The flow of action on my site is:
a user finds something they want on any website
they click a browser button which opens an iframe with content from my site and allows the user to add the item they were looking at to a list
(at this point my system does the work to add details to the db)
the user then clicks to close the iframe and carries on doing what they were
When a user chooses to add something i want to also publish the action to facebook timeline
I use the following code which works as it should, but, once it has completed the task it redirects to a predetermined url - named $my_url
The problem is I want this action posting to happen seamlessly as my user has an iframe pop up open which at this point is saying "* has been added successfully to your list"
So can I stop it redirecting and make it just a background operation? I can't redirect to what the user is already looking at either which was one idea as you have to own the url inside the fb app
This is the code I'm using
$app_id = "_APP_ID_";
$app_secret = "_SECRET";
$my_url = "http://*******.com/pages/add.html";
$og_url = "http://*******.com/pages/view?id=$new_id";
$code = $_REQUEST["code"];
if(empty($code)) {
$dialog_url = "http://www.facebook.com/dialog/oauth?client_id="
. $app_id . "&redirect_uri=" . urlencode($my_url)
. &scope=email,user_birthday,friends_birthday,user_likes,friends_likes,publish_stream";
echo("<script>top.location.href='" . $dialog_url . "'</script>");
}
$token_url="https://graph.facebook.com/oauth/access_token?client_id="
. $app_id . "&redirect_uri=" . urlencode($my_url)
. "&client_secret=" . $app_secret
. "&code=" . $code;
$access_token = file_get_contents($token_url);
// remove the #expires
$params = null;
parse_str($access_token, $params);
$access_token_updated = $params['access_token'];
$post_data = "wish=" . $og_url . "&access_token=" . $access_token_updated;
// setup the curl
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://graph.facebook.com/me/*******:add');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
// execute the curl
$result = curl_exec ($ch);
if(curl_error($ch))
{
//echo 'error:' . curl_error($ch) . "<br/>";
}
curl_close ($ch);
Is there another way around this?
Here's what I did...
Change all code in OP and replace with this and all ok:
include 'path_to/facebook.php';
$facebook = new Facebook(array(
'appId'=>'__APPID__',
'secret'=>'__SECRET__',
'cookie'=>true
));
if(!$facebook->getUser())
{
$url = $facebook->getLoginUrl(array('scope'=>'email,publish_actions'));
echo "<script> top.location=\"".$url."\"; </script>";
exit(0);
}
$params = array("OBJECT_NAME"=>"http://*****.com/view?id=$new_id","access_token"=>$facebook->getAccessToken());
$out = $facebook->api('/me/NAMESPACE:ACTION_NAME','post',$params);
Related
I am using php-sdk for showing facebook information of the user. I have successfully shown the user profile info but while fetching any album or photos I am getting the blank data to me. I read the photos requires access_token.
Also if I put this query in the facebook graph api explorer it showing me the perfect result. So query is right may be my way of passing the url is wrong.
I am not getting the issue.
Please help.
';
$app_secret = '';
$my_url = '';
$config = array(
'appId' => '<appid>',
'secret' => '<appsecrete>',
);
$facebook = new Facebook($config);
$user_id = $facebook->getUser();
$code = $_REQUEST["code"];
if($user_id) {
//auth user
if(empty($code)) {
$dialog_url = 'https://www.facebook.com/dialog/oauth?client_id='
. $app_id . '&redirect_uri=' . urlencode($my_url) ;
echo("<script>top.location.href='" . $dialog_url . "'</script>");
}
//get user access_token
$token_url = 'https://graph.facebook.com/oauth/access_token?client_id='
. $app_id . '&redirect_uri=' . urlencode($my_url)
. '&client_secret=' . $app_secret
. '&code=' . $code;
$access_token = file_get_contents($token_url);
$fql_query_url = 'https://graph.facebook.com/'.'fql?q=SELECT+pid,src_small+FROM+photo+WHERE+aid+IN+(SELECT+aid+FROM+album+WHERE+owner=+me())&'.$access_token;
$fql_query_result = file_get_contents($fql_query_url);
$fql_query_obj = json_decode($fql_query_result, true);
//display results of fql query
echo '<pre>';
print_r("query results:");
print_r($fql_query_obj);
echo '</pre>';
}
?>
One parameter needs to be add for $dialog_url variable which is 'scope' which defines permissions to be given for application
$dialog_url = 'https://www.facebook.com/dialog/oauth/?client_id='.$app_id.'&redirect_uri='.urlencode($my_url).'&scope=user_photos';
echo("<script>top.location.href='" . $dialog_url . "'</script>");
for reference,
http://developers.facebook.com/docs/reference/dialogs/oauth/
Thanks
Shreyas
I need someone help.
When I open https://developers.facebook.com/docs/reference/api/ and clicked https://graph.facebook.com/me/likes?access_token=blablabla, I got all page that I've liked.
My questions was, from where I got the access_token value? can I get it by script?
Facebook developer site leverages an internal test console application that all developers can use to test calls within the documentation, site automatically appends the access_token.
A next place one can find the access token is https://developers.facebook.com/tools/explorer with the Graph API Explorer app.
You can also get it via script by following one of the authentication flows described at http://developers.facebook.com/docs/authentication/
You will need to create an application at https://developers.facebook.com/apps then,
For example via PHP using a server side flow,
Redirect the user to the OAuth Dialog ($dialog_url shown below)
A code will be given in response
Exchange the code for a user access token ($token_url shown below)
<?php
$app_id = "YOUR_APP_ID";
$app_secret = "YOUR_APP_SECRET";
$my_url = "YOUR_URL";
session_start();
$code = $_REQUEST["code"];
if(empty($code)) {
$_SESSION['state'] = md5(uniqid(rand(), TRUE)); //CSRF protection
$dialog_url = "http://www.facebook.com/dialog/oauth?client_id="
. $app_id . "&redirect_uri=" . urlencode($my_url) . "&state="
. $_SESSION['state'];
echo("<script> top.location.href='" . $dialog_url . "'</script>");
}
if($_SESSION['state'] && ($_SESSION['state'] === $_REQUEST['state'])) {
$token_url = "https://graph.facebook.com/oauth/access_token?"
. "client_id=" . $app_id . "&redirect_uri=" . urlencode($my_url)
. "&client_secret=" . $app_secret . "&code=" . $code;
$response = file_get_contents($token_url);
$params = null;
parse_str($response, $params);
$graph_url = "https://graph.facebook.com/me/likes?access_token="
. $params['access_token'];
$likes = json_decode(file_get_contents($graph_url));
print_r($likes); // A dump of the likes data
}
else {
echo("The state does not match. You may be a victim of CSRF.");
}
?>
See more of the reference information available at http://developers.facebook.com/docs/authentication/server-side/
I have a simple task to do but i am unable to find a solution for my problem.
I have a facebook page tab. Now i want to get the email permission of a user accessing my app and then display his email address on the page tab directly.
I found a solution in the facebook documentation that gets the permission an then redirects to a given url. That works fine. But how can i redirect back to my page tab? if i try to enter the page tab url it just goes to an indefinite loop. (because the $code variable is not set it seems)
<?php
$app_id = "APP_ID";
$app_secret = "APP_SECRET";
$my_url = "REDIRECT_URL";
session_start();
$code = $_REQUEST["code"];
if(empty($code)) {
$_SESSION['state'] = md5(uniqid(rand(), TRUE)); //CSRF protection
$dialog_url = "http://www.facebook.com/dialog/oauth?client_id="
. $app_id . "&redirect_uri=" . urlencode($my_url) . "&scope=email" . "&state="
. $_SESSION['state'];
echo("<script> top.location.href='" . $dialog_url . "'</script>");
}
if($_REQUEST['state'] == $_SESSION['state']) {
$token_url = "https://graph.facebook.com/oauth/access_token?"
. "client_id=" . $app_id . "&redirect_uri=" . urlencode($my_url)
. "&client_secret=" . $app_secret . "&code=" . $code;
$response = file_get_contents($token_url);
$params = null;
parse_str($response, $params);
$graph_url = "https://graph.facebook.com/me?access_token="
. $params['access_token'];
$user = json_decode(file_get_contents($graph_url));
echo("Mail: " . $user->email);
}
else {
echo("The state does not match. You may be a victim of CSRF.");
}
?>
Use the JavaScript SDK as it is all client-side and you will have easier control over where and when things happen. The login dialog can be a modal FB.login() and then call the FB.api() to get the user's email. See: http://developers.facebook.com/docs/reference/javascript/
If you want to do it server side I suggest you use the facebook php sdk at https://developers.facebook.com/docs/reference/php/
it makes things a lot easier. hth.
I have this facebook login code
$app_id = "xxxxxxxxxxxxxx";
$app_secret = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
$my_url = "http://xxxxxxxxxxxxx";
$code = $_REQUEST["code"];
if(empty($code)) {
$_SESSION['state'] = md5(uniqid(rand(), TRUE)); //CSRF protection
$dialog_url = "https://www.facebook.com/dialog/oauth?client_id="
. $app_id . "&redirect_uri=" . urlencode($my_url) . "&state="
. $_SESSION['state'];
echo("<script> top.location.href='" . $dialog_url . "'</script>");
print_r( $dialog_url);
die();
}
if($_REQUEST['state'] == $_SESSION['state']) {
$token_url = "https://graph.facebook.com/oauth/access_token?"
. "client_id=" . $app_id . "&redirect_uri=" . urlencode($my_url)
. "&client_secret=" . $app_secret . "&code=" . $code;
$response = file_get_contents($token_url);
$params = null;
parse_str($response, $params);
$graph_url = "https://graph.facebook.com/me?access_token="
. $params['access_token'];
$user = json_decode(file_get_contents($graph_url));
echo("Hello " . $user->name ." Create Event");
}
else {
echo("The state does not match. You may be a victim of CSRF.");
}
can I test if I am already connected to facebook website, consider it login to this page ? and no login link is being displayed ?
The question is pretty old but the answer might be helpful to others who finds similar situation. I guess, what you mean to say is to check if you code has successfully logged you to ur facebook account.
Security settings in facebook now has a feature to watch active sessions, gives you the information of when and from where have you logged in to your account. It is under:
Account Settings > Security > Active Sessions
What you can do is logout of all the sessions with end activity & finally logout of current session, then run the code. Now login via browser (or a different device, but login via browser or a different browser works fine) to see if you have got any more active sessions.
I'm a little confused here. The basic problem is on my fan page when I click on the icon for the app I made it works fine in firefox, but in IE I get the error "This content cannot be displayed in a frame" and in chrome it just never opens the app and goes blank. This has happened to me on the facebook profile I created the app with as well as a test account. The weird thing is that on my other facebook account it works perfectly fine on all browsers. The app also works when directly gone to from search or recent apps. I recently changed the name of the app and security id and reconnected it to my page. Under app settings my tab urls are correct. The code at the top of my canvas page consists of:
<?php
$app_id = "181247898619054";
$app_secret = "xxxxxxxxxxxxxxxxxxxxxxxxxxx";
$my_url = "https://apps.facebook.com/wellnessq/";
session_register();
session_start();
if (!isset($_REQUEST["code"]))
{
$_SESSION['state'] = md5(uniqid(rand(), TRUE)); //CSRF protection
$dialog_url = "http://www.facebook.com/dialog/oauth?client_id="
. $app_id . "&redirect_uri=" . urlencode($my_url) . "&scope=email&state="
. $_SESSION['state'];
echo("<script> top.location.href='" . $dialog_url . "'</script>");
exit;
}
$code = $_REQUEST['code'];
{
$token_url = "https://graph.facebook.com/oauth/access_token?"
. "client_id=" . $app_id . "&redirect_uri=" . urlencode($my_url)
. "&client_secret=" . $app_secret . "&code=" . $code;
$response = file_get_contents($token_url);
$params = null;
parse_str($response, $params);
$graph_url = "https://graph.facebook.com/me?access_token="
. $params['access_token'];
$user = json_decode(file_get_contents($graph_url));
}
?>
Any ideas? If you want to see the errors yourself just let me know and I'll post where to find them. Thanks.
Can you use a PHP header to redirect to your link?
header( 'Location: http://www.yoursite.com/new_page.html' ) ;