In PHP, I'm using curl to send a delete to the fb graph api - and yet I'm getting the following error;
{"error":{"type":"GraphMethodException","message":"Unsupported delete request."}}
The code I'm using is;
$ch = curl_init("https://graph.facebook.com/" . $status_id . "");
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_TIMEOUT, 120);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $query);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "DELETE");
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_CAINFO, NULL);
curl_setopt($ch, CURLOPT_CAPATH, NULL);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
$result = curl_exec($ch);
echo $result;
$query contains the access token.
Fixed!
You have to prepend the userid to the object ID when deleting:
DELETE https://graph.facebook.com/673509687_104812882909249?access_token={access_token}
where
673509687 is my userID and 104812882909249 is the objectID
For anyone still struggling with this, I found out what my issue was attempting to delete application requests that I had previously created using the PHP SDK, which was resulting in this error.
(#2) Invalid parameter: Body of an error/warning message. Title is: Invalid parameter
The problem was essentially with which access token was being used; user or application.
The specific scenario I was working on was where a user in my application has invited a friend Facebook (using an app request) but then wants to revoke that invite. In this case I want to delete the app request on Facebook that was previously created. However, at this point in time, the logged in user is not the recipient of the app request, but the sender.
Looking at the PHP SDK code, it automatically uses the user access token if it has one, over the application access token. In fact, there doesn't appear to be a way to explicitly get the application token from the SDK.
When attempting to delete the app request using the following...
$facebook->api('/'.$fb_request_id, 'DELETE');
...and letting the PHP SDK choose the user token, I received the (#2) Invalid parameter error message. However, if I manually construct the application access token (where the format is "$app_id|$app_secret" and pass it as an array key in a third parameter...
$facebook->api('/'.$fb_request_id, 'DELETE', array('access_token' => $app_access_token);
..then the call succeeds.
So, essentially you need to use the application access token to delete the app requests if the current user is not the recipient of the app request.
I hope this helps anyone else struggling with the same issue.
I modified your code slightly. (Should echo "true" if done correctly) Here's what is currently working for me.
Also note this does not erase events created via Facebook.That's why your receiving the permissions error. This only erases events created through your application... (application linked to $app_id, $app_secret)
//First authenticate a token
$app_id = "APP ID GOES HERE";
$app_secret = "SECRET APP ID GOES HERE";
$my_url = "WHATEVER THIS PAGES NAME IS GOES HERE";
//I'm not sure but I think REQUEST is still allowed....right? if not change it to GET/POST
$code = $_REQUEST["code"];
if(empty($code)) {
$auth_url = "http://www.facebook.com/dialog/oauth?client_id="
. $app_id . "&redirect_uri=" . urlencode($my_url)
. "&scope=create_event";
echo("<script>top.location.href='" . $auth_url . "'</script>");
}
$token_url = "https://graph.facebook.com/oauth/access_token?client_id="
. $app_id . "&redirect_uri=" . urlencode($my_url)
. "&client_secret=" . $app_secret
. "&code=" . $code;
$access_token = file_get_contents($token_url);
//Use TRUE and FALSE not 0 and 1's like you originally had it
//264853420218553 is the event id.
$ch = curl_init("https://graph.facebook.com/264853420218553?" . $access_token . "");
curl_setopt($ch, CURLOPT_VERBOSE, TRUE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_HEADER, FALSE);
curl_setopt($ch, CURLOPT_TIMEOUT, 120);
curl_setopt($ch, CURLOPT_POST, TRUE);
//curl_setopt($ch, CURLOPT_POSTFIELDS, $query);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "DELETE");
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, TRUE);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_CAINFO, NULL);
curl_setopt($ch, CURLOPT_CAPATH, NULL);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, FALSE);
$result = curl_exec($ch);
echo $result;?>
The only thing I can think to try is to
1) do a POST request with "method=delete" to see if that works
2) manually look at the produced HTTP request to see if something looks wrong -- then you can isolate the problem
It simply means that the HTTP delete method isn't supported for that specific object.
One option is to use Http POST and add method=delete to the parameter query. Make sure that your application has a publish_stream permission else you can never publish a feed.
Permissions are done by Facebook.
About this answer:
Fixed!
You have to prepend the userid to the object ID when deleting:
DELETE https://graph.facebook.com/673509687_104812882909249?access_token={access_token}
where 673509687 is my userID and 104812882909249 is the objectID
Unfortunately this will only work with a user-accesstoken and not when you try to delete an apprequest on the server (with the app-access-token) using for example the PHP language.
If you have a solution for deleting apprequests using the app-access-token then please describe it. Thanks for your help!
Related
I'm new to the Mailchimp api v3.0 (using php). I've created a campaign with the api and want to retrieve the campaign id from the cURL return data but can't seem to extract just the id. I've been away from php for awhile so I guess I'm just being brain dead. Clearly, I can print the entire result but just need to extract the campaign id in order to add/update content. Most of the test code follows. How do I extract just the id from $retval?
$json_data = json_encode($options);
$auth = base64_encode('prcAdmin:'. $apikey);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://usn.api.mailchimp.com /3.0/campaigns');
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content_Type: application/json',
'Authorization: Basic ' . $auth));
curl_setopt($ch, CURLOPT_USERAGENT, 'PHP-MCAPI/3.0');
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_POSTFIELDS, $json_data);
$retval = curl_exec($ch);
A few typos in your code, let's fix them first.
An extra space in the url
Content_Type to Content-Type. Good to correct it, though the endpoint returns data in a JSON format.
Assuming that you have a valid Auth with valid campaign data, it should return campaign data in JSON format. To extract the campaign id is pretty easy.
$campaign = json_decode($retval, true);
$campaignId = $campaign['id'];
If you can't get correct a campaign id, try to print out the result by using print_r($retval);. The correct data should look similar to an example response found on this page - http://developer.mailchimp.com/documentation/mailchimp/reference/campaigns/. (From and between curly brackets).
I resolved the problem: I added a:
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
and it obviously returned the response differently so the "id" tag could be referenced as:
$id = json_decode($retval);
echo $id->id;
Now it extracts just the "id".
I am trying to connect to the Marketo.com REST API using curl.
I can't get a response from the identity service. I only get an error message
"[curl] 6: Couldn't resolve host 'MY_CLIENT_ENDPOINT.mktorest.com'
,
but I can print the constructed url and paste it into a browser address bar and this will provide the expected response with the access_token element.
I can use curl in php and in a terminal to access my gmail account so curl is able to access an https service.
I have tried sending the parameters in the curl url as a get request and also by declaring them with curl's -F option as a post request
My application uses dchesterton/marketo-rest-api available on github, but I have also tried a simple php curl request just to get the access token.
private function getToken() {
$url = "$this->client_url/identity/oauth/token?grant_type=client_credentials&client_id=$this->client_id&client_secret=$this->client_secret";
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$response = curl_exec($ch);
$errors = curl_error($ch);
curl_close($ch);
file_put_contents($this->logDir . 'access_token_response' . date('Y-m-d') . '.txt', $url . "\n" . $response . "\n", FILE_APPEND);
if ($errors) {
file_put_contents($this->logDir . 'access_token_errors' . date('Y-m-d') . '.txt', $errors . "\n", FILE_APPEND);
}
return $response['access_token'];
}
Again, this fails with the same error but produces a perfectly formed url that I can paste into the browser and get a valid response.
I have also tried this using post instead of get as I have for every other test mentioned, and these have been tried on my localhost and on a test server.
Can anyone explain to me why this would fail?
Does Marketo block curl on a per account basis?
I was trying to implement something similar but my code wasn't working. I'm not sure exactly what is failing but I tried your code and it seems to work perfectly after some slight modifications:
$curl = curl_init($url);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode($request_data));
curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type: application/json'));
$response = curl_exec($curl);
$errors = curl_error($curl);
curl_close($curl);
I hope this helps.
I'm trying to make a curl request to my laravel server, in that request I have to check whether the user of my laravel application is logged in or not. I use this code:
$transferAmount = 200;
//set POST variables
$url = URL::route('post-spend-partner');
$fields = array(
'transferAmount' => urlencode($transferAmount),
'cancelUrl' => urlencode(URL::route('get-return-page-example')),
'returnUrl' => urlencode(URL::route('get-return-page-example')),
);
// New Connection
$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 0);
curl_setopt($ch, CURLOPT_COOKIESESSION, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $fields);
curl_setopt($ch, CURLOPT_URL, $url);
curl_exec($ch);
curl_close($ch);
In the requested url I'm just checking if I'm logged in or not, but it always returns false:
public function postSpendPartner() {
echo "Authenticated? " . (Auth::check() ? 'Yes' : 'No');
}
I know for sure that I'm logged in, if I try the exact same thing with Ajax it completely works!
Does anyone know what I could try, to solve this problem?
Best regards!
Fabrice
Some facts: HTTP is stateless. Session IDs need to be passed to the server in order to continue the session. Session IDs are (most of the time) stored in cookies. Cookies are included in the request.
Using a cookiejar could indeed be one possible solution. The fact that it works using Ajax, and not by re-submitting the request from your server might be because of the session-verification mechanism on the server: Some session implementations lock session IDs to the initial IP address. If the contents of your cookiejar file check out, that might be the culprit.
That aside: re-submitting the request via Curl from your server is a severe codesmell to me. A proper solution would to implement something such as OAuth.
Try sending your cookies as a header with your curl request.
// ...
$cookie_header = "Cookie:";
$headers = [];
foreach($_COOKIE as $key => $val) {
// Do sanitize cookie values
$cookie_header .= " ".$key."=".$value.";";
}
$headers[] = $cookie_header;
curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
// ...
You could filter out unnecessary cookie values from $cookie_header.
Hi,
I have setup a business account at Paypal, and it seems that I already have my Test API Credentials, since I can successfully retrieve them from my Sandbox accounts.
Now I am trying to make the "first call" to get an authorization token.
Here's my PHP code:
$ch = curl_init();
$clientId = "myid"; //not the actual one
$secret = "mypass"; //not the actual one
curl_setopt($ch, CURLOPT_URL, "https://api.sandbox.paypal.com/v1/oauth2/token");
curl_setopt($ch, CURLOPT_HEADER, "Accept: application/json");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERPWD, $clientId.":".$secret);
curl_setopt($ch, CURLOPT_POSTFIELDS, "grant_type=client_credentials");
$result = curl_exec($ch);
$json = json_decode($result);
print_r($json);
curl_close($ch);
And here's the response:
stdClass Object ( [error] => invalid_client [error_description] => Invalid client credentials )
Does anybody have a clue?
Thanks
EDIT: This login is working (I found it elsewhere):
clientId: ASF6RRBP0uTq7FnC90tpFx7vfA-Pliw8uQDjv5RZ10Y_NVspuc88pUPLN6yM
Secret: EAdx7BDKzWczDomYG2QDHu8jhaAXj4xDZLHadvL5aRfesjwo5c81zbSpRxuE
Strangely the format looks very different from mine.
I'm stuck here, cannot go any further without a token.
You could pass it as a header similar as follows:
"Authorization" => "Basic " . base64_encode($clientId . ":" . $clientSecret)
This should act the same as above.
You could write it on curl_setopt like this:
curl_setopt($ch, CURLOPT_HEADER, "Authorization: Basic " . base64_encode($clientId . ":" . $clientSecret));
Also, just out of curiosity, you might want to try out PayPal-PHP-SDK. They have all these bells and whistles, that would keep you away from manually getting this code. It has documentations, and samples, that would help you get started with any API fairly quickly.
finally i managed to get it to work
the correct credentials are a hash of 60-digit, not 16 as first seen
i had to create an app to get them
nobody told me that at paypal, not even the "merchant technical support"
hope this helps someone in the future
thanks for your answers
I am trying to build a portion into my personal website that shows the locations I have tagged in my posts on facebook. My understanding is that I need to do an oAuth Request on the server to get the AccessToken:
UPDATE
I built a php file that gets a file with the token in it and refreshes it. I can call this file with a cron job every hour and have an unlimited token. It looks like this:
$appID = "APPID";
$appSecret = "APPSECRET";
$currentToken = file_get_contents(__DIR__."/token.txt");
$url = "https://graph.facebook.com/oauth/access_token?client_id=".$appID."&client_secret=".$appSecret."&grant_type=fb_exchange_token&fb_exchange_token=".$currentToken;
$ci = curl_init();
curl_setopt($ci, CURLOPT_URL, $url);
curl_setopt($ci, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($ci, CURLOPT_TIMEOUT, 10);
curl_setopt($ci, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ci, CURLOPT_FOLLOWLOCATION, TRUE);
$newtoken = curl_exec($ci);
curl_close ($ci);
$newtoken = str_replace("access_token=","",$newtoken);
$newtoken = substr($newtoken, 0,strpos($newtoken, "&expires=",0));
if($newtoken == "")
{
echo "error";
}
else
{
$file = __DIR__."/token.txt";
file_put_contents($file, $newtoken);
echo $newtoken;
}
If the Access Token has the form {app_id}|{app_secret}, you're not using a User Access Token, but an App Access Token.
Seems like you don't implement the proper Login process to gather the User Access Token. Stick to the provided sample code of the FB PHP SDK.
See
https://developers.facebook.com/docs/php/gettingstarted/4.0.0
https://developers.facebook.com/docs/facebook-login/access-tokens#usertokens