We are stuck into a scenario where the Facebook app we just finished building has to reside inside of a parent iFrame. (This was an unknown to us until now)
We are wondering if there is an way to easily build the PHP Facebook Object and the JavaScript Facebook Object by only using the 'signed_request' token.
If not, would it make any sense to try and get the parent iFrame to send us the facebook cookies somehow and us setting those same cookies and then trying to build the objects?
Any help on this would be extremely appreciated as we are stuck very few days before launching.
The Facebook object is constructed locally. It desn't even need a signed_request.
I believe it will be enough to pass the signed request as $_GET parameter to internal frame so Facebook class can pick it from there:
public function getSignedRequest() {
if (!$this->signedRequest) {
if (isset($_REQUEST['signed_request'])) {
$this->signedRequest = $this->parseSignedRequest(
$_REQUEST['signed_request']);
} else if (isset($_COOKIE[$this->getSignedRequestCookieName()])) {
$this->signedRequest = $this->parseSignedRequest(
$_COOKIE[$this->getSignedRequestCookieName()]);
}
}
return $this->signedRequest;
}
setAccessToken is a public function, so it would be no problem to use it as well if you need an access token.
Sadly I'm not good enough to give you an advice for JavaScript :(
Related
Im looking for an elegant way to hand over data/params when using $f3->reroute();
I have multiple routes configured in a routes.ini:
GET #sso: /sso/first [sync] = Controller\Ccp\Sso->first, 0
GET #map: /map [sync] = Controller\MapController->second, 3600
Now I reroute(); to #map route, from first();
class Sso {
public function first($f3){
$msg = 'My message!';
if( !empty($msg) ){
$f3->reroute('#map');
}
}
}
Is there any "elegant" way to pass data (e.g. $msg) right into $MapController->second(); ?
I don´t want to use $SESSION or the global $f->set('msg', $msg); for this.
This isn't an issue specific to fat-free-framework, but web in general. When you reroute, you tell the browser to redirect the user's browser page using a 303 header redirect code.
Take a minute to read the doc regarding re-routing: http://fatfreeframework.com/routing-engine#rerouting
There seems to be some contradicting information in your question, which leads me to question the purpose of what you are trying to achieve.
If you are rerouting, you can either use the session, cookies, or use part of the url to pass messages or references to a message.
If you do not need to redirect, but just want to call the function without changing the passed parameters, you could abstract the content of the function and call that function from both routes. You could also use the $f3 globals, which are a great way of passing data between functions in cases where you don't want to pass the data using the function call. is there a reason why you don't want to to use this? The data is global for the single session, so there is no security concern, and the data gets wiped at the end of the request, so there is very little extra footprint or effect on the server.
If you're alright with not using #map_name in re-routes you can do something like this:
$f3->reroute('path/?foo=bar');
Not the prettiest I'll admit. I wish $f3->reroute('#path_name?foo=bar') would work.
I've been looking around at similar topics on REST APIs but I am still having some confusion in my project, mostly with the PHP side of things.
USPS provides a REST API with functions that can be called via URL like this: https://epfws.usps.gov/ws/resources/epf/login
To make any call successfully, I have been told that a JSON object must be created and passed as a "POST parameter" with the expected values.
This is the JSON object that needs to be passed in this case:
obj=
{
"login":"loginExample",
"pword":"passwordExample"
}
I have also been given a PHP class that is supposed to manage these calls. This is the login function:
public function login ()
{
// Set up the parameters for a login attempt
$jsonData = array(
'login' => $this->loginUser,
'pword' => $this->loginPass,
);
// Make a login request
$jsonResponse = $this->pullResource
('/epf/login', 'POST', $jsonData);
return $jsonResponse;
}
So I have a few questions regarding this:
The document they sent says
"To make the request calls, a JSON object will need to be created and passed as a POST form parameter obj={jsonObject} for security reasons using content-type “application/x-www-form-urlencoded”."
I know that the login function contains the correct input values that USPS' REST API is wanting, but I'm not sure how to pass them as "obj", or how to apply the "content-type".
I have a "constant" defined at the top of my PHP script that looks like this:
const EPF_BASE_URL = 'https://epfws.usps.gov/ws/resources';
And I noticed in the actual functions that this part of the link is left out and they simply reference '/epf/login' as you can see above. Since "$this" contains lots of different values I'm wondering how it supposedly finds EPF_BASE_URL as needed. Is it similar to how 'using' directives work in C#?
What is the easiest way to call this function and display the result? This is my biggest question. Would I use a separate PHP class with an HTML form? I understand the concept of what it should do but I'm completely lost setting up a development environment for it.
I've been trying all of this with MAMP but would love to know if I'm on the right track or not.
That really depends on their API. Hopefully you get a string back that can be decoded to a JSON object (http://au.php.net/manual/en/function.json-decode.php). Some API might give a simple string that says 'SUCCESS' or 'FAIL'. You've got the code, so take a look at what $this->pullResponse() gives you.
If you've been given a PHP class that is supposed to support the API (hopefully from USPS), then it should already take care of putting the data in the form content, and ensuring is it submitted with the appropriate content-type.
A PHP const is more like a C# static string. It is very likely that the library will use the constant to create the end URL (i.e. EPF_BASE_URL . $resource). If you needed to run against a sand box environment, you could change that constant without having to change all the other code.
That's a very big question, because it depends on how you are programming your application. Procedural, MVC, existing frameworks, etc.
At the very least, you would set the loginUser and loginPass on the instantiated object, and call the login method`. You could then inspect the results, assuming the result is a JSON object, or use your favourite debugging method to see the contents.
I'm having a guess as the USPS API class name.
$uspsApi = new UspsApi();
$uspsApi->loginUser = 'username';
$uspsApi->loginPass = 'password';
$result = $uspsApi->login();
echo print_r($result, true);
I render the page corretly, display images etc. But when the user changes the album selection I want to use ajax to refresh the div.
My problem is that when I send the call to the server it gets an exception since the facebook objects are dead/no-reference, I don't know.
I tried to save them with session_start. I can pass strings like this but if I pass the objects like this than calling them still fails:
$albumID = $_GET['album'];
$facebook = $_SESSION['fb'];
$albums = $_SESSION['albums'];
$tester = $_SESSION['tester']; //works fine
echo get_pictures_from_album($facebook, $albums, $albumID);
I would also reallt appriciate it if someone can refer me to good documentation. It seems that facebook only have examples for the simple, trivial issues but no complicated apps.
If you are storing an object in the session, you need to make sure you require the file containing the class definition before you call session_start. Otherwise PHP won't be able to deserialize the objects from the session correctly.
Howdy. I've been tasked with making a Facebook game, but I'm new to Facebook development, so I'm just getting started. Apologies in advance if this is a no-brainer to people.
I'm having trouble following all the examples I see on sites, and I keep running into missing pages in the Facebook documentation when I am trying to read up. I think it's because there's a new version of the PHP Client Library for Facebook, and everything I'm finding is referring to the old client.
For instance, I see this code in a lot of examples:
require 'facebook.php';
$facebook = new Facebook( array( 'appId' => '(id)', 'secret' => '(secret)' ) );
$facebook_account = $facebook->require_login();
...but there's no "require_login()" in the client library provided in the facebook.php file.
From what I can tell, it looks like Facebook has very recently rolled out some new system for development, but I don't see any sample code anywhere to deal with it. The new library comes with an "example.php" file, but it appears to be only for adding "Log in with Facebook" functionality to other sites (what I'm assuming is what they mean by "Facebook Connect" sites), not for just running apps in a Canvas page on Facebook itself.
Specifically, what I need to do is let users visit an application page within Facebook, have it bring up the dialog box allowing them to authorize the app, have it show up in their "games" page, and then have it pass me the relevant info about the user so I can start creating the game. But I can't seem to find any tutorials or examples that show how to do this using the new library. Seems like this should be pretty straightforward, but I'm running into roadblocks.
Or am I missing something about the PHP client library? Should require_login() be working for me, and there's something broken with my implementation, such as having the wrong client library or something? I downloaded from GitHub yesterday, so I'm pretty sure I have the most recent version of the code I have, but perhaps I'm downloading the wrong "facebook.php" file...?
The following is a rewrite of the old require_login function. It exactly duplicates the old functionality.
function facebook_require_login($required_permissions = '')
{
global $facebook; // NOTE GLOBAL FACEBOOK OBJECT, MUST ALREADY BE INSTANTIATED
$user = $facebook->get_loggedin_user();
$has_permissions = true;
if ($required_permissions) {
$facebook->require_frame();
$permissions = array_map('trim', explode(',', $required_permissions));
foreach ($permissions as $permission) {
if (!in_array($permission, $facebook->ext_perms)) {
$has_permissions = false;
break;
}
}
}
if ($user && $has_permissions) return $user;
$facebook->redirect(
$facebook->get_login_url(Facebook::current_url(), $facebook->in_frame(),
$required_permissions));
}
phpfour solution is the only correct one - since it utilizes the new php-sdk library from github.
The best solution is to edit the new facebook.php and add a require_login() function (so all existing pages who rely on it can stay the same)
public function require_login(){
if ( !$this->getSession() ) {
$url = $this->getLoginUrl( array(
'canvas' => 1,
'fbconnect' => 0
));
echo "<script type='text/javascript'>top.location.href = '$url';</script>";
}
else
return $this->getUser();
}
The new php script on git hub is a wraper for facebooks api, graph I presume but I've seen code for fql too so who knows. The forums are currently down and IRC was dead when I went across. I have been looking for the same solution as your require authorisation to call ->api(\me). Since the script extends another class if I remember right, you could try using the reflection class/function to see what methods are available. Hopefully some solid documentation is on its way! Please let me know if you solve this. (Sorry for poor formatting I'm on my mobile)
Well, I have been able to find a solution to the problem of authorizing application using the new PHP SDK. You can check my blog post here.
In short, you will need to get an authenticated session and then you can call the functions to get the logged in user's ID. In this case, you will call the "/me" path from the Graph API.
I have a flash game embedded on Facebook but need access to the flashvars facebook passes to all embedded games. However I am using the mochiads preloader meaning that _root.fb_sig_user is always undefined?
How do I get to the variables?
stage.loaderInfo.parameters.fb_sig_user
Was my best guess and it doesn't seem to have worked.
Try this..
paramList = LoaderInfo(this.root.loaderInfo).parameters;
trace(paramList["fb_sig_user"];
fb_session = new FacebookSessionUtil("api_key","api_secret", stage.loaderInfo);