I'm modifying an FBML canvas app to use the new PHP SDK and authentication instead of the old REST api.
Right now I'm attempting to use this snippet:
$me = null;
// Session based API call.
if ($session) {
try {
$uid = $facebook->getUser();
$me = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
}
}
// login or logout url will be needed depending on current user state.
if ($me) {
} else {
$loginUrl = $facebook->getLoginUrl(array('req_perms' => 'user_birthday, publish_stream, email'));
header('Location: '.$loginUrl);
}
However if I use the php header function for any URL that isn't relative, I get this error:
Application Temporarily Unavailable
The URL [https://www.facebook.com/login.php?.........] is not valid.
Sorry, the application you were using is experiencing a problem. Please try again later.
If I need to have authentication on my FBML canvas app using the latest PHP SDK, how do I properly redirect to the app login page that requests the extended permissions?
Looks like you cannot use a server side redirect (header()) to push user to the auth page. I'm using this at the moment:
function redirect($url)
{
echo '<script>top.location="' . $url . '";</script>';
//echo '<fb:redirect url="' . $url . '"></fb:redirect>';
//header("location:$url");
exit();
}
Related
I was looking some questions very similar to mine, but still lost in space here. I got no problems with JS part. I do the login and got my token. Now I need to send http request to a php that will perform queries in the database. How can I trust in a client request? I think I must have a confirmation of the user in server-side. So I taken the php SDK:
EDIT: This is the updated code, it's now working. The $fbToken in obtained by JavaScript and passed to php by Ajax request. Not using FacebookSession yet, baby steps...
$Login = ($_SESSION["Login"])? $_SESSION["Login"] : (object)array("ativo"=>FALSE, "metodo"=>"", "id"=>-1, "nome"=>"", "tipo"=>"", "publico"=>"", "nLogin"=>0, "captcha"=>"") ;
//
$fbPhpUser = FALSE;
require $Amb->phpBib.'Facebook/autoload.php';
//use Facebook\FacebookSession;
use Facebook\FacebookRequest;
use Facebook\GraphUser;
use Facebook\FacebookRequestException;
//FacebookSession::setDefaultApplication('{myAppCode}', '{myAppSecret}');
$fb = new Facebook\Facebook([
'app_id' => '{myAppCode}',
'app_secret' => '{myAppSecret}',
'default_graph_version' => 'v2.3',
]);
try {
// Returns a `Facebook\FacebookResponse` object
$response = $fb->get('/me?fields=id,name', $fbToken);
$fpPhpUser = $response->getGraphUser();
} catch(Facebook\Exceptions\FacebookResponseException $e) {
fim("fbGraph", 'Erro Facebook Graph: ' . $e->getMessage());
exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
fim("fbSDK", 'Erro Facebook SDK: ' . $e->getMessage());
exit;
}
if($fpPhpUser){
$Login->ativo = true;
$Login->metodo = "fb";
$_SESSION["Login"] = $Login;
}
The idea is to get a confirmation that the user is logged and Facebook has authorized my app, so '{access-token}' will be sent by post http request from client browser altogether with the rest of data (e.g.: user register form to be modified on my website database). $Login->ativo==TRUE means I can safely perform database queries. (the user can also login by my own website login system, but I wish he do by Facebook for an integration)
Not sure if will work and a bit tired of to try… Is this the right approach?
You only need the Javascript SDK to accomplish this. Your authorization is obtained through the statusChangeCallback function:
if (response.status === 'connected') {
//Logged into FB and app...
} else if (response.status === 'not_authorized') {
//Have NEVER logged into the app before.... you will see permissions page...
} else {
//NOT logged into FB... so not sure if logged into app...
}
Once you are connected, pass the access token via AJAX to your server and do whatever you want with it.
https://developers.facebook.com/docs/facebook-login/web#checklogin
I am experimenting with the Facebook Graph API and have this
require 'sdk/autoload.php';
use Facebook\FacebookSession;
use Facebook\FacebookRedirectLoginHelper;
FacebookSession::setDefaultApplication('<MY APP ID IS HERE>', '<MY APP SECRET IS HERE>');
$helper = new FacebookRedirectLoginHelper('http://whispershare.co.za/dashboard');
$loginUrl = $helper->getLoginUrl();
try {
$session = $helper->getSessionFromRedirect();
} catch(FacebookRequestException $ex) {
echo $ex;
} catch(\Exception $ex) {
echo $ex;
}
if ($session) {
echo 'yay';
} else echo 'boo';
I set the App ID and App secret but I keep getting the 'echo "boo";' on my page.
My app seems to be set up correctly. If it wasn't then it would give me an error in the try, right?
What could be wrong?
Please check my fb login whats is the error?
Here is the link.
It's say -
Graph returned an error: Can not open the link: Link domain is not included in the list of gadget domains.
if someone can help please help it will be appreciated
actually i want to include facebook data in my website
and i am getting an error
Given URL is not allowed by the Application configuration.: One or more of the given URLs is not allowed by the App's settings. It must match the Website URL or Canvas URL, or the domain must be a subdomain of one of the App's domains
since i am new to php
what should be come in place of
api('/me');
$userdata = $facebook->api('/me');
please someone help me i am frustrated
here is the full code
<h1>Facebook SDK Login - Basic Information</h1>
<h4><a href='http://9lessons.info'>9lessons.info</a></h4>
<?php
include('lib/db.php');
require 'lib/facebook.php';
require 'lib/fbconfig.php';
// Connection...
$user = $facebook->getUser();
if ($user)
{
$logoutUrl = $facebook->getLogoutUrl();
try {
$userdata = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
$_SESSION['facebook']=$_SESSION;
$_SESSION['userdata'] = $userdata;
$_SESSION['logout'] = $logoutUrl;
header("Location: home.php");
}
else
{
$loginUrl = $facebook->getLoginUrl(array( 'scope' => 'email,user_birthday'));
echo '<img src="facebook.png" title="Login with Facebook" />';
}
?>
fblogin.php
Go to your Facebook App :-
1. click on "setting" tab(Basic)
App Domains = example.com
site url = http://example.com/
(Advanced) tab
Age Restriction = 13+
2. click on "Status & Review" tab
Do you want to make this app and all its live features available to the general public? = Yes
only these option is required for create an basic app.
You can check for full doc :- sourceaddons or developer facebook
I think you're missing some parameters the API wants. According to https://developers.facebook.com/docs/reference/php/facebook-api/ the API expects the following syntax:
$ret = $facebook->api($path, $method, $params);
So "/me" is the path, but the API does not know what you want to do.
Have a look at the examples like this one here that fetches the user's profile:
https://developers.facebook.com/docs/php/howto/profilewithgraphapi/4.0.0
I have created a facebook app which I'm using as a Page Tab. I'm using the PHP SDK and Javascript SDK, and have authenticated and set it up perfectly to display the dialogs and then my page within the tab iframe.
I would now like to load other pages of my site asynchronously, however I can not access the users data (name, etc.) on the asynchronously loaded pages. How do I pass the authentication and variables to the ajax loaded pages?
(EDIT) Solution:
The PHP SDK creates a session automatically to use amongst pages loaded with ajax (or anywhere). You just have to call your authentication routine on each page loaded with ajax in order to access the data (using a php include is best).
I load pages into a div using a simple jquery load:
$('div#page').load('your-page.php');
And this is the routine I run on each php page:
<?php
//facebook application configuration
$fbconfig['appid' ] = "YOUR APP ID";
$fbconfig['secret'] = "YOUR APP SECRET";
$fbconfig['baseUrl'] = "SOURCE FILES BASE URL";
$fbconfig['appBaseUrl'] = "APP BASE URL";
/*
* If user first time authenticated the application facebook
* redirects user to baseUrl, so I checked if any code passed
* then redirect him to the application url
*/
if (isset($_GET['code'])){
header("Location: " . $fbconfig['appBaseUrl']);
exit;
}
//
if (isset($_GET['request_ids'])){
//user comes from invitation
//track them if you need
}
$user = null; //facebook user uid
try{
include_once "facebook.php";
}
catch(Exception $o){
echo '<pre>';
print_r($o);
echo '</pre>';
}
// Create our Application instance.
$facebook = new Facebook(array(
'appId' => $fbconfig['appid'],
'secret' => $fbconfig['secret'],
'cookie' => true,
));
//Facebook Authentication part
$user = $facebook->getUser();
// We may or may not have this data based
// on whether the user is logged in.
// If we have a $user id here, it means we know
// the user is logged into
// Facebook, but we don’t know if the access token is valid. An access
// token is invalid if the user logged out of Facebook.
$loginUrl = $facebook->getLoginUrl(
array(
'scope' => 'email,publish_stream,user_birthday,user_location,user_work_history,user_about_me,user_hometown'
)
);
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
//you should use error_log($e); instead of printing the info on browser
d($e); // d is a debug function defined at the end of this file
$user = null;
}
}
if (!$user) {
echo "<script type='text/javascript'>top.location.href = '$loginUrl';</script>";
exit;
}
//get user basic description
$userInfo = $facebook->api("/$user");
function d($d){
echo '<pre>';
print_r($d);
echo '</pre>';
}
?>
It depends of how you do your request, but you can save the data in a $_SESSION variable, like $_SESSION['userData'] = $facebook->api('/me'); and call it on every pages.
I'm using the below code for my app. If I deny the permission, I am still able to access the app, but it should not take me to app right?
Where am I going wrong?
//Facebook Authentication part
$user = $facebook->getUser();
$loginUrl = $facebook->getLoginUrl(
array(
'scope' => 'publish_stream,read_stream',
)
);
$me = null;
// Session based API call.
if ($session) {
try {
$uid = $facebook->getUser();
$me = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
}
}
if (!$user) {
echo "<script type='text/javascript'>top.location.href = '$loginUrl';</script>";
exit;
}
I am not sure this will give you the answer you are looking for. But I just wonder if you are aware of the expected authentication flow of a Facebook application.
When the "Don't Allow" is selected then the Facebook dialog box will redirect to:
http://YOUR_URL?error_reason=user_denied&
error=access_denied&error_description=The+user+denied+your+request.
Where YOUR_URL is the redirect_uri paramater that was specified in the oauth dialog URL.
Check out Facebook Authentication Docs
I think if you click on Dont Allow button it will take you to the app page, but if you handled the don't allow action in your code then you can redirect it to anywhere you want