I developed Facebook application and I have some problems on "Allow access step",In initial stage user must authorize app and permissions.Currently if users skip extended permissions also landing to application home page , But I need to force user to accept all permissions, I got success when using FQL method , Now its not working , I cant find out the solution. Here is my code
$TotalPermissions = UserAndFriendsPermissions();
return true;
$tp = substr_replace($TotalPermissions ,"",-1);
$this->loadClassFile("Facebook", MAIN_PLUGIN_PATH."Common/facebook/facebook.php");
$facebook = new Facebook(array('appId' => $FBConnect["fb_app_id"],'secret' => $FBConnect["fb_secret_key"],));
$params = array('method' => 'fql.query','query' => "SELECT ".$tp." FROM permissions WHERE uid=me()");
$result = $facebook->api($params);
$totalp = count(explode(",",$tp));
$ap=0;
foreach ($result[0] as $key => $val)
{
if($val==1)
{
$ap++;
}
}
if($ap==$totalp)
{
return true;
}
else
{
?>
<?php
Redirect("https://apps.facebook.com/APP_NAMESPACE");
}
You cannot force users to accept all your extended permissions. What you can do is to check for permissions given and handle those cases accordingly i.e. redirecting users who have not given permission to a landing page which explains why you need those permissions.
Related
My app is able to post to several pages successfully, but when I try to post to a group:
$page_id = MY_GROUP_ID;
$page_access_token = "";
$result = $fb->api("/me/accounts");
$page_access_token = "";
// loop trough all your pages and find the right one
if( !empty($result['data']) )
{
foreach($result["data"] as $page)
{
if($page["id"] == $page_id)
{
$page_access_token = $page["access_token"];
break;
}
}
} else {
echo "AN ERROR OCCURED: could not get the access_token. Please verify the page ID ".$page_id." exists.";
}
// set the facebook active facebook access token as the one we just fetch
$fb->setAccessToken($page_access_token);
// Now try to post on page's wall
try{
$message = array(
'message' => "Test message",
'description' => "Test Description",
'link' => "http://example.org"
);
$result = $fb->api('/'.$page_id.'/feed','POST',$message);
if($result){
echo 'Successfully posted to Facebook Wall...';
}
}catch(FacebookApiException $e){
echo $e->getMessage();
}
}else{
$fbloginurl = $fb->getLoginUrl(array('redirect-uri'=>$returnurl, 'scope'=>$permissions));
echo 'Login with Facebook';
}
I get
(#200) Permissions error
If I go here: https://www.facebook.com/settings?tab=applications, I can see my app and permissions it has. I do not see anything in the list pertaining to groups.
I've logged out and was prompted to log in with the script (above), but am not being prompted to edit/add app permissions. I cannot find any app related settings under Group Settings for the group I have.
I remember seeing the app permissions page a year ago when I first made the app, but short of deleting the current and recreating, is there a way to simply edit existing permissions to add my group to the app? I am not seeing any group permissions when I click on the app under the app settings page (right above).
I am trying to get a page access token starting out with just a users access token stored in my database and a page id. So far I have not been using the facebook.php instead just using php's curl_* functions. So far I can send posts to the page (with a hard coded page id) but I want to impersonate the page when doing so.
Can I do this easily without facebook.php, that would be nice as it might save me from feeling like I should rewrite what I've done so far. If not, then how would I get the page access token from the facebook object - remember so far at least I don't store user ids or page ids in my db, just user access tokens and of course my app id and secret.
I've been looking at the example for getting page access tokens but I find it not quite what I need as it gets a user object and in so doing seems to force the user to login to facebook each time, but I stored the user access token to avoid exactly that from happening.
Do I need more permissions than manage_page and publish_stream? I tried adding offline_access but it doesn't seem available anymore (roadmap mentions this).
here is some of my code from my most recent attempt which uses the facebook.php file:
// try using facebook.php
require_once 'src/facebook.php';
// Create our Application instance
$facebook = new Facebook(array(
'appId' => $FB_APP_ID, // $FB_APP_ID hardcoded earlier
'secret' => $FB_APP_SECRET, // $FB_APP_SECRET hardcoded earlier
));
$facebook->setAccessToken($FB_ACCESS_TOKEN );
//got user access token $FB_ACCESS_TOKEN from database
// Get User ID -- why?
$user = $facebook->getUser();
//------ get PAGE access token
$attachment_1 = array(
'access_token' => $FB_ACCESS_TOKEN
);
$result = $facebook->api("/me/accounts", $attachment_1);
foreach($result["data"] as $page) {
if($page["id"] == $page_id) {// $page_id hardcoded earlier
$page_access_token = $page["access_token"];
break;
}
}
echo '<br/>'.__FILE__.' '.__FUNCTION__.' '.__LINE__.' $result= ' ;
var_dump($result); //this prints: array(1) { ["data"]=> array(0) { } }
$facebook->setAccessToken($page_access_token );
// Get User ID, why - re-init with new token maybe?
$user = $facebook->getUser();
//------ write to page wall
try {
$attachment = array(
'access_token' => $page_access_token,
'link' => $postLink,
'message'=> $postMessage
);
$result = $facebook->api('/me/feed','POST', $attachment);
echo '<br/>'.__FILE__.' '.__FUNCTION__.' '.__LINE__.' $result= ' ;
var_dump($result);
} catch(Exception $e) {
echo '<br/>'.__FILE__.' '.__FUNCTION__.' '.__LINE__.' $e= ' ;
var_dump($e); /*this gives : "An active access token must
be used to query information about the
current user." */
}
die;
Thanks
PS: I hardcoded the user id and started calling
$result = $facebook->api("/$user_id/accounts", $attachment_1);
and I still get an empty result.
PPS: The Graph API Explorer does not show my fan pages either even though my account is set as the Manager. My attempts to post work but show as being from my account rather than from the page.
PPPS: made a little progress by adding permissions on the graph explorer page to get an access token that way but that doesn't help as I need to the the access token programmatically. When a user with many fan pages logs in to my site I want to show them the list of their facebook fan pages to choose from. In practice aren't the permissions just granted on the app?
PPPPS: the list of permissions on my app now stands at : email, user_about_me, publish_actions
and
Extended Permissions:
manage_pages, publish_stream, create_note, status_update, share_item
do I need more? when I try now I still fail to get anything from the call to:
$facebook->api("/$user_id/accounts", $attachment_1);
Px5S: DOH!!! I see now that I was neglecting to add the manage_pages permissions to my call for a user access token when my scripts first get one and store it in the DB. But when I reuse that new access token I still get the error : "An active access token must be used to query information about the current user." So, can't such tokens be reused? Aren't they long term? will read more stuff...
Here is my functioning code, still messy but seems to work, note the scopes on the first $dialog_url, and please feel free to mock my code or even suggest improvements :
function doWallPost($postName='',$postMessage='',$postLink='',$postCaption='',$postDescription=''){
global $FB_APP_ID, $FB_APP_SECRET;
$APP_RETURN_URL=((substr($_SERVER['SERVER_PROTOCOL'],0,4)=="HTTP")?"http://":"https://").$_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME'].'?returnurl=1';
$code = $_REQUEST["code"];
$FB_ACCESS_TOKEN = getFaceBookAccessToken( );
$FB_ACCESS_TOKEN_OLD = $FB_ACCESS_TOKEN;
//if no code ot facebook access token get one
if( empty($code) && empty($FB_ACCESS_TOKEN) && $_REQUEST["returnurl"] != '1')
{
// if( $_REQUEST["returnurl"] == '1') die;
$dialog_url = "http://www.facebook.com/dialog/oauth?client_id=".$FB_APP_ID."&redirect_uri=".$APP_RETURN_URL."&scope=publish_stream,manage_pages";
header("Location:$dialog_url");
}
if( empty($FB_ACCESS_TOKEN) ){
if($_REQUEST['error_code'] == '200'){
return null;
}else if (!empty($code)){
$token_url = "https://graph.facebook.com/oauth/access_token?client_id=".$FB_APP_ID."&redirect_uri=".urlencode($APP_RETURN_URL)."&client_secret=".$FB_APP_SECRET."&code=".$code;
$access_token = file_get_contents($token_url);
$param1=explode("&",$access_token);
$param2=explode("=",$param1[0]);
$FB_ACCESS_TOKEN=$param2[1];
}else{
return null;
}
}
if(!empty($FB_ACCESS_TOKEN) && $FB_ACCESS_TOKEN_OLD != $FB_ACCESS_TOKEN) {
setFaceBookAccessToken( $FB_ACCESS_TOKEN);
}
$_SESSION['FB_ACCESS_TOKEN'] = $FB_ACCESS_TOKEN;
$page_name = '';
$page_id = getFaceBookPageId(); //from db
if(empty($page_id ) ) return null;
//in case there are multiple page_ids separated by commas
if(stripos($page_id, ',') !== false ){
$page_ids = explode(',', $page_id) ;// = substr($page_id, 0, stripos($page_id, ','));
}
$result = null;
foreach($page_ids as $page_id){
$page_id = trim($page_id);
if( !empty($FB_ACCESS_TOKEN)){
//get page_id
require_once 'src/facebook.php';
// Create our Application instance (replace this with your appId and secret).
$facebook = new Facebook(array(
'appId' => $FB_APP_ID,
'secret' => $FB_APP_SECRET
));
$facebook->setAccessToken($FB_ACCESS_TOKEN );
//------ get PAGE access token
$page_access_token ='';
$attachment_1 = array(
'access_token' => $FB_ACCESS_TOKEN
);
$result = $facebook->api("/me/accounts", $attachment_1);
if(count($result["data"])==0) {
return null;
}
foreach($result["data"] as $page) {
if($page["id"] == $page_id) {
$page_access_token = $page["access_token"];
break;
}
}
//------ write to page wall
try {
$attachment = array(
'access_token' => $page_access_token,
'link' => $postLink,
'message'=> $postMessage
);
$result = $facebook->api('/me/feed','POST', $attachment);
} catch(Exception $e) {
return null;
}
} //end if( !empty($FB_ACCESS_TOKEN))
}//end foreach
return $result; }
Now, I wonder if I can send the same message to several pages at once ...
Yup, just by looping over the ids, see above, it now supports multiple page ids.
And unless someone wants to contribute to the code - there's lots of ways it can be improved - I'm done.
Do you have an example of how to confirm that the person trying to access the content of your app is a member of a specific facebook group, using php? I've read through the developer docs and all it managed to do was confuse me even more. I've seen posts similar to this one but they only show me how to print a list of members...
I need to know how to get the list and see if the user trying to access the app is a member of the group so that I can either a: allow access or b: deny access and re-direct the user to the group page so they can request membership...
Yes its pretty simple, you just need to know the ID of the group you want to do that and ask for the scope user_groups permission, so you can query the groups the user have.
With the PHP SDK you can do this:
<?php
// Remember to copy files from the SDK's src/ directory to a
// directory in your application on the server, such as php-sdk/
require_once('php-sdk/facebook.php');
$config = array(
'appId' => 'YOUR_APP_ID',
'secret' => 'YOUR_APP_SECRET',
);
$facebook = new Facebook($config);
$user_id = $facebook->getUser();
if($user_id) {
// We have a user ID, so probably a logged in user.
// If not, we'll get an exception, which we handle below.
try {
$user_profile = $facebook->api('/me?fields=id,name,groups','GET');
$user_belongs_to_group= FALSE;
foreach($user_profile['groups']['data'] as $group){
if($group['id']==YOUR_GROUP_ID)
$user_belongs_to_group=TRUE;
}
if($user_belongs_to_group){
//Alright! the user belongs to the group
}
else{
//Oh snap you don't belong here, but you can if want to
}
} catch(FacebookApiException $e) {
// If the user is logged out, you can have a
// user ID even though the access token is invalid.
// In this case, we'll get an exception, so we'll
// just ask the user to login again here.
$login_url = $facebook->getLoginUrl();
echo 'Please login.';
error_log($e->getType());
error_log($e->getMessage());
}
} else {
// No user, print a link for the user to login
$login_url = $facebook->getLoginUrl();
echo 'Please login.';
}
?>
Some of this code I grabbed from the facebook, you can see the data that is returned when query for groups here: https://developers.facebook.com/tools/explorer
Press the plus sign after the name go to connections, choose groups and press send
You are in a catch-22, you will need the user to grant permission to his groups via the user_groups permission.
I am trying to integrate my Codeigniter website with the Facebook PHP SDK. What I want to do is let a user share an article from my site on their facebook wall, if they are logged into a facebook account. My library appears to load correctly, but everytime I try to do something, I get some kind of error... primarily with the auth. getUser does not appear to return the correct results. I set up my facebook application and set the config vars for my library, but no luck. It says I am not logged into facebook. When I click on the "login" anchor, the link takes me to the same page, but with the facebook url, and doesn't ask me to login with the app. Here's my code:
function facebook($article_id){
$config = array(
'appId' => '276870792431073',
'secret' => '8d49eee575413fb9a8063d22f65dbf6a'
);
$this->load->library('facebook', $config);
$user = $this->facebook->getUser();
if($user){
try {
$user_profile = $this->facebook->api('/me');
} catch (FacebookApiException $e){
error_log($e);
$user = null;
}
}
if($user){
$article = $this->article->fetch_article($article_id);
$config = array(
'message' => 'I just read an '.anchor('articles/'.url_title($article['title']).'/'.$article_id, 'article').' on '.anchor('', 'TrackTheOutbreak.com').'!',
);
$this->facebook->api('/me/feed', 'post', $config);
} else {
$data['MESSAGE_TITLE'] = 'Authentication Error';
$data['MESSAGE_TEXT'] = 'You must be logged into an existing Facebook account to use this feature. Click '.anchor($this->facebook->getLoginUrl(), 'here').' to login.';
$this->parser->parse('error_body.tpl', $data);
}
}
In order to access a users information and post anything to their wall you first need to get a access token from them. To do that you need to make sure that you have gained their permission through Facebook's FB_login (and then Open Graph). I would double check with this guide and make sure that you have everything set up properly to post to their timeline.
https://developers.facebook.com/docs/reference/javascript/FB.login/
I hope this helps
I had implemented oAuth Google using Zend Framework. All i can do right now is a user is authenticating using their gmail id and password and after that i am displaying his google Docs. But how to identify a user whether he is a old user or new user.
What is the unique Identification Google is providing after login in our website.
Thank You
$consumer = new Zend_Oauth_Consumer($oauthOptions);
if (!isset($_SESSION['REQUEST_TOKEN'])) {
$_SESSION['REQUEST_TOKEN'] = serialize($consumer->getRequestToken(array('scope' => implode(' ', $SCOPES))));
$approvalUrl = $consumer->getRedirectUrl(array('hd' => 'default'));
echo "<H2>LOGIN WITH GOOGLE</H2>";
exit(0);}
if (!isset($_SESSION['ACCESS_TOKEN'])) {
if (!empty($_GET) && isset($_SESSION['REQUEST_TOKEN'])) {
$_SESSION['ACCESS_TOKEN'] = serialize($consumer->getAccessToken($_GET, unserialize($_SESSION['REQUEST_TOKEN'])));}
}}
$accessToken = unserialize($_SESSION['ACCESS_TOKEN']);unset($_SESSION['REQUEST_TOKEN']);unset($_SESSION['ACCESS_TOKEN']);
You can store the returned ID from Google in a database and when authenticated (again) search for it. Get the Id like this:
$result = Zend_Auth::getInstance()->authenticate($adapter);
if ($result->isValid()) {
$identity = Zend_Auth::getInstance()->getIdentity();
// Do a database query on your users table looking for this $identity. If exists, they're logging back in