I am sending an app generated request to a user(already authorized the app) by calling the below function
function send_app_request(){
FB.api( "/" + '<USER-ID>' + "/apprequests", "POST", {
message: "Custom Request for you!",
data: "<REDIRECT-APP-URL>",
access_token: "<APP-ACCESS-TOKEN>"
}, function(response) {
console.log(response);
});
}
When a user clicks on the pop-up that appears beneath the app icon(with a red number) at the top right corner of the canvas, he gets redirected to the index page of the canvas with 'request_ids' as one of the parameters. How do I get/decode the 'data' parameter(contains a url) which i passed during the FB.api call(in the function above), so that I can redirect the user to a specific location(url) in my application.
I have seen this functionality in many applications, and I am "unable" to figure out how they are able to redirect the users to a specific location in their app, instead of the index page when the user clicks on the pop up.
The data is specific for that request you send to the user.
When the user clicks the requests and gets to your page (with the "request_ids" parameter) you should then get the data for the requests.
The url to get the requests from:
https://graph.facebook.com/USER_ID/apprequests
You will get a list of the requests and the data for each one (if such was sent).
You then need to delete the request for the user by issuing a request to:
https://graph.facebook.com/REQUEST_ID?method=delete
You can find a php example here: Upgrade to Requests 2.0
Related
I'm using the Facebook requestdialog to show my friend list and invite,this in a Facebook Web APP, using this:
function sendRequestViaMultiFriendSelector() {
FB.ui(
{
method: 'apprequests',
message: 'Selección de amigos a los que invitar a KugaBar'
}, requestCallback);
}
function requestCallback(data) {
console.log(data);
}
It works (ok).
But I need to identify the user when enter in my APP, you see the requestCallback data and see a "request", but when the users click on the notification and enter in the APP
I don't know how identify the request to detect if the user is accessing by the notification.
EDIT: OK I found it.
The param in the GET vars are "request_ids", but one problem appear, this param only come if the user previously have accepted the permissions, if the user clicks on the notification, and accept the permissions, hitting enter: this param doesn't exist, if the user enter again (not need to accept nothing) this param exists in the URL.
Are there any method to get this param in the first time the user enter?
Thanks
When the user first clicks on a request, you should get the request_id from the URL and store it in a cookie. When the user has completed logging in, check if the cookie exists and then update your record accordingly.
Notifications and Requests are NOT the same thing on Facebook. In your case you're talking about Requests. Request ids are passed to the app as a GET parameter 'request_ids' which is a comma separated list.
To be able to access this parameter after login dialog, you want to save your GET parameters from the original launch URL before redirecting to the OAuth dialog and pass them around in the redirect URL. This way you solved this problem for all of your future GET parameters.
If you're using PHP, the function you're looking for is http_build_query. I'd highly discourage from using a cookie to store one-time and easily accessible URL parameters.
The facebook docs here say "it is the Developers' responsibility to delete a Request once it has been accepted". As far as I understand, when someone sends a request to multiple users on facebook like this:
function sendRequestViaMultiFriendSelector() {
FB.ui({method: 'apprequests',
message: 'test message'
}, requestCallback);
}
only one request_id is returned via requestCallback() function.
Then, if I delete the request when someone accepts it, how would other users accept the deleted request?
when user comes following the app request, you can get request id's using
$_GET['request_ids']
then retrieve all the request ids with which you can call graph api to delete the corresponding requests like below:
if(isset($_GET['request_ids']))
{
$request_ids = $_GET['request_ids'];
}
$request_ids = explode(",", $request_ids);
foreach($request_ids as $request_id)
{
$full_request_id = $request_id."_".$fbid; //$fbid is current user facebook id
$facebook->api("$full_request_id","DELETE");
}
Check out the Request ID Format section of the FB request overview page.
The actual graph path for a request actually sent to specific user is "request-id"_"recipient-user-id".
you can access to facebook on mobile mode (m.faceook.com)
1-access the invitation panel
2-display all the invitations
3-open console mode in chrome
4-activate jquery by cpying and pasting all the jquery.min code into console
and excecute this script :
$("._54k8._56bs._56bt").trigger("click");
that will cancel or the invitation sent
I am sending an app generated request to a user(already authorized the app) by calling the below js function
function send_app_request(){
FB.api( "/" + '<TO-USER-ID>' + "/apprequests", "POST", {
message: "Custom Request for you!",
title: "Sample title",
access_token: "<MY-APP-ACCESS-TOKEN>"
}, function(response) {
alert(response.toSource());
console.log(response);
});
}
The script is working fine, and when the user clicks on the the app icon(with the red notification), at the top right corner of the canvas, he gets redirected to ther app's index page(apps.facebook.com/MY-APP), which is also fine. My question is, what parameter should I add in my FB.api call so that the user gets redirected to my desired app url(eg: apps.facebook.com/MY-APP/show-article/?article_id=5) instead of the index url.
Requests always direct user to your application canvas.
Citing Requests documentation:
Requests are only available for Canvas apps, not websites, as accepting a request will direct the user to the Canvas Page URL of the app that sent the Request.
Possible solution will be addition of desired URL within Request data property and once user land on your Canvas URL with requests_ids passed in URL arguments, read those requests and decide based on data property where user should be redirected.
data
Optional, additional data you may pass for tracking. This will be stored as part of the request objects created. The maximum length is 255 characters.
Update:
To get the data assigned with application/user request fetch it from Graph API:
https://graph.facebook.com/<REQUEST_OBJECT_ID>_<USER_ID>?access_token=APP_ACCESS_TOKEN
So I'm developing a small web app, that implements the Requests Dialog(User-to-User).
I'm able to send an invite and also successfully to save data as request id and user id. But when the user gets redirected to my app, after clicking on the request, i can't retrieve request id as shown here: https://developers.facebook.com/docs/requests/#deleting and then delete it.
But i see the request id in the address bar of the browser and it looks like this: http://apps.facebook.com/myownapp/?fb_source=request&request_ids=210655195715938 and REQUEST_URI is: /halten/?fb_source=request&request_ids=210655195715938
i tried with javascript:
function getMultipleRequests(requestIds) {
FB.api('', {
"ids": requestIds
}, function(response) {
console.log(response);
});
}
or with php:
if(isset($_REQUEST['request_ids'])) {
$requestIDs = explode(',' , $_REQUEST['request_ids']);
foreach($requestIDs as $requestID) {
try {
$delete_success = $facebook->api('/' . $requestID, 'DELETE');
} catch(FacebookAPIException $e) {
error_log($e);
}
}
but the request_ids is always empty but my browser shows the request_id
So the question is how to handle the problem?
Thanks in advance
A User to User Request is actually notified to the user in 4 levels.
1) Jewel notification
2) Bookmarks counter
3) Right top counter
4) Weird location notification inside the app(I did not know what this was called sorry)
All of these request will take the user to the app but unfortunately on the Jewel notification(#1) request url will contain all the request IDs and the remaining will contain only a single request ID.
Say you send 4 requests (1,2,3,4)
#1 in url will have 1&2&3&4
#2,#3,#4 will have one of those depending on which notification you response to
Hope this makes sense and answers the question.
I added a like button to the canvas application page that actually configured to the facebook page of the application.
I would like that whenever a user pressed like or dislike on my page, a request will be sent to my server noticing it that the user liked or disliked the application page.
I can catch these events by using the following code:
FB.Event.subscribe('edge.create', function(response) {
alert('You liked the URL: ' + response);
});
FB.Event.subscribe('edge.remove', function(response) {
alert('You disliked the URL: ' + response);
});
I can just check if the response equals to my facebook application page.
the question is.. after I catched the like or dislike, how do i forward it to the server secure enough ? how can I send the request to the server without posting the facebook id as a post/get parameter?
i want to send it to the server in a way that the server will be able to fetch the facebook session information and fetch the userid from there, or any other secure way.
example:
if i'll just call http://mysite/liked_my_app?uid=4534534543
then a user notice this request and start sending liked_my_app with fake uids.
is there a way to prevent that somehow ?
thanks
Instead of using the UID of the user, forward the signed_request. Only you can decode signed requests coming from your application because of the app_secret you have to use to decode it.
Another possible solution (depending on what exactly you want to do when you confirm a like/dislike event) is to check at intervals your page/app like count - in a cron job for example. When a user likes your page/app you can retrieve his UID (possibly other information as well), and you can cross-reference the lists from the last cron job.