I just created a Facebook application that basically creates a new Tab on my Facebook-profile-page and loads contents from my website in an inline frame. Now I got to the point that I added the application to my profile page with a simple link like http://facebook.com/add.php?api_key=APP_ID&pages=1. But how can I prevent others from just doing the same and using my app on their pages then?
Thanks in advance!
Aha! You know the page that it is supposed to belong to, so hard code that in your app's code and you can check the page id coming in from the signed_request and see if that page id is yours. If not, send down not permitted in your response HTML. If it is your page, then response down the good HTML. :)
For more information on signed_request see: https://developers.facebook.com/docs/authentication/signed_request/
Related
I am in the process of making a band website. I have a download of a song but I want it only to be available to the user if they have liked the bands Facebook page. I am aware there are similar questions to this already on here. I have tried some of them and they don't work, also none of them are very clear. Thank you for your help.
There are more than enough results which answer your question, for example Create Like-Gate for page
The most simple way to create this is using a Page Tab app (https://developers.facebook.com/docs/appsonfacebook/pagetabs/) and parsing the signed_request (https://developers.facebook.com/docs/reference/login/signed-request/) Facebook is sending when the page Tab is accessed.
The page object within the signed_request contains a field called liked which indicates whether the actual user liked the Page or not.
I want to share an image from a website on Facebook and pass some attributes (e.g. a description) to the status update, all done by clicking on a link.
A few months ago this worked fine using the sharer.php but by now this script just accepts a URL as parameter and scrapes the target site for Open Graph meta tags. This new approach isn't very helpfull if you just want to share elements on a page instead of the whole page.
Yeah, I could create an app and use the feed dialog to achieve my goal. But I honestly don't want to walk through the tedious app validation process just to share an image with some additional info!
So, does anyone know of a way to avoid this app hassle? Perhaps some undocumented parameters for the new implementation of the sharer.php?
There's no need for app validation - as #CBroe correctly stated! So the feed dialog IS an adequate solution!
Background: I assumed an app needs validation to go live. But I just didn't set up my app properly to make it available to every Facebook user.
See the comments to gloat over my stupidity. ;)
I'm working on a photo contest fb app to run in a fan page tab. the user should be able to share the photo in order for others to vote for them.
supposing image link in iframe is http://example.com/image.php?id=1 for particular photo, pressing share will share this link through iframe. which leads up to the host app itself.
what I need is sharing the whole fb app tab page url with http://example.com/image.php?id=1 open in its Iframe.
is that possible in any way?
thanks for help.
So to give the “alternative” to #Lix’ answer, which focuses on canvas apps, here the analog way for page tab apps:
For some reason Facebook decided to do things differently for page tab apps – different than with canvas apps, you can not pass just any GET parameters to your app by appending them to the facebook.com address of your app, but you have to use the app_data parameter for that.
You call/link to your app in the form https://www.facebook.com/YourPage?v=app_1234567890&app_data=foo – and whatever you put as value for the parameter app_data, you will find in the signed_request parameter that Facebook POSTs to your app on initial(!) load into the iframe.
So you parse the signed_request (or let f.e. the PHP SDK do that for you), and then you find the app_data value in there. If you want to pass more than one single value, you can f.e. also put JSON-encoded data there – then you have to decode that again after you read the app_data value from the signed request.
The docs just shortly mention the app_data parameter, but the principle itself is quite simple.
Now, when it comes to sharing those links, I found that when you use an address in the above form, Facebook tends to cut the parameters from the URL, and treat the whole link as just a link to your Facebook page – it shows the page’s picture and description, and does not even pass your page tab app along, let alone the app_data parameter.
I found the most reliable way around this is not to link to your page tab on Facebook directly, but instead to a URL of your own app. When the scraper visits it, you deliver the relevant OG information. And when it’s a real user visiting, you redirect them to your page tab app, passing the data you need via the app_data parameter as described above. Redirecting can either be done server-side (info on how to detect the scraper server-side via its User-Agent header), or client-side via JavaScript (which the scraper does not “speak”).
Sure it is. All you have to do is be able to extract the information from your application canvas URL. If your canvas URL is something like this:
https://apps.facebook.com/ImadBakir
Then you could place some more info in there, like this:
https://apps.facebook.com/ImadBakir?photo_id=123
Users will share that link and now in your application, you can parse that photo_id parameter and make the needed HTML changes to display the correct image inside your iframe as the page and application loads.
With regard to parsing the the URL parameters, assuming you'll be doing it with JavaScript, you can read more about it in this post:
How can I get query string values in JavaScript?
I'm new to Facebook Sharing API. When I put the Facebook Share button in my website, both the message and the title are the URL. Here's the screenshot:
There's even no thumbnails even though there's plenty of pictures in the page.
I have seen other pages that automatically use the first paragraph as the Facebook's message
Is there any specific site layout that I must follow?
Note: I'm using AddThis, so I don't think I can change the code
Thanks
The problem solved when I uploaded the site on Online server. Maybe the API has problem retrieving data from Localhost.
Cheers :)
i have one problem with facebook landing page. i created facebook landing page through static fbml app but i have one problem with like button, user must like the page before he will navigate to another page.
i want to do same functionality in my landing page,
http://www.facebook.com/BusinessofCinema?v=app_6009294086.
anyone know about this please help me .
thanks inadvance......
At this point you'll probably want to go with iframe based Facebook page tabs instead, now that these have become available and fbml based apps are being phased out. Among other advantages, the signed_request parameter that Facebook sends to an iframe based tab app includes a flag that indicates whether the user is a fan of the page.
Now that iframes are the only way to create new Facebook apps and FBML is being phased out, you need a new way to do it.
When your app URL is loaded, it is passed a signed_request POST parameter. This parameter contains the information you need. However, it is packed and encoded so it requires some manipulation to get the right info out.
First, split the signed_request on the '.' character. The first part is the signature. The second part is the encoded_data
Decode the encoded_data into a JSON string using the URLBase64Decode function equivalent in your server-side programming language
The JSON object contains a node called "page". This contains a node called "liked".
If "liked" is true, the user liked the page and you display the "liked" version of your app. If false, show the "Please like me" version of the site.
The FBML way will continue to work the way you have it live right now, but for anyone building a new Facebook app, this is the way to do.