I'm able to update the status on my PROFILE wall using this code:
require_once 'facebook-platform/php/facebook.php';
$facebook = new Facebook('APP API KEY','APP SECRET KEY');
$user_id = 'MY USER ID';
$facebook->api_client->users_setStatus('This is a new status');
...after authorizing using this address:
http://facebook.com/authorize.php?api_key=MYAPPAPIKEY&v=1.0&ext_perm=publish_stream
This code, however, does not work to update the status on my Facebook PAGE Wall. Are there additional parameters that I can add to the authorize.php url to specify authorizing the PAGE and not just my profile?
Or, are there better ways to post updates to Fan Page Walls?
Thanks!
I solved the problem by consulting the Facebook desktop application documentation (even though this is a web application).
I first had to authorize offline access with this url (replacing 'MYAPIKEY'):
http://www.facebook.com/login.php?api_key=MYAPIKEY&connect_display=popup&v=1.0&next=http://www.facebook.com/connect/login_success.html&cancel_url=http://www.facebook.com/connect/login_failure.html&fbconnect=true&return_session=true&session_key_only=true&req_perms=read_stream,publish_stream,offline_access
Then, I needed to grant 'publish_stream' permissions to the PAGE with this url (replacing 'MYAPIKEY' and 'THEPAGEID'):
http://www.facebook.com/connect/prompt_permissions.php?api_key=MYAPIKEY&v=1.0&next=http://www.facebook.com/connect/login_success.html?xxRESULTTOKENxx&display=popup&ext_perm=publish_stream&enable_profile_selector=1&profile_selector_ids=THEPAGEID
I could then use the following code to publish to the Fan Page wall:
require_once 'facebook-platform/php/facebook.php';
$facebook = new Facebook(MYAPIKEY, MYAPISECRET);
try{
$facebook->api_client->stream_publish('INSERT_STATUS_HERE',null,null,null,'THEPAGEID');
}catch(Exception $o ){
print_r($o);
}
Based on the above, i tried out a couple of querystring parameters on the graph API authorize URL, and it appears this works:
https://graph.facebook.com/oauth/authorize?client_id=[APP_ID]&redirect_uri=[REDIRECT_URL]&scope=publish_stream&enable_profile_selector=1&profile_selector_ids=[PAGE_IDS]
EDIT: Never mind, the above displays all the UI correctly, but still get the "(#200) The user hasn't authorized the application to perform this action" error --- it's clear it doesn't work because the access token contains my USER id but not the page's ID.
Related
I am trying to post to a Facebook account (with permissions) using the PHP
API. I am giving our users two options - posting to the Feed, and posting
to a specific facebook page. I am getting an error in the first case, but
not in the second case. In the code below:
$access_token is the access token I got back from linking to my app. It's of type
"User", and has the following permissions:
email
pages_show_list
business_management
pages_read_engagement
pages_manage_metadata
pages_read_user_content
pages_manage_ads
pages_manage_posts
pages_manage_engagement
public_profile
Where $page_token is, well, a "Page" type token, with the same set of permissions.
When I post to the page, it works fine. But when I try to post to the timeline, I get
the error:
Graph Error 200 : [Timeline]: [(#200) If posting to a group, requires app being
installed in the group, and either publish_to_groups permission with user token,
or both pages_read_engagement and pages_manage_posts permission with page token;
If posting to a page, requires both pages_read_engagement and pages_manage_posts
as an admin with sufficient administrative permission]
I'm not trying to post to a group, I'm posting to an account's timeline. And, per the
access token debugger, I have the permissions requested anyway. What's going on?
My code is below:
$linkData = [
'link' => $link_to_post,
'appsecret_proof' => $app_secret_proof
];
if ( POSTING TO TIMELINE )
{
$token = $access_token;
$post_to = "/me/feed";
}
else
{
$page_id = $page_id;
$token = $page_token;
$post_to = "/$page_id/feed";
}
// THIS THROWS THE EXCEPTION:
$response = $this->fb->post($post_to, $linkData, $token);
You can not post to a personal timeline via API any more, that was removed ages ago already. (With introduction of API v2.4, if I remember correctly.)
You can only use the Share or the Feed dialog, to offer the user a way to actively share / make a post themselves, https://developers.facebook.com/docs/sharing/web
I am integrating Facebook login in my site. I am using Facebook SDK 4.0. My app API version is 2.4. I am trying to get basic profile info when user successfully log in with Facebook. But problem is - I am able to get only user id and his full name. Other stuffs like first name, last name, gender etc. are not being received. Also of course I need email of the person and user profile picture later on some stage. Here is my working code which is printing only name and id:
<?php
// start session
session_start();
$app_id = 'app_id'; // Facebook App ID
$api_secret = 'app_secret'; // Facebook App Secret
$required_scope = 'public_profile, publish_actions, email'; // Permissions required
$redirect_url = 'site_url/index.php'; // FB redirects to this page with a code
require_once __DIR__ . "/facebook-php-sdk-v4.0/autoload.php";
use Facebook\FacebookSession;
use Facebook\FacebookRequest;
use Facebook\GraphUser;
use Facebook\FacebookRedirectLoginHelper;
// init app with app id (APPID) and secret (SECRET)
FacebookSession::setDefaultApplication($app_id,$api_secret);
// login helper with redirect_uri
$helper = new FacebookRedirectLoginHelper( $redirect_url );
try {
$session = $helper->getSessionFromRedirect();
} catch( FacebookRequestException $ex ) {
// When Facebook returns an error
} catch( Exception $ex ) {
// When validation fails or other local issues
}
// see if we have a session
if ( isset( $session ) ) {
// graph api request for user data
$request = new FacebookRequest( $session, 'GET', '/me' );
$response = $request->execute();
// get response
$graphObject = $response->getGraphObject();
// print data
echo "<pre>";
echo print_r( $graphObject, 1 );
echo "</pre>";
} else {
// show login url
echo 'Login';
}
Following info is printed:
Facebook\GraphObject Object
(
[backingData:protected] => Array
(
[name] => Fname Lname
[id] => ID
)
)
You can see that I have already given scope parameter. But its not helping me. Then I started search on STO and found some solution which suggest us to add following line of code if you are using API v2.4 to explicitly mention the fields you want:
$request = (new FacebookRequest($this->session, 'GET', '/me/?fields=friends,id,name,birthday,email,picture,gender,location,address,email,hometown'))->execute()->getGraphObject()->asArray();
But when I used above code, it again didn't work instead i got blank screen not even id and name as before.
I also visited Facebook developer docs but they are so long, complex and not enough user friendly a developer can follow them easily in short time.
I think there is a lot of confusion regarding Facebook login. There are so many articles on web and each illustrating their own method. Some uses PHP and other uses JavaScript too which popups the login window. Honestly speaking I am very confused at this level and can't understand which is the best, recommended and working method of accomplish the task. Thus I'm in search of following questions:
I want help in making my above code working so that it can fetch all info about user including email and profile pic too.
Some method of login with Facebook takes user full login page and some other displays a popup for login and user remains on the same page after successful login which initially generated the popup window. How both are different?
What is best practice of login with Facebook. Also which SDK and Graph API version one should use?
While Generating a login URL you must pass on the scopes for which you seek permission. You can generate this by modifying,
echo 'Login';
to
echo 'Login';
This is just a example and may not cover all your requirement. You may have to add more scopes as per your requirement.
Above three scopes are permitted by default and you don't have to go through an app verification by facebook. But if you add any other scope, you may have to go through a an approval process before you can go live with an app.
And of-course since v2.4 you must explicitly ask for each field. Before email was supplied by default with /me, not any more. you must add it like,
/me?fields=id,first_name,last_name,friends,email
Login with a facebook will not ask for a login if user is already logged in and will go to permission screen straight away if user has not given permission to this app before. If user has already given all permission and he is already logged in facebook, clicking on login with facebook link will redirect user to redirect handler straight away.
I suggest, you should always use latest stable facebook apis.
UPDATE
Just realized that facebook allows account creation with a phone-number. So, if user has created an account with phone-number instead of an email, in api response you will receive phone-number in place of email like below,
...
'email' => '465454654654'
...
So, your code must handle this situation.
What are the basic steps for setting up a pure server flow facebook SSO, the docs are as usual a little ambiguous?
I set up the flow with javascript popups only to later realise you are not allowed to customise the login buttons.. which when you stick them next google and twitter sso the signin box look terrible.
http://www.codecademy.com/ seem to direct to their own server which then forwards onto a URL like this:
https://www.facebook.com/dialog/oauth?response_type=code
&client_id=212500508799908&
redirect_uri=http%3A%2F%2Fwww.codecademy.com%2Fauth%2Ffacebook%2Fcallback&state=8aac5bc63c5afe8fbabe572021e7750579fefd898d7b4316&
scope=email%2Cpublish_actions
How is this URL being generated? In the facebook docs there is a function "getLoginUrl".. is this being called which generates the correct URL?
I tried directing the user directly from their browser to:
var href = 'https://www.facebook.com/dialog/oauth?' +
'client_id='+app_id+'&'+
'redirect_uri=http://www.mysite.net/authenticate_facebook.php&'+
'scope=email&';+
'state='+$('body').attr('unique');
But the at the facebook php then the following recieving code resulted in errors about the 'state' not matching... I am assuming that the state is not just a random value generate by my server and must be aquired from the facebook server?
require_once(WEBROOT_PRIVATE.'authenticate/facebook-php-sdk/src/facebook.php');
$config = array(
'appId' => 'xxx',
'secret' => 'xxx',
'fileUpload' => false,
'allowSignedRequest' => false
);
$facebook = new \Facebook($config);
$user_id = $facebook->getUser();
if($user_id)
{
try
{
$user_profile = $facebook->api('/me','GET');
}
catch(FacebookApiException $e)
{
error_log($e->getType(), 0);
error_log($e->getMessage(), 0);
}
}
SO, is this correct flow:
1 - Direct the user to my server facebook_auth.php
2 - facebook_auth.php generate the get url and forwards the user onto it
3 - The user, if required logs into facebook, allows my app
4 - my facebook_auth.php script then checks the tokens and talks server to server with facebook to verify the rest
5 - my website then logs the user in
I had a similar issue last week, and tracked it down to the state field being overwritten by multiple calls to getLoginUrl(). Each time you call getLoginUrl(), a new state token is generated in the SDK and stored in the $_SESSION (it's just a random value), so if you call it twice and the user uses the first link to log in, the second call will have reset the SDK's internal state token, and you will get this error in your logs.
The SDK looks for the same state token in the URL coming back after Facebook authorizes the user and redirects them back to your site, and if it doesn't match it will log this error (here's a link to the source).
Im getting started with the php sdk, and struggling to understand a few things (I have a basic example below - but everytime the pic goes to MY wall and not the fan page)
Code:
require_once("facebook.php"); // set the right path
$config = array();
$config['appId'] = 'app id';
$config['secret'] = 'app secret';
$config['fileUpload'] = true; // optional
$fb = new Facebook($config);
$params = array(
// this is the access token for Fan Page
"access_token" => "I create this via the graph api (select App and click get token), I select publish stream and photo_upload permissions.",
"message" => "test message",
"source" => "#" ."photo.png", // "#" .
);
try {
// **** is Facebook id of Fan page
$ret = $fb->api('/****/photos', 'POST', $params);
echo 'Photo successfully uploaded to Facebook Album';
} catch(Exception $e) {
echo $e->getMessage();
}
the picture keeps going to MY wall (logged in user) and not the fan page, is that because im getting a token for the currently logged in user (me) instead of the fan page? and if so how do i generate a token for the fan page whilst logged in as the developer? (is it by putting the fan page id into the Get bar?)
Apologies for the noob questions but the facebook documentation sucks (until u understand the core functionality of course). Most tutorials work once u know how to use the graph API - none ive looked actually EXPLAIN how to use the graph to generate correct tokens, etc.
\POST /<ID>/photos — this will post on the <ID>'s wall only, so please double-check the <ID> that you are using.
The access token will depict that on behalf of whom the photo would be posted on the <ID>'s wall. If you use the user access token, the photo will be published on behalf of the user and if page access token is used, it will be published on the page's behalf itself.
You can get the page access token of your pages by-
\GET /me/accounts?fields=access_token
(permission required: manage_pages)
Demo
When I try to update the profile description of a soundcloud account via their php sdk, I get a 403 error every time. The app is authenticated and I am able to do things like place comments, but I'm not able to update anything on the profile (particularly the description field).
I'm using the standard code, found in their official documentation:
<?php
require_once 'Services/Soundcloud.php';
// create a client object with access token
$client = new Services_Soundcloud('YOUR_CLIENT_ID', 'YOUR_CLIENT_SECRET');
$client->setAccessToken('YOUR_ACCESS_TOKEN');
// get the current user
$user = json_decode($client->get('me'));
// update the user's profile description
$user = json_decode($client->post('me', array(
'description' => 'I am using the SoundCloud API!'
)));
print $user->description;
Please help me find out where the error comes from, because I'm all out of ideas.
Our bad, the user documentation that you point to there had two problems:
Updates to the user resource should use the PUT method, not POST.
Arguments need to be namespaced properly.
I've modified the documentation to fix these two problems. New code sample:
<?php
require_once 'Services/Soundcloud.php';
// create a client object with access token
$client = new Services_Soundcloud('YOUR_CLIENT_ID', 'YOUR_CLIENT_SECRET');
$client->setAccessToken('ACCESS_TOKEN');
// get the current user
$user = json_decode($client->get('me'));
// update the user's profile description
$user = json_decode($client->put('me', array(
'user[description]' => 'I am using the SoundCloud API!'
)));
print $user->description;
Hope that helps and sorry again for the confusion. Let me know if you run into any more problems.
To update user related information you need to login to Sound Cloud as user and then authenticate your application to use your personal data, else you will get 403 for all user related information while updating / delete. For posting any comments you don't need this authentication
http://developers.soundcloud.com/docs#authentication
Refer
Getting Information about the Authenticated User
Once the user has signed into SoundCloud and approved your app's authorization request, you will be able to access their profile and act on their behalf. We have provided a convenient endpoint for accessing information about the authenticated user.