope means in this case though. Is this simply a social media api thing? Hopefully somebody can help me out.
It also states that setting up a scope with override all existing scopes, what are the default ones to begin with?

The snippet of code you've provided is indeed correct. By defining your scopes like that, the user get's an overview of the permissions you require. They see this when loggin in to your application via Facebook.
To answer your main question: I don't think Facebook allows you to get a full list of people who use your app. (At least not with their names)
If you just need a number, you should read the docs.
I'm not entirely sure about this, so please correct me if I'm wrong.

CakePHP - combine ACL with REST API

i created an application with some models, after that, i used ACL and created some ACOs to protect my Application.
Now i wanted to add a RESTful API to my application, so i edited routes.php with something like that
Router::mapResources('routes');
Router::parseExtensions();
this also works fine, for example going to http://localhost/myapp/routes.json gives me a json object of my routes if i'm already logged in
shure, somebody cannot do a login with a web-form when he is using my API, so i want to know if it is possible to send the regular login informations with the request using REST Auth Basic (or Digest) and use the working ACL in my App to authenticate and show the result object (or if its wrong, send the right header)
any ideas?
if something is unclear, PLEASE leave a comment
i used the newest cake php version 1.3.3

If you look at other API based services, usually they use token to identify user. For example if there is username matt and he has token 123456, you can give him access to url http://localhost/myapp/123456/routes.json. Then, in your controller, you can authenticate the user by using token.

http digest authentication is possible when javascript is used to handle the authentication process, non-javascript clients default to having the standard popup.
Probably they won't mind though.
Info found at http://www.peej.co.uk/articles/http-auth-with-html-forms.html :
The main reason people walk away from
using HTTP authentication is that they
want control over the look of the
login form and most browsers display
an awful looking dialog box. So what
we need is a way for HTML forms to
pass HTTP auth data when it's
submitted. The HTML spec provides HTML
forms as a way to create queries and
to POST urlencoded data to a URL, but
can we subvert it?
It comes with a warning :)
Warning: The solution outlined in this
article is experimental and might be a
complete lie, be warned that your
mileage may/will vary.

what are best practices on asking user to add the facebook app to their page?

Hello I am looking for a best way to ask/forward user so he/she adds my app to their page
one way is to make them follow the link
http://www.facebook.com/add.php?api_key=[your
application api key]&pages
(http://www.facebook.com/add.php?api_key=1fc2946c634702dfc75cce79c97c8cec&pages -real life example)
wrapping up the question: as facebook has made a lot of changes maybe the above method is the outdated one(though it is supported), and is there are any more ways to get same result?

This is still the best/official method. So long as the API key is valid and you pass the pages flag (blank value) it will prompt a user to add it to their pages, and will give them an option to select which page to post to (if they have more than one page with admin access)

.htaccess twitter or facebook URL naming convention

For my Social Networking Site, I would like to build a facebook, or twitter similar URL rewriting naming convention.
Using Twitter as an example, they have pages labeled twitter.com/about and another page labeled twitter.com/{$username}
However, how do you differentiate between say a user who has registers on to our site as "about" then. From this we are going to have a server conflict between the user "about" and the page about.
What is the best way to handle this?

Usually, you'll see this implemented so that conflicts are not possible. For instance, you could camp all users inside a virtual /users directory, or a subdomain: mysite.com/users/msilvis, or users.mysite.com/msilvis.
I would not recommend that you make all users accessible via the root directory of your site, because this could potentially restrain you from adding pages. For instance, suppose you do not have yet an "about" page, but a user registers and calls itself "about"; you're screwed.
If you still choose to do so, before registration, try an HTTP request to your website to the page the user would have. If you don't get a 404, then something already has that name.

What our final decision came down to, was upon requesting a page on our server mysite.com/user, it first checked to see if that was a page, if it IS NOT a page, it assumes that it is a user, in which case it checks to see if that user is an object, if it is not then it gets passed to our 404 page.
So ontop of this, we are going to use the HTTP request like you mentioned earlier, and then if some how user "about" still signs up which we now have a page for, essentially sucks to be him because he is not going to see his page.

I would restrict the ability for someone to create a username that would conflict with existing urls.

If you're still in the early stages of development, you could look at the Kohana PHP framework. It's routing features solve the problem highlighted by zneak and dd, you would simply define in your routes that http://yoursite.com/about would point to a particular controller/action, i presume you're using the MVC design pattern considering you want a twitter like url structure.
Hope that helps!
EDIT: I forgot to mention that this doesn't stop people from signing up as about, it would just prevent the rest of the world from being linked to that persons page, in order to prevent them you'd need to employ some kind of validation against your core pages aka about, contact ect.

PHP code to restrict member access by permissions

I am building a website in PHP & mySQL. It has frontend and backend capabilities. Only admin can enter the backend by means of username and password. Now if the admin wants to add other sub-admins to the website, he could do so. By this method, a sub-admin will be able to login and perform all actions that the original admin is able to do.
WHAT I WANT TO DO:
I want to restrict the access of the sub-admins at my choice and assign them permissions so that they are able to access only certain portions of the admin panel.
EXAMPLE OF THE FEATURE THAT I AM TALKING ABOUT:
Consider that I have the following links accessible by original admin.
1. Add articles 2. Approve articles 3. Delete Articles 4. Add User 5. Edit user 6. Delete User 7. Change site settings 8. View Financial info 9. Mail center
If I do not set any permissions, then all sub-admins will be able to access all of above links. Say I create 2 sub-admins 'David' and 'Bob'.
Now I want David to access only the following desired sections of the backend:
Add articles, 4. Add User, 7. Change site settings
Now I want Bob to access only the following desired sections of the backend:
Add articles, 2. Approve articles, 3. Delete Articles, 4. Add User, 9. Mail center
I, being the original admin, should be able to access all sections whereas, David and Bob, should be able to see & access only the links and pages (or functionality) that have been assigned to them. I don't have a clue as to how to do this. Also, for example, if I want to restrict a sub-admin to access only 'Add articles' page, then I also want him to access the page that it posts to (considering that the input is on Add articles page) add_articles_next.php page. Also note that 'add_articles_next.php page' does not appear anywhere in the list of links. It is merely a page that is posted to from the page to which the sub-admin has access.
I understand that there is no way for the system to know that unless I explicitly specify it, but yes, that's my question. How to do it? I am not a object oriented person, so PHP code using functions will be great for me.
OTHER LIVE EXAMPLES OF THE FEATURE THAT I AM TALKING ABOUT:
I came across a feature while researching this topic. Click here to visit it. This looks like somewhat similar feature.
Thank you all in advance for any code that you can give me.

This has been asked a number of times before on SO. The keyword to search for is Access Control Lists (ACL). One of the most prominent PHP solutions for ACL is Zend_ACL. It's very generic and should enable you to customize it to your needs.
Edit regarding your comment about object oriented libraries:
Finding an ACL solution that is not object oriented is going to be very, very difficult as there are very few good ACLs for PHP on the market (Zend is about the only one I know, really) and most modern applications are taking a more or less object oriented approach. But don't worry, check out the tutorials. I think you will have no problem using Zend_Acl in a function oriented app. You will need to talk to the ACL via OOP, but that's easy. I don't think you'll have to change your app much. Give it a try, and on a general note, basic OOP isn't difficult to learn. Just give the "Classes and Objects" chapter in the PHP manual a good read.