We Keep Coding

how to capture where facebook user clicked to install my app

Here is a scenario to explain my question:
Lets say the app is a simple "suggestion box." The company installs the app and adds it to their facebook page. Then a user sees it and decides to leave a suggestion.
Once they click on the app, the app will ask to be authorized. Once they authorize it, I have no trouble sending their FB username to my server.
But how can I capture the user id of the company on whose page they first clicked on the app before they installed it?
I want the app to capture both the username of the person who is authorizing it, and the username of the person on whose page he click on the app.
Some users may install the app from the app center directly, in which case this field may be blank, but every time someone clicks on the app on someone's facebook page, I need both pieces of information to go to the server.
Any ideas?

You'll be able to find this information in the signed_request passed to your application. It contains a page parameter that contains information about the page that the application is installed on. If the page exists, then the user is accessing your application from a page tab, if not, it would be safe to assume that the user is interacting with the application on its canvas url - https://apps.facebook.com/yourAppNamespace
Facebook Signed Requests -
A signed_request parameter is used by Facebook to pass data to an application in a number of different scenarios...

can't find post-authorize URL on facebook APP page

I am making a Facebook App which will be only used for Facebook Pages.
I need to provide a post-authorize URL to make some action on Database when a user adds the app to their page.
But i cannot find any place to enter the URL.
Someone can help me ?
EDIT: User will only Add App to their page from Application Profile Page on FB

There is no such thing as "post-authorize URL" for applications working as Page tab. You will never know identity of user who added your application on page via application profile page.
Adding application to page doesn't mean that owner of page authorized the app.
Signed request contain information about page and user interacting with page tab application so you may know if user is admin of the page, liked the page and some additional details, it will include personal details only if user authorized application which should be done as separate step.

The way I'd do it:
List all the PAGE ID on which your user is admin:
FQL: select page_id from page_admin where uid=me()
When a page load your application, using the data contained in the signed_request POST parameter, look if the current page is a new page (just assign a boolean in the database to know if the page is already using the application or is new), and if the page is in fact using the app for the forst time, look if you have the admin in your database (remember? you have linked the PAGE ID and the ADMIN ID together in #1)
From there, you can do whatever you want: display a "application not yet authorized" instead of the normal app in order to wait for the user to pay you, etc...

How to detect if user previously authorized rights to a tabbed application without showing the authorization dialog?

How can you detect if a user previously authorized a tab application, without showing the user an authorization dialog? This is a user experience concern. We don't want to throw the user at an authorization dialog without a call-to-action, but we don't want a call to action to be shown to log the user in if the user previously authorized the app.
Here's the scenario. A tab application is hosted on a page that has several other applications. In Facebook, the 'Like' button does not work at the tab level but on a page level, so a user may have liked a different application without having seen the current application. Therefore, if any 'Like gate' is used on the landing page of a tab application, and authorization is required to use the app, then when we log the user in the user will be immediately shown the authorization screen without a call to action, unless we can detect that the user previously authorized this application.

You could use the javascript SDK and check the login status to see if they have authorized your application. If they have, you could redirect with javascript elsewhere or make the calls you need. If they haven't you could then show the call to action on your page. Something like:
FB.getLoginStatus(function(response){
if(!response.authResponse){
// redirect to authorization page
top.location.href="http://www.facebook.com/dialog/oauth?client_id=appid&redirect_uri=http://facebook.com/somefanpage";
// or instead show a call to action div
} else {
//load fan page specific content
}
});
But this will only tell if you if they are currently logged in and authenticated with your application or not. The only way you would be able to tell if this is a returning user vs a brand new user is if Facebook sent over the userId in the signed_request like ifaour mentioned (then you could call /userId/permissions with your app access token or look up in your database), but Facebook most likely won't send the userId since your users probably aren't authenticating with your individual tab application but a different shared application key.

Well Facebook will send the user id in the signed_request only when the user authorize your application. So as long as that piece of information is missing then this means the user didn't authorize your application yet i.e. show the auth dialog (or redirect to auth screen)!
More about this in the Page Tab Tutorial:
Integrating with Facebook APIs
When a user navigates to the Facebook Page, they will see your Page
Tab added in the next available tab position. Broadly, a Page Tab is
loaded in exactly the same way as a Canvas Page. Read more about this
in the Canvas Tutorial. When a user selects your Page Tab, you will
received the signed_request parameter with one additional parameter,
page. This parameter contains a JSON object with an id (the page id of
the current page), admin (if the user is a admin of the page), and
liked (if the user has liked the page). As with a Canvas Page, you
will not receive all the user information accessible to your app in
the signed_request until the user authorizes your app.

Connect With Facebook Question

i have a Connect With Facebook button for my main site. Then, I also create a smaller site for Facebook App and Facebook Page Tab (? I don't know what it's called), but the smaller site is created with Page Tab in mind ( width 520px ). All of them of course have a Connect With Facebook button.
My question is, how to check if the user connect with facebook from the main site or from a Facebook App or Page Tab? FYI, my smaller site is on a folder inside the mainsite, which I route with Virtual host, so the url for my mainsite is for example domain.com, and the smaller site fb.domain.com.
I've checked the Facebook App and Page Tab, and everything works perfectly as in the main site, the only thing that's strange is when people connect with facebook from Facebook App or Page Tab, they get redirected to fb.domain.com, because that's what I put in the Canvas URL of the Facebook App.
Of course, I can route the fb.domain.com to redirect to the Facebook App, but I don't want that, and even if I route it, the problem is still the same, how can I check if they Connect With FB from a Page Tab or from the FB App ?
I hope I'm being clear, as I'm new to this Connect With FB thing

https://developers.facebook.com/docs/guides/canvas/#tabs has a section which outlines how to do what you want.
When a user navigates to the Facebook Page, they will see your Page Tab added in the next available tab position. Broadly, a Page Tab is loaded in exactly the same way as a Canvas Page. When a user selects your Page Tab, you will received the signed_request parameter with one additional parameter, page. This parameter contains a JSON object with an id (the page id of the current page), admin (if the user is a admin of the page), and liked (if the user has liked the page). As with a Canvas Page, you will not receive all the user information accessible to your app in the signed_request until the user authorizes your app.
The section on signed requests will also be helpful in understanding how this works.

Facebook get user id on page tab (signed_request)

i've run into a problem.
I have custom page tab, and current user viewing on it.
I ask user to grant extended permissions to his profile (using Facebook.showPermissionDialog).
If he grants permissions, theoretically, i would have access to the Graph API and other stuff.
But when i parse new signed_request param from Facebook, i get oauth_token, bound to current page tab, not to user profile. In other words request to Graph API method 'me' gives me my custom page profile. And I want to get user's profile! How should i get access to it?
How to get access to user's Graph API on Facebook tab?

I've figured out how it works. After the user grants permissions, Facebook sends signed_request of current user (and his ID as well), when calling page on my server via Ajax. When the page loads statically - you get signed_request of page tab. Hope it will help somebody.

Tab is much more limited than a regular app. It doesn't know who is visiting it unless they interact with the tab. Basically it was made to emphasize that a tab is designed to be useful to a user who installed it, not to visitors. From docs:
It doesn't know who the viewing user is when the user first visits the tab. Facebook sends the fb_sig_user and fb_sig_profile_user parameters, both containing the profile owner's user ID.
If a viewing user interacts with the tab (like submits a form, takes an action that causes an AJAX load of new content, or follows a relative URL that loads on the tab), that user's UID is sent to the application as the fb_sig_user parameter, the profile owner's user ID is sent as the fb_sig_profile_user parameter. The viewing user's session key is key is sent only if the user authorized the application.
Applications use the owner's session key on the owner's application tabs.