I am using the following code to get Data on the logged Facebook user for my codeigniter application.
require_once('facebook-php-sdk/src/facebook.php');
$facebook= new Facebook(array(
'appId' => $this->config->item('app_id'),
'secret' => $this->config->item('app_secret'),
'allowSignedRequest' => false,
));
$_REQUEST += $_GET;
$user = $facebook->getUser();
if ($user) {
try {
$user_profile = $facebook->api('/me?fields=picture.width(100).height(100),first_name,last_name,username,email');
} catch (FacebookApiException $e) {
$user = null;
}
} else {
$login_url = $facebook->getLoginUrl(array(
'scope' => 'email'
));
echo 'Please login.';
}
This works and returns me the user's Facebook data, and if no user is logged in it provides the login link.
In the login link I ask for email permission as I need to collect these for communication. When the user logs in with the login link in the else clause, I successfully get the user's email address.
However I want to launch this application in a Facebook page tab using Woobox. Therefore the user would usually always be logged into their account. But the login to get email permissions is in the else statement if the user isn't logged in.
How do I ask for email permissions for an already logged in user, without haveing them login again?
How can I make it so that if the user is already logged into facebook, that the auth box asking the user for permissions comes up, where they can click ok to continue and authorize, rather than the login button.
Related
I have a problem with my logging into my Facebook application.
When I click "login" I get redirected to Facebook to accept the permissions then Facebook redirects me back. But it doesn't change anything. The URL down is dynamic generated. When I try the same script on an other URL that's not dynamic it's work.
Here is the URL there i try to perform a login.
http://www.testaiq.se/test_592.html
What could be the problem? PHP is behind the URL over here.
require_once("facebook/facebook.php");
// Creating our Application instance (replace this with your appId and secret).
$facebook = new Facebook(array(
'appId' => 'XXX',
'secret' => 'XXX',
));
// Getting User ID
$user = $facebook->getUser();
// Get Access token
$access_token = $facebook->getAccessToken();
// We may or may not have this data based on whether the user is logged in.
//
// If we have a $user id here, it means we know the user is logged into
// Facebook, but we don't know if the access token is valid. An access
// token is invalid if the user logged out of Facebook.
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
// Retrieving user's friend list using fb graph api
$user_profile = $facebook->api('/me','GET');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
}
// Login or logout url will be needed depending on current user state.
if (!$user) {
$loginUrl = $facebook->getLoginUrl(array(
'scope' => 'user_likes'
));
}
This code is used to get facebook data from users of my codeigniter application that I would be launching in a facebook page tab.
require_once('facebook-php-sdk/src/facebook.php');
$facebook= new Facebook(array(
'appId' => $this->config->item('app_id'),
'secret' => $this->config->item('app_secret'),
'allowSignedRequest' => false,
));
$_REQUEST += $_GET;
$user = $facebook->getUser();
if ($user) {
try {
$user_profile = $facebook->api('/me?fields=picture.width(100).height(100),first_name,last_name,username,email');
} catch (FacebookApiException $e) {
$user = null;
}
} else {
$login_url = $facebook->getLoginUrl(array(
'scope' => 'email'
));
redirect($login_url, 'refresh');
}
I want it so that if the user is already logged into facebook that when they open the tab to use the app, instead of being asked to log in, that the dialog box come up asking for permissions. I need email permissions.
How do i skip the login to get permissions step if a user is already logged into Facebook, and just have the dialog box appear asking for permissions?
I'm using Facebook Connect (PHP SDK) in my website.
I have 2 kind of users to sing in new user in my website (Premium User and Normal User) and I want to offer Facebook Login to both insted fill new form.
If the user login with Facebook, but doesn't have a record in database, I have to do it, using its Facebook email. Premium Users are recorded in table1 and Normal Users are recorded in table2.
The question is: how can I dettect what user logged with Facebook to check if it's already recorded in its table (in Facebook returning page)?
Just to clarify: I have two forms (one for Normal User and another to Premium User), and each form has a Facebook Loggin button.
Thanks.
Question solved!
require "facebook/src/facebook.php";
$facebook = new Facebook(array(
"appId" => "xxxxxxxxxxxxxxxxxxxx",
"secret" => "xxxxxxxxxxxxxxxxxxxx",
));
$user = $facebook->getUser();
if ($user) {
try {
$user_profile = $facebook->api("/me");
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
}else {
$facebook_url_user_premium = $facebook->getLoginUrl(array(
"scope" => "email",
"redirect_uri" => "https://URL"
));
$facebook_url_user_normal = $facebook->getLoginUrl(array(
"scope" => "email",
"redirect_uri" => "https://URL"
));
}
So you call the correct $facebook_url.... variable in each Facebook Login button.
I have this facebook app to show fb notifications in my website. Then i had this problem, Assume two users Alice & Bob. Alice is my website's regular user and she recommended it to Bob. She made him register on to my site from her own laptop. When bob tried to add the app, Alice's fb notifications shown up. Actually when Bob clicked the login link, since alice was already logged onto facebook it just pulled her details (same session), how to tackle this situation, Do we have to make Alice logout from facebook and make Bob login, Something like "Alice already logged in, sign in as a different user", Could somebody please suggest some solutions and how to do it.
The following is the piece of code am using for login
require_once('sdk/src/facebook.php');
$facebook = new Facebook(array(
'appId' => 'xxxxxxxxxxxxxxxx',
'secret' => 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx',
'cookie' => true
));
// Get User ID
$user = $facebook->getUser();
// Login or logout url will be needed depending on current user state.
if ($user) {
$logoutUrl = $facebook->getLogoutUrl();
} else {
$loginUrl = $facebook->getLoginUrl();
}
//check permissions list
if ($user) {
$permissions_list = $facebook->api('/me/permissions','GET', array('access_token' => $access_token));
//check if the permissions we need have been allowed by the user
//if not then redirect them again to facebook's permissions page
//
$permissions_needed = array('manage_notifications','publish_stream', 'read_stream');
$login_url_params = array(
'scope' => 'manage_notifications,publish_stream,read_stream',
'fbconnect' => 1,
'display' => "page",
'next' => 'http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']
);
foreach($permissions_needed as $perm) {
if( !isset($permissions_list['data'][0][$perm]) || $permissions_list['data'][0][$perm] != 1 ) {
$login_url_params = array(
'scope' => 'manage_notifications,publish_stream,read_stream',
'fbconnect' => 1,
'display' => "page",
'next' => 'http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']
);
$login_url = $facebook->getLoginUrl($login_url_params);
echo $login_url;
header("Location: {$login_url}");
exit();
}
}
//if the user has allowed all the permissions we need,
//get the information about the pages that he or she managers
$accounts = $facebook->api(
'/me',
'GET',
array(
'access_token' => $access_token
)
);
}
else {
//if not, let's redirect to the ALLOW page so we can get access
//Create a login URL using the Facebook library's getLoginUrl() method
$login_url_params = array(
'scope' => 'manage_notifications,publish_stream,read_stream',
'fbconnect' => 1,
'display' => "page",
'next' => 'http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']
);
$login_url = $facebook->getLoginUrl($login_url_params);
//redirect to the login URL on facebook
$facebook_login = $login_url;
echo "<a href='$login_url'>Login Facebook</a>";
The best thing to do would be the following:
When a user comes to your site, detect whether they are logged into Facebook and whether they are auth'd for your app using the Javascript SDK and the FB.getLoginStatus method.
If they aren't auth'd, prompt them with the Permissions dialog and encourage them to sign up.
If they are auth'd and logged in to FB, then automatically log them into your website. To avoid the Alice/Bob confusion, show an indicator somewhere on your website that they've been logged in as "Alice" and maybe have a link underneath that says 'Not you? Click here to login as someone else' or similar
If they click on this link, or they click on a Logout link on your site call the FB.logout method in the Javascript SDK which will invalidate the current access token for that user but also log them out of Facebook.
Then, you can push them back to the login/registration page after this and they will be prompted to login to their Facebook account.
As far as I know, the new user has to log the previous user out of Facebook and log him or herself in first.
We have no control over the login/auth popup nor the locally stored Facebook session data so when Bob hits login and sees Logged in as Alice (Not You?) he's just supposed to hit 'not you?', which will log Alice out of Facebook and prompt Bob to login and then authorize. This is problematic though because when Bob leaves and Alice goes to Facebook.com she will be logged into Bob's account.
One possible solution is to grab the current logged in user's name and profile picture, and to display it next to the Login with Facebook button. That might help clarify things to the user. You should be able to display this info without being authenticated and could even provide your own link to log out of Facebook.
I'm tired of digging through tons of tutorials/documentations which don't help me at all.
What I have now (everything is placed inside admin control panel):
If user is logged on correct account (administrator of page with granted rights), everything works fine, post on page is posted as impersonated site.
If he is logged on other account, nothing happens. Site redirects him to his wall.
If he isn't logged on any account, he's redirected to facebook login - if he logs onto correct account, he returns to acp (it's bad solution, because it'll clear his form)
I want to achieve:
If logged in, everything as it was
Else popup with login to specific (correct) account
At the moment I'm using only PHP, but solution with JS is permitted.
My code:
<?php
/*(...)*/
$facebook = new Facebook(array(
'appId' => $apiid,
'secret' => $secret,
'cookie' => true,
));
$session = $facebook->getSession();
$me = null;
if ($session) {
try {
$uid = $facebook->getUser();
$me = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
}
if($me) {
//In order to post to the page later on we need to generate an Access Token for that page, to do this we get me-accounts in the following api call
$accounts = $facebook->api('/me/accounts');
//Loop through the array off accounts to find the page with a matching ID to the one we need
foreach($accounts['data'] as $account){
if($account['id'] == PAGEID){
$ACCESS_TOKEN = $account['access_token'];
}
}
}
$message=$data['facebook_text'];
$attachment = array(
'message' => $data['facebook_text'],
'name' => $data['name'],
'description' => '',
'link'=>$someurl,
'access_token' => $ACCESS_TOKEN
);
if($image_url != NULL) $attachment['picture'] = $image_url;
try {
if($facebook->api('/PAGEID/feed', 'post', $attachment))
{
//other stuff
}
} catch (FacebookApiException $e) {
error_log($e);
//other stuff
}
}
else
{
$login_url = $facebook->getLoginUrl();
header("Location: $login_url");
exit;
}
/* (...) */
?>
Solution can't redirect anywhere, because it's inside form, so all data'll be lost.
I'm not really sure I understand what you want to do here, but this is what I use in a similar situation:
$session = $this->get_admin_session_of_page ($page_id);
$session = unserialize ($session);
$facebook->setSession ($session, false);
In the facebook php SDK there is a method to manually set the session, setSession. I save the page admin user session in DB with serialize, with the offline access and manage pages permission. Then when you need some admin privileges for the application you just unserialize it, and then use setSession. The second parameter is set to FALSE, so that this session is not saved in a cookie and logout the current user.
This way it's not important who is logged in, the work is always done as an admin of the page. I think this is safe to use in an automated script, for example to upload a user photo in a page album.
Of course, you must use caution with this if it gets more involved then that, or implement your own security.