I have a facebook canvas application and I am using the latest version of the PHP SDK.
I have a workflow that looks like this. User logs into facebook and clicks on the application from their list of apps.
User lands on a form page -> clicks submit -> user doesn't see that it goes through the form process page and try's to post to wall -> header redirect to invitation page.
The flow works because I have built in transparent error handling. However, there is no wall post during this first walk through of the flow. Repeat by clicking on facebook icon to go to user home page, click on the application link in the list of user apps.
User lands on a form page -> clicks submit -> user doesn't see that it goes through the form process page and try's to post to wall -> header redirect to invitation page.
This time and every time there after it works.
The error I receive during the first try is that the session access_token is invalid. Every single time afterwards, as long as the user does not logout it will work and I will never get a bad token.
ON THE FORM PROCESS PAGE WHERE THE WALL POST CODE IS:
$user = null;
require "/usr/home/app/www/fb/facebook.php";
//facebook application
$fbconfig['appid' ] = "xxx";
$fbconfig['secret'] = "xxx";
$fbconfig['baseUrl'] = "http://www.app.com/fb";
$fbconfig['appBaseUrl'] = "http://apps.facebook.com/app";
// Create our Application instance.
$facebook = new Facebook(array(
'appId' => $fbconfig['appid'],
'secret' => $fbconfig['secret'],
));
//session_write_close();
$user = $facebook->getUser();
try {
$publishStream = $facebook->api("/me/feed", 'post', array(
'message' => "mess",
'link' => 'http://apps.facebook.com/app',
'picture' => 'http://images.app.com/img.jpg',
'name' => 'name',
'description'=> 'des'
)
);
} catch (FacebookApiException $e) {
d($e);
}
header("Location: https://www.app.com/fb/invite.php");
This is the exact error truncated to leave out information that is erroneous:
FacebookApiException Object
(
[result:protected] => Array
(
[error] => Array
(
[message] => An active access token must be used to query information about the current user.
[type] => OAuthException
)
)
....
Maybe you can try the offline_access permission to get a non-terminating access token?
So, after pounding my head against the wall for a week... I figured it out!
I had added a script at the end of the first page to make the scroll reset.
<script>
FB.init({
appId : 'appid',
status : true,
cookie : true,
xfbml : true,
});
</script>
On the next page was the processing, that was not working correct until I reached the next page where the invitation screen was to appear. On that page was the FB.init,
function callAppReq() {
FB.init({
appId : 'appid',
cookie: true,
channelUrl : 'https://apps.facebook.com/app',
oauth : true
});
After this page was loaded, every time thereafter the app worked correctly. I was scratching my head and couldn't figure it out. Until I noticed, "oauth : true" was the ONLY thing going on that was NOT being called on the first page. So, in that dumb script that I needed to make the scroll bar go away I added ":oauth : true"...
<script>
FB.init({
appId : 'appid',
status : true,
cookie : true,
xfbml : true,
oauth : true
});
</script>
Lo' and behold, it works now. I am very upset that it was this code breaking things but VERY happy that I now have it fixed and understand what the issue was!!!
Related
I'm trying without success for 2 days now to retrieve page feed with Facebook PHP SDK. Details :
I got a user, who is page admin
I created an app (not public, is that a problem?)
I use an AJAX called PHP script to try to retrieve feed, because I don't want to pollute main page loading.
All stuff given on PHP SDK doc is related to manual login and access token retrieval.
I Managed to retrieve a user token using the 2-scripts code (login, and callback), with manage_pages speical grant require :
$fb = new Facebook\Facebook([
'app_id' => $app_id,
'app_secret' => $app_secret,
'default_graph_version' => 'v2.2',
]);
$helper = $fb->getRedirectLoginHelper();
$permissions = ['manage_pages']; // Optional permissions
$loginUrl = $helper->getLoginUrl('http://domain.com/fb_callback.php', $permissions);
How can achieve the same thing without manual redirection, is one script, in AJAX context? SHould I use Curl to emulate manual redirection?
THing which puzzle me out is that the same stuff tok 2 lines using JS framework :
window.fbAsyncInit = function() {
// Framework init with Vinexpo app ID
FB.init({
appId : '012345789',
xfbml : true,
version : 'v2.4'
});
// Check status
FB.getLoginStatus(function(response) {
if (response.status === 'connected') {
// If connected, get last 2 posts on Facebook page
FB.api(
"/page_ID/posts?limit=2",
{
access_token : response.authResponse.accessToken
},
function (responsePost) {
if (responsePost && !responsePost.error) {
// Fill tiles on social network panel
}
}
);
}
});
Thanks in advance for answers or leads.
If you just want to read the newsfeed of one of you pages via AJAX, you don't necessarily need the PHP SDK if you generate yourself an eternal page access token and use this for your plain HTTP requests.
Have a look at my answer here on how to get such a token:
Post to a facebook page without "manage_pages" permission using php
FacebookI am using facebook javascript sdk to loigin a user, and then I wish to get some of his info via the php sdk, but I keep getting "An active access token must be used to query information about the current user."
this is the relevant html/js code:
<script>
window.fbAsyncInit = function() {
// init the FB JS SDK
FB.init({
appId : '8', // App ID from the app dashboard
channelUrl : '//url/frontend/channel.php', // Channel file for x-domain comms
status : true, // Check Facebook Login status
cookie : true,
oauth:true,
xfbml : true // Look for social plugins on the page
});
FB.Event.subscribe('auth.authResponseChange', function(response) {
if (response.status === 'connected') {
submitform();
} });
};
function submitform() {
console.log('Welcome! Fetching your information.... ');
FB.api('/me?fields=email,name', function(response) {
//submits a form from this page...
});
}
</script>
Facebook
and the php that fails is :
$facebook = new Facebook(array(
'appId' => Configuration::$facebook_app_id,
'secret' => Configuration::$facebook_app_secret));
// Get User ID
$user_profile = $facebook->api('/me?fields=name,id','GET');
It seemed to work for a while, and then it breaks with
" [message] => An active access token must be used to query information about the current user.
[type] => OAuthException
[code] => 2500",
Anyone has an idea how to stabilize this?
Thanks
Maybe that happens because your acces token was expired?
There are several access token types. And if your access token is a "short-term token" - you must refresh it.
you can read abot acces tokens here https://developers.facebook.com/docs/facebook-login/access-tokens/
In python server lib for facebook i used method fetchToken(appId, secret) to refresh my expired token.
My client has a e-commerce website where they sell their products and they also have facebook page for that website. I want to to publish wall post on that page when ever the product price is reduced or new product is lunched. But i want to make this automatic, so i want to authorize facebook automatic, means that i don't want any login dialog box. the script should authorize itself. now the code i am using is as below but it ask me for log in. and also tell me which method is good(easy) to publish page wall post?
require 'API_Library/Facebook/src/facebook.php';
$page_id = '111111111111111';
$appId = '111111111111111';
$appSecret = 'aaaaaaaaaaaaaaaaaaaaa22222222222';
$facebook = new Facebook(array(
'appId' => $appId,
'secret' => $appSecret,
'cookie' => true
));
$session = $facebook->getAccessToken();
$me = NULL;
if($session)
{
try
{
$me = $facebook->api('/me');
$facebook->api('me/feed', 'post', array(
'message' => 'Hello World!'
));
}
catch(FacebookApiException $e)
{
echo $e->getMessage();
}
}
OUTPUT:
(#200) The user hasn't authorized the application to perform this action
In order to post something to a page, you will need the administrator of the page to be authenticated with the application. You cannot post to a page without being authenticated. So there will be some user interaction required before you can set this up automatically.
The process would be as follows:
Setup a Facebook App to get a App ID and app secret - you'll need this to query the API and post updates to the page
As the page administrator, login to your app with the manage_pages permission.
After logging in, an API call to /me/accounts will give you an access_token to access the page and publish updates
Using the page's accesss_token, you can then POST updates using /{page_id}/feed
Hope this helps.
i want to authenticate my facebook profile with my website so i can pull infor from the page.
i was suggested to one time authenticate with the facebook api through a temp page. somewhat like:
<fb:login-button params="some permission" />
i am new to coding facebook apps. but this seems like fbml. how can i use it to authenticate my website with my own profile. i dont need users to log into my website. i just need to pull info from my page.
the facebook documentation is sparse and fragmented. all i got for the Login was this code fragment. I dont understand how i can authenticate a weblink through this method.
FB.login(function(response) {
if (response.session) {
// user successfully logged in
} else {
// user cancelled login
}
});
can anyone throw some light??
Let's start from the beggining:
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:fb="http://www.facebook.com/2008/fbml" xml:lang="en" lang="en">
It's required for fbml to work. Next:
<fb:login-button autologoutlink="true"></fb:login-button>
<div id="fb-root"></div>
These two lines create the "facebook login button", you should place them in your html where you want the button to appear.
Right before your closing body tag add:
<script type="text/javascript" src="https://connect.facebook.net/en_US/all.js"></script>
<script>
window.fbAsyncInit = function() {
FB.init({appId: 'YOUR APP ID HERE', status: true, cookie: true, xfbml: true});
FB.Event.subscribe("auth.login", function(response) {
if(response.session) {
// this is where you handle facebook's response
}
});
};
</script>
What you are doing here is first initializing the connection to facebook, with your app id (you need to create an application), and register an "auth.login" event. The auth.login event is triggered every time you click the facebook login button and successfully login to facebook, or facebook auto logins you based on their cookie.
You can find an explanation of the auth.login and other events here, look at the sidebar at the left, all events are listed.
The response is JSON formatted and it contains your basic session information:
{
status: 'connected',
session: {
access_token: '...',
expires:'...',
secret:'...',
session_key:'...',
sig:'...',
uid:'...'
}
}
You can read more about it here. If your status is indeed "connected" the next most important bit of information is the uid, this is your unique facebook identifier, a public id with which you can send further requests to facebook. What you do with the response is up to you. An obvious choice would be to send it via ajax to a script that logs you in your application.
To get more info from facebook you need to download the php sdk. To use the sdk:
<?php
include_once "facebook-sdk-3.0.0/src/facebook.php";
$appID = "YOUR APP ID";
$appSecret = "YOUR APP SECRET";
$cookie = "fbs_{$appID}";
$cookie = isset($_COOKIE[$cookie]) ? trim($_COOKIE[$cookie], '"') : "";
if(empty($cookie)) {
echo "no facebook cookie";
die();
}
parse_str($cookie, $data);
$facebook = new Facebook(array(
"appId" => $appID,
"secret" => $appSecret,
"cookie" => true
));
$facebook->setAccessToken($data["access_token"]);
$user = $facebook->getUser();
$profile = $facebook->api("/me");
?>
So at first you parse facebook's cookie which is named "fbs_YOUR_APP_ID" and contains your session information (url encoded). What you actually need is the access_token (a unique identifier of the authenticated session), which was also returned to you in the JSON response object before. Then via the Facebook object you can do and api requests you want.
Now to have a full authentication mechanism you should create a similar connect script that instead of getting the session information from the cookie it should take them from the response object that is returned when auth.login occurs (possibly via ajax).
You should read the Authentication workflow document to better understand how facebook connect works.
A good and easy way to deal with Facebook authentication is to implement the server side flow with the Facebook PHP SDK (see on github). So you will have something like :
require "facebook.php";
$facebook = new Facebook(array(
'appId' => YOUR_APP_ID,
'secret' => YOUR_APP_SECRET,
));
$user = $facebook->getUser();
If the user is logged in, then $user is his Facebook ID. You then have to check if you have a valid access token by making an API call :
If it does not raise any exception, then you have a valid access token
If it does, then you have to re-authenticate the user.
Here :
if ($user) {
try {
$facebook->api('/me');
} catch (FacebookApiException $e) {
$user = null;
}
}
You need then to display the login or logout link :
<?php if ($user): ?>
Logout of Facebook
<?php else: ?>
Login with Facebook
<?php endif ?>
When the user is logged in and you have a valid access token, you can make API calls to get data from Facebook :
$user_profile = $facebook->api('/me');
You may want to check the example page of the Facebook PHP SDK which is well documented.
Hope that helps.
Is it possible for me to post a message on a given users facebook wall, if they perform a certain action on my website?
Basically, I am looking for a step by step guide to achieve this, as I have not been able to figure out how to do this via the facebook documentation.
Step 1:
Set up a new application at facebook. Enter details like your website address and domain name. Note down the api key, application id, and application secret. You can set up a new facebook application here. Note: To be able to access facebook developers dashboard you need to be a verified developer, i.e. you should either have your mobile number or credit card verified with it.
Step 2:
Set up an authentication method to check if user is logged into facebook and if facebook session exists ask for basic permissions from user. You can do this easily using PHP SDK:
$fb_sdk_path = FACEBOOK_SDK_PATH;
require_once($fb_sdk_path);
//initialize FB object
$facebook = new Facebook(array(
'appId' => FB_APP_ID,
'secret' => FB_APP_SECRET,
'cookie' => true,
'domain' => 'example.com'
));
//try to get session. if this fails then it means user is not logged into facebook
$session = $facebook->getSession();
if (!$session) {
//get facebook login url
$url = $facebook->getLoginUrl(array(
'canvas' => 1,
'fbconnect' => 0
)
);
//put login url script to redirect to facebook login page (if you want to do this)
echo "<script type='text/javascript'>top.location.href = '$url';</script>";
exit;
} else {
//try to get user details from session this will trigger the permissions dialog.
try {
$uid = $facebook->getUser();
} catch (FacebookApiException $e) {
}
}
Step 3:
Use Facebook Javascript FB.ui method to generate a post form.
<div id="fb-root"></div> <!-- don't forget to include this -->
<script src="http://connect.facebook.net/en_US/all.js"></script><!-- include fb js -->
<script type="text/javascript">
//initialize facebook
FB.init({
appId:'YOUR_APP_ID',
cookie:true,
status:true,
xfbml:true
});
//call this function on click or some other event
function post_to_profile() {
FB.ui({
method: 'feed',
name: 'title of the feed',
link: 'link on the title',
caption: 'caption to show below link, probably your domain name',
description: 'description',
picture:'picture to show',
message: 'default message. this can be edited by the user before posting'
});
}
</script>
This should be enough to get it working.
I would recommend using the Javascript API. While you can certainly do it PHP, I find all the redirects required a poor user experience. Here is how you can get started loading the javascript API. It also has an example on how to post to a wall.
http://developers.facebook.com/docs/reference/javascript/
Posting to someones wall (yours or a friends) via javascript uses the FB.ui call.
http://developers.facebook.com/docs/reference/javascript/FB.ui/
Taken directly from http://developers.facebook.com/docs/guides/web/
<html>
<head>
<title>My Great Website</title>
</head>
<body>
<div id="fb-root"></div>
<script src="http://connect.facebook.net/en_US/all.js">
</script>
<script>
FB.init({
appId:'YOUR_APP_ID', cookie:true,
status:true, xfbml:true
});
FB.ui({ method: 'feed',
message: 'Facebook for Websites is super-cool'});
</script>
</body>
</html>
This will open a prompt to post onto the currently logged in user's wall.
The getting started guide to the Graph API should help you. Specifically, you'll be dealing with the post object (that page contains a note about publishing, scroll down to the "Publishing" section). You'll also need the publish_stream permission, which you can learn more about here. And since you're doing this in PHP, the official Facebook PHP SDK will be of interest to you as well.
Here's the general flow
Register an app at developers.facebook.com
Create page w/ this link to this page: https://www.facebook.com/dialog/oauth?
client_id=164837516907837&
type=user_agent&
scope=email,read_stream,user_videos,friends_videos,user_about_me,offline_access&
redirect_uri=http://www.facebook.com/connect/login_success.html
Save the user x's oath token that is returned from step2
Via API call post to user x's wall
To reference: http://thinkdiff.net/facebook/graph-api-iframe-base-facebook-application-development/
Various steps involved
1)Register App at facebook
developers
2)Get PHP SDK of Facebook
3)Get Offline access from user
so that you can post in users wall
without his permission(Use
accordingly)
4)Save the access token given by
facebook for the user
5)Using the access token by php
SDK post into the wall
Check this question it may be of some help
Publishing To User's Wall Without Being Online/Logged-in - Facebook Sharing Using Graph API