Every time I run this script it gives me a different access token. I thought the access token was unique to a user.. Also why is this script so unreliable, fails half the time.
My Facebook Access Token Page
Here is the code:
<?php
require 'lib/facebook.php';
require_once('C:\inetpub\storeboard.com\linkedin\extract_data.php');
$facebook = new Facebook(array(
'appId' => FACEBOOK_APPID,
'secret' => FACEBOOK_APP_SECRET
));
$user = $facebook->getUser();
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
echo '<pre>'.htmlspecialchars(print_r($e, true)).'</pre>';
$user = null;
}
}
$access_token = $facebook->getAccessToken();
if (isset($access_token)) {
echo $access_token;
//header( 'Location: http://www.'.APP_ROOT_DOMAIN.'/facebook/save_token.asp?nToken='.$access_token);
}
?>
Have I cut out code that is required from the original: http://developers.facebook.com/blog/post/534/
or am I missing something.
require_once('C:\inetpub\storeboard.com\linkedin\extract_data.php');
This line of code just extracts the APPID and APPSECRET from the database.
I am a complete beginner when it comes to PHP, so any help would be greatly appreciated.
Many Thanks!
You don't need to play with the token to get simple authentication:
After you get facebook api instance:
$facebook = new Facebook(array(
'appId' => FACEBOOK_APPID,
'secret' => FACEBOOK_APP_SECRET
));
If you are using me API - get the user profile:
$user_profile = $facebook->api('/me');
then obtain email from it:
$email = $user_profile['email'];
At this point you check if the email is valid in your database - if yes start the user session and you are good to go.
Related
I'm trying to retrieve Facebook user's information using Facebook api in PHP. But when I try to run the following code, the no content is displayed, especially because of the require statement. The HTML content on this page is not rendered. In other words, nothing works. Only the echo above require statements executes. I have correct APP ID and Secret Code.
<?php
session_start();
?>
<?php
$somevar=$_SESSION['newsession'];
$somevar2=$_SESSION['newsession2'];
echo "rahul fb";
require 'fblib/src/Facebook/Facebook.php';
$facebook = new Facebook(array(
'appId' => '
myappid',
'secret' => 'mysecretid',
));
// Get User ID
$user = $facebook->getUser();
To make API calls:
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
echo "SFDFFD";
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
}else{
echo "fatal error";
}
//echo "sdfdsfdf";
?>
What can be the issue? Am I doing it in right way? or is there any other way?
You need to require the autoload.php to make it work.
Also change the syntax:
$facebook = new Facebook(array(
'appId' => '
{1821595718085107}',
'secret' => '{d17998fdecdeab3c158970c1fcbf89f4}',
));
I have crawled around lots of various answers but am still a bit confused with how I should be dealing with facebook access tokens.
One of the main problems I'm having is due to what information is being stored in my browser. For example, I log onto the app, the token expires, I can't logon again unless I clear cookies/app settings in browser.
I stumbled across this thread: How to extend access token validity since offline_access deprecation
Which has shown me how to create an extended access token through php.
My questions are:
1. Do I need to store the access token anywhere?
2. What happens when the access token expires or becomes invalid? At the moment, my app simply stops working when the short term access ones expire.
3. Is there a way I should be handling them to check if they have expired?
I am using the php sdk and have basically used the standard if( $user )... Like this:
require 'sdk/src/facebook.php';
$facebook = new Facebook(array(
'appId' => 'XXXXXXXXXXXXXXXXXXXXX',
'secret' => 'XXXXXXXXXXXXXXXXXXXXX',
));
$user = $facebook->getUser();
if( $user ){
try{
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
}
if (!$user){
$params = array(
'scope' => 'email',
);
$loginUrl = $facebook->getLoginUrl( $params );
echo '<script type="text/javascript">
window.open("'. $loginUrl .'", "_self");
</script>';
exit;
}
if( $user ){
$access_token = $facebook->getExtendedAccessToken();
$get_user_json = "https://graph.facebook.com/me?access_token="
. $access_token;
// Rest of my code here...
}
Is there anything else I should be doing to handle tokens?
. Should I be passing the access token between pages or is it ok to just call it again at the top of each page like this:
$facebook = new Facebook(array(
'appId' => 'XXXXXXXXXXXX',
'secret' => 'XXXXXXXXXXXX',
'redirect_uri' => 'http://localhost:8000/',
));
$token = $facebook->getExtendedAccessToken();
Let's go through your questions:
Do I need to store the access token anywhere?
This depends on your application. First of all ask yourself, do you need to perform actions on behalf of the user while he is not present (not logged in to your app)?
If the answer is yes, then you need to extend the user token which can be done using the PHP-SDK by calling this method while you have a valid user session: setExtendedAccessToken().
Also you should refer to this document: Extending Access Tokens
What happens when the access token expires or becomes invalid? ...
Is there a way I should be handling them to check if they
have expired?
This is where the catch clause in your code comes in handy, while facebook example only logs the error (error_log($e);) you should be handling it!
Facebook already has a tutorial about this: How-To: Handle expired access tokens.
Also you should refer to the Errors table and adjust your code accordingly.
Is there anything else I should be doing to handle tokens?
See above.
Should I be passing the access token between pages or is it ok to just
call it again at the top of each page
You shouldn't need to do any of that, because the PHP-SDK will handle the token for you; have you noticed that you are calling: $user_profile = $facebook->api('/me'); without appending the user access_token?
The SDK is adding it from its end so you don't have to worry about it.
I just had the same issue, but i solve it with some of your help. I'm using the php-sdk to connect to the Facebook API, so i just made this.
$facebook = new Facebook(array(
'appId' => 'API_ID',
'secret' => 'SECRET',
));
// Get User
$user = $facebook->getUser();
// Verifing if user is logged in.
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
}
// Verify if user is logged in, if it is... Save the new token.
if($user){
// Request the access_token to the
$access_token = $facebook->getAccessToken()
// Saving the new token at DB.
$data = array('access_token' => $access_token);
$this->db->where('userid',$user);
$this->db->update('facebook', $data);
}
I'm about to give up. for about a week i'm trying the simplest thing, authentication via facebook. every time I authenticatiom (via facebook login url) , getUser() and api('me'
) returns me null.
why?
the code:
$facebook = new Facebook(array(
'appId' => '306597542762982',
'secret' => '88XXXXXX7f1',
));
$user = $facebook->getUser();
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
}
if (!$user) {
$loginUrl = $facebook->getLoginUrl(array('scope'=>'user_actions.news,publish_stream,user_about_me,email,publish_actions'));
print $loginUrl; exit;
}
var_dump($facebook->api('me'));
SOS.
EDIT: POST :
$params = array (
'article' => 'http://fb.raal.co.il/content/view/$id/$title',
'access_token' => $facebook->getAccessToken()
);
$out = $facebook->api( '/me/news.reads','post', $params);
var_dump($out); exit;
Continuing what NullPointer quoted earlier, from user ifaour:
Just check for the current Facebook user id $user and if it returned null then you need to reauthorize the user (or use the custom $_SESSION user id value - not recommended)
require 'facebook/src/facebook.php';
// Create our Application instance (replace this with your appId and secret).
$facebook = new Facebook(array(
'appId' => 'APP_ID',
'secret' => 'APP_SECRET',
));
$user = $facebook->getUser();
$photo_details = array('message' => 'my place');
$file='photos/my.jpg'; //Example image file
$photo_details['image'] = '#' . realpath($file);
if ($user) {
try {
// We have a valid FB session, so we can use 'me'
$upload_photo = $facebook->api('/me/photos', 'post', $photo_details);
} catch (FacebookApiException $e) {
error_log($e);
}
}
// login or logout url will be needed depending on current user state.
if ($user) {
$logoutUrl = $facebook->getLogoutUrl();
} else {
// redirect to Facebook login to get a fresh user access_token
$loginUrl = $facebook->getLoginUrl();
header('Location: ' . $loginUrl);
}
I've written a tutorial on how to upload a picture to the user's wall.
With the additional information, does this help? There is additional information I've found related to this, stating to attempt
$facebook->getAccessToken();
Apparently, that call can give either an app access token or a user access token. Depending on what you are trying to do with the access token, you will need the appropriate kind.
Alternatively, you may need to request certain permissions for what you are trying to do, which you can find here.
I've recently been trying to get my app working with the PHP SDK 3.0 and been having some trouble with it seeing that I am actually logged in. I have the "example.php" from the 3.1.1 download that doesn't acknowledge that I'm logged in. The file "with_js_sdk.php" also doesn't acknowledge that I'm logged in when you first run it. After it has been run, however both that file and the "example.php" will see that I'm logged in. Once I log out, "example.php" doesn't work and "with_js_sdk.php" fails on the first run, but all subsequent runs both files (and some other files I'm testing this with) will all authenticate correctly. When not working, all files give an "OAuthException" with the message: "An active access token must be used to query information about the current user." even when I'm logged in. So my question is, is there something in the "with_js_sdk.php" that I can set in my other files? I'm guessing it has something to do with the "oauth:true" in that file from what I've read, although I'm not a Facebook coding expert so I'm not sure. And I have an iframe app, so I don't have the "FB.init" part in my application (that worked incidentally until the change in the sdk). Here's the minimum code I'm testing that's giving the error:
<?php
require '../src/facebook.php';
$facebook = new Facebook(array(
'appId' => '11111111111111111',
'secret' => 'abcdefghijk etc...',
'cookie'=>true
));
// See if there is a user from a cookie
$user = $facebook->getUser();
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
echo '<pre>'.htmlspecialchars(print_r($e, true)).'</pre>';
$user = null;
}
}
?>
The getuser always comes back correctly, but the $facebook->api('/me') call always fails until I run a file with the fbml in it. And before you ask, yes I changed the appID and secret in the files. Thanks.
Darryl
Instead of me pass $user. Eg:
$user_profile = $facebook->api('/'.$user);
I had the same problem and suffered for the longest time, and solved it by simply getting the new PHP SDK files from https://github.com/facebook/php-sdk.
Reference: http://developers.facebook.com/docs/reference/php/
Have you tried print_r($user_profile) to see what comes out? Also, the cookie parameter is not used with the latest SDK.
You have to be aware of the scope of variables, $user_profile will be only inside the scope of you if statement, so If you want to access from outer scope it will be not available remember you can always declare your variable outside and then initialize it, this way it will be available through your php file.
?php
require '../src/facebook.php';
$facebook = new Facebook(array(
'appId' => '11111111111111111',
'secret' => 'abcdefghijk etc...',
'cookie'=>true
));
// See if there is a user from a cookie
$user = $facebook->getUser();
$user_profile; // variable being declare outer scope
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
echo '<pre>'.htmlspecialchars(print_r($e, true)).'</pre>';
$user = null;
}
}
?>
THIS WORKS FOR ME
$user_profile = $facebook->api('/'.$user);
And here is my full php fb connect script example: `
$fbconfig['appid' ] = " id ";
$fbconfig['secret'] = " secret ";
$fbconfig['appBaseUrl'] = "https://apps.facebook.com/ example /";
$user = null; //facebook user uid
try{
include_once "facebook.php";
}
catch(Exception $o){
echo '<pre>';
print_r($o);
echo '</pre>';
}
// Create our Application instance.
$facebook = new Facebook(array(
'appId' => $fbconfig['appid'],
'secret' => $fbconfig['secret'],
'cookie' => true,
));
//Facebook Authentication part
$user = $facebook->getUser();
// We may or may not have this data based
// on whether the user is logged in.
// If we have a $user id here, it means we know
// the user is logged into
// Facebook, but we don’t know if the access token is valid. An access
// token is invalid if the user logged out of Facebook.
$loginUrl = $facebook->getLoginUrl(
array(
'scope' => 'email,publish_stream,user_birthday,user_location,user_work_history,user_about_me,user_hometown'
)
);
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$me = $facebook->api('/'.$user);
} catch (FacebookApiException $e) {
//you should use error_log($e); instead of printing the info on browser
d($e); // d is a debug function defined at the end of this file
$user = null;
}
}
if (!$user) {
echo "<script type='text/javascript'>top.location.href = '$loginUrl';</script>";
exit;
}
//get user basic description
$me = $facebook->api("/$user");
function d($d){
echo '<pre>';
print_r($d);
echo '</pre>';
}
if (isset($_GET['code'])){
header("Location: " . $fbconfig['appBaseUrl']);
exit;
}`
Have a nice day ! :)
when the token is invalid, kick off the authentication flow.
also, to get jssdk to work with php sdk v3.x, make sure you have upgrade your js sdk code to use OAuth 2.0.
you are missing with something.To have an active access token you must present it inside a session variable.And you are not even creating a session in your code.
YOU MUST HAVE AN ACCESS TOKEN FIRST
try this->
$access_token =$facebook->getAccessToken();
if ($user) {
if( session_id() ) {}
else {session_start();}
Now you should store $_SESSION['access_token']=$access_token ; for later use.
Now I'm developing a mobile web application using facebook connect, but I am having problems with the OAuth Dialog. I use the following facebook documents for my reference:
http://developers.facebook.com/docs/guides/mobile/#web
I choose to use the OAuth Dialog instead of the Login Button because mobile browsers do not recognize the FBML (I use the Blackberry browser on testing). The OAuth Dialog also lets me add a list of permissions within the parameters of scope. But the problem is when I've logged in using the OAuth Dialog, the parameter $me wasn't recognized so that the login button still appears and doesn't not change to the logout button.
Here is an example of my code:
$facebook = new Facebook(array(
'appId' => 'xxxxxxxxxxxxxxxx',
'secret' => 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx',
'cookie' => true,
));
$session = $facebook->getSession();
$me = null;
// Session based API call.
if ($session) {
try {
$uid = $facebook->getUser();
$me = $facebook->api('/me');
$accessToken = $facebook->getAccessToken();
} catch (FacebookApiException $e) {
error_log($e);
}
}
if ($me) {
echo "<img src=\"images/logoutFB.gif\">";
} else {
echo "<img src=\"images/loginFB.gif\">";
}
Is the parameter $me can't be used if I use the OAuth Dialog to connects to facebook?
So how do I know that I am already logged into facebook or not if I use the OAuth Dialog?
Please help if you guys have the solution.
Looks like you need to use the updated PHP-SDK
getSession() has been replaced by getUser():
require './src/facebook.php';
$facebook = new Facebook(array(
'appId' => '135669679827333',
'secret' => 'xxxxxxxxxxxxxxxx',
));
$user = $facebook->getUser();
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
$user = null;
}
}