Webtechnick CakePHP-Facebook-Plugin permissions not working - facebook

I'm using the Webtechnick CakePHP-Facebook-Plugin in order to log my users into my CakePHP application, I need to get their user_relationship, user_relationship_details, user_religion_politics and email.
Im using something kike this to invoke the login button
echo $this->Facebook->login(array('perms' => 'email,user_religion_politics,user_relationships,user_relationship_details', 'redirect' => array('controller' => 'users', 'action' => 'facebook'), 'label' => __('<span class="icon-facebook-sign"></span> Login with facebook',true),'id' => 'facebook_btn' ));
And also in facebook on "App details" in the "Configure App Center Permissions" section I'm adding the permissions too, but its not working, when a user login into the app facebook is still requesting the default perms (public profile, friends list and email).
I solved it, It seems that I was missing $options parameter on my init function.
So I changed the call in my default.ctp file
from
$this->Facebook->init();
to
$this->Facebook->init(array('perms' => 'email,user_religion_politics,user_relationships,user_relationship_details'));

I solved it, It seems that I was missing $options parameter on my init function.
So I changed the call in my default.ctp file
from
$this->Facebook->init();
to
$this->Facebook->init(array('perms' => 'email,user_religion_politics,user_relationships,user_relationship_details'));

Related

CakePHP session lost in Safari and IE between pages on Facebook

I'm developing a Facebook app on CakePHP framework and I'm trying to do one simple thing:
// get user
$user = $this->Facebook->api('/me');
// store the user id into session
$this->Session->write('User.id', $user['id']);
But as soon as I change page the session is lost in Safari and I cannot get the id from the session no matter what.
I have found numerous solutions here and on other forums tried them all, but I haven't managed to solve this problem. Nothing works for me or I have been doing it wrong... Anyone managed to found a working solution for this?
Any help would be really appreciated, thnx.
This is the proper code which you can download from github
//Example AppController setup
public $components = array('Session',
'Auth' => array(
'authenticate' => array(
'Form' => array(
'fields' => array('username' => 'email')
)
),
'authorize' => 'Controller'
),
'Facebook.Connect' => array('model' => 'User')
);
https://github.com/webtechnick/CakePHP-Facebook-Plugin
I have found a solution. The problem is Safari cookie policy, user has to change to allow all cookies in their Safari settings.
But I have figured out that if I first reload the page outside the facebook iframe and set the session there, the session remains the same even inside the facebook iframe.
So I created another controller action just to start a new session and store its id inside the session for later use:
public function safari_session_hack()
{
$app_url = "app_url"; // the full url of your app on facebook
session_start();
$this->Session->write('Session.id', session_id());
die(header("Location:" . $app_url)); // redirect back to the FB app
}
Then on my FB app landing page I have this code:
// Session fix for Safari
if (!$this->Session->read('Session.id') && strpos($_SERVER['HTTP_USER_AGENT'], 'Safari')) {
echo '<script>top.location.href="' . Router::fullbaseUrl() . Router::url(array('controller' => 'main', 'action' => 'safari_session_hack')) . '"</script>';
die;
}
All it does is it checks if the session id is not set and if the browser is Safari. Then it redirects to the safari_session_hack() action, starts the session on the outside page, saves its id inside the session and redirects back to the page.
Now everything works fine and the session is not being lost or destroyed between pages, so you can do user login and other stuff that requires session data inside your FB app.

Post form doesn't work with routing in cake php

I have implemented a pop out widow for user sign up:
here is the form popout.ctp in element folder which is called in default.ctp:
echo $this->Form->create('User', array('url' => array('controller' => 'users', 'action' => 'register')));
echo $this->Form->hidden('popup');
echo $this->Form->input('email', array('label' => 'Your Email:'));
echo $this->Form->end('Sign me Up!');
when I open any action in users view, the signup button works fine and page gets redirected to register action which is in user view.
while, when I'm in root, index page, which is in another view, pressing the signup button doesn't redirect to /users/register and goes to the same page.
Here is the routing:
Router::connect('/users/register/', array('controller' => 'users', 'action' => 'register'));
Router::connect('/', array('controller' => 'events', 'action' => 'viewall'));
when I remove rule number 2, signup button in events' actions works fine!
I don't understand how, this doesn't hit the first rule.
Thanks for you help in advance!
Without any further information, it's possible the second instance is somehow overriding the first. Another possibility is, that somehow the path to the 'action' is either invalid, or the controller assumes that the 'action' files path (i'm assuming it's '$action'.php') is relative to the path '/'.
Found this:
cakephp routing problem, plugin routing works but not others
Specifically:
As it turns out this happened because there was a user model and user controller in the application folder as well as the plugins controller. So the routing treated other controllers as if they weren't there.
All fixed now.
Cheers, Paul
I believe, this coincides with my initial answer.

publish_stream message visibility to everyone

I use Facebook PHP API to publish to profile's news feed:
$this->facebook->api('/me/feed', 'POST', array(
'message' => $msg,
'link' => 'http://'.$_SERVER['SERVER_NAME'],
'privacy' => array('value' => 'EVERYONE')
));
but this message is visible only to friends. I want it to be publicly visible to everyone! Even non-friends. How to do this ?
You, for security reasons, cannot override a user's choice on how your app posts messages. The best you can do is to change the default visibility setting of your app (https://developers.facebook.com/apps/{APPID}/auth) to Everyone, and then let the user change it to something else when authorizing your app. The user also has a chance to change the setting in own settings at any time later.

Multiple posters on page

I have a question, It might be found somewhere but I couldnt find a thread for it so if there is one, please post the link.
I admin a page that is a group of several other business areas. I want to post on one page with different icons and names, can that be done? Like different admins but administered by one person/account?
Possible?
What you are going to want to do is use a "Page access_token". To get this you will have to create an application and grant it the manage_pages permission.
You should see in the Authentication Documentation a section called "Page Login".
You can grant your application the manage_pages permission by going to this URL:
https://www.facebook.com/dialog/oauth?client_id=YOUR_APP_ID&redirect_uri=YOUR_URL&scope=manage_pages&response_type=token
Don't forget to substitute YOUR_APP_ID and YOUR_URL with the correct values for you application and URL. (the URL can be any URL - it is where Facebook will send you after you close the Dialog). You will see a dialog that looks something like this :
Once you have the correct permission, you'll want to make a call to this URL :
https://graph.facebook.com/me/accounts?access_token=TOKEN_FROM_ABOVE
You will get a response similar to :
As you can see from the image, you will receive a list of all the pages that the user administers along with an access_token for each page.
You use this access_token to make posts on behalf of the page. Since you have not stated what programming language you are using I will give an example in php.
In php, posting to the page would look something like this :
$facebook->setAccessToken(ACCESS_TOKEN_YOU_RETRIEVED_EARLIER);
$attachment = array('message' => 'this is my message',
'name' => 'This is my demo Facebook application!',
'caption' => "Caption of the Post",
'link' => 'http://mylink.com',
'description' => 'this is a description',
'picture' => 'http://mysite.com/pic.gif',
'actions' => array(array('name' => 'Get Search',
'link' => 'http://www.google.com'))
);
$result = $facebook->api('/PAGE_ID/','post',$attachment);
Hope this helps!
Happy coding!

Directing users to facebook login page without asking for permissions

I'm trying to redirect users to the facebook login page then back to my app without the Log In to app page displaying. Is this possible?
I've looked into the "next" parameter which is automatically generated by the PHP-SDK but cannot seem to change it.
Is there anyway to do what I'm looking for? I want to make sure users are logged in in order to check to see if they have authed my app but do not want them to if they are not already.
Thanks for any help!
No, i don't think it is possible to modify the next parameter. The only place where i saw the next parameter(in the PHP SDK) is in the getLogoutUrl() function, as seen in the source of the base_facebook.php. And that parameter defines which url to go, after logout.
For getLoginUrl() in the base_facebook.php file, we have
return $this->getUrl(
'www',
'dialog/oauth',
array_merge(array(
'client_id' => $this->getAppId(),
'redirect_uri' => $currentUrl, // possibly overwritten
'state' => $this->state),
$params));
as the last line in the function, which obviously means that the oauth-dialog will be shown, no matter what you try.
If your app is not on Facebook, then you can go for <fb:login-button>Login with Facebook</fb:login-button> in Javascript, and subsequently follow the example from this url. You'll see there that it's not possible to remove that dialog entirely, even if you don't ask for any permissions.
The Javascript SDK's FB.login() method will also bring up the auth dialog.
Hope this helps.
They have to accept permissions for the first time only. Facebook will never let you to get user's data without their knowledge/accept
If you are using php :
// Create our Application instance.
$facebook = new Facebook(array(
'appId' => $fbconfig['appid'],
'secret' => $fbconfig['secret'],
'cookie' => true
));
//Facebook Authentication part
$user = $facebook->getUser();
if (!$user) {
// user is not logged on --> redirect to the login url
} else {
// user is logged on you can do what you want
}