Not sure why this isn't working, and was hoping someone might be able to point me in the right direction.
I have a facebook tab app that should display different content depending on whether a user "likes us or not."
require_once('src/facebook.php');
$app_id = "142214XXXXXXXX"; <--this is correct just hidden
$app_secret = "31275c8895XXXXXXXX";
$facebook = new facebook(array(
'appId' => $app_id,
'secret' => $app_secret,
'cookie' => true
));
$signed_request = $facebook->getSignedRequest();
$like_status = $signed_request["page"]["liked"];
//just for testing (nothing shows up, nor does print($signed_request)
echo "the page is ".$page_id;
if(!$like_status){
echo "Please LIKE US to get this offer or check back on Sept 27";
} else {
echo '<img src="https://www2418.ssldomain.com/frightfurnace/SLOSSbogo.jpg"/><BR />
Printable Page';
}
Now, I know that the SDK is installed and working properly since it does work with the example:
http://www.frightfurnace.com/Facebook/example.php
I have also made sure I am using absolute urls in my Facebook App settings.
I am using
http://www.frightfurnace.com/Facebook/coupon.php
Same with SSL.
Any ideas, kinda stymied. All help appreciated.
Well found the answer in case anyone else needs it.
Go to your apps on Facebook
https://developers.facebook.com/apps/
Go to edit settings
On the left click Advanced
signed_request for Canvas: (Make it enabled)
iframe Page Tab: (enabled)
Under Canvas Settings make sure Canvas Type is
iFrame
Seemed to work for me.
Another thing to check: the tab/canvas url must be EXACTLY the same as required. If there is a redirect to another page, then signed request and other values will not be sent. You can check using a browser sniffer, if a call to the page responds with a 300 (301/302 etc) redirect, then you need to change to what it redirects to.
Examples:
https://example.com/ may need to be https://www.example.com/ (add www., or remove www. depending on how server is set up)
www.example.com/ may need to be www.example.com/index.php (add index.php, or the right page).
Check you are using http:// and https:// correctly in the URLs, and that https:// returns a valid page.
Related
I'm new to Facebook APIs and have to do something which seems to me like it should be fairly simple, but there are so many ways to turn I'm looking for someone who knows the terrain to point me in the right direction. (I may already be pointed in it, but I'm not having success so I'm asking for help.)
I have a client website which has the Like button on certain pages (along with much other content of course). That is already implemented using an iframe tag, but I can do it a different way if need be.
What is not implemented and needs to be is that if the visitor has Liked that page, I want to show one block of content, and if he hasn't I want to show a different block. Most of the page would be identical, so I can't redirect or change the URL to accomplish this. Nor can I prompt the user for permission. I have to silently determine whether the visitor Likes the page he's currently on.
Ideally, what I'd like is a php function that will return a boolean whether the visitor likes the current URL or not. Here it is in pseudocode:
function VisitorLikesPageInFacebook($url) {
# $url = the URL to this page (NOT a Facebook page)
# if visitor is not logged into Facebook, return false
# if visitor is logged into Facebook and likes $url, return true
# if visitor is logged into Facebook and does not like $url, return false
# if anything else happens, return false
}
Can this be done using php? Do I need the Facebook PHP SDK? What settings do I need to have in my Facebook app, or better is there any possible way I can do this without creating a Facebook app? I've tried using $facebook->getUser() but it returns 0 unless I first go to the $facebook->getLoginUrl() address and give permission, which I can't expect visitors to the client site to do. I've tried $facebook->getSignedRequest() but it returns NULL. Is there a setting in my Facebook app that I need to set, or some other call I need to make first? Will I or my client need to have https to give the Facebook app a secure location?
The other piece of this puzzle is that I want the page to refresh when the Like button on it is clicked, and presumably when it does the return value of the above function will change. For that I assume I'll need to use the JavaScript SDK and subscribe to the Like event. Is that right? (My fallback approach, if I can't do what I need to via php, is to use the JavaScript SDK, subscribe to the Like event, and set or unset a cookie depending on whether he Liked or Unliked. Then read the cookie with php. JavaScript is nowhere near as familiar to me as php, so I'll avoid it except where required.)
If anyone can point me in the right direction, I'd be very happy! Thanks in advance.
$pageID= 'YOURID'; // Used below to fetch
$config = array(
'appID' => 'UR_ID',
'secret' => 'UR_SECRET',
'allowSignedRequest' => false,
);
$facebook = new Facebook($config);
$user_id = $facebook->getUser();
?>
<html>
<head><title>FB TEST</title></head>
<body>
<?php
if($user_id)
try {
$user_like = $facebook->api('/'.$user_id.'/likes/'.$pageID,'GET');
if(!$user_like){
echo 'User doesnt like';
} catch(FacebookApiException $e) {
$login_url = $facebook->getLoginUrl();
echo 'Please auth us here.';
error_log($e->getType());
error_log($e->getMessage());
}
I'm trying to redirect users to the facebook login page then back to my app without the Log In to app page displaying. Is this possible?
I've looked into the "next" parameter which is automatically generated by the PHP-SDK but cannot seem to change it.
Is there anyway to do what I'm looking for? I want to make sure users are logged in in order to check to see if they have authed my app but do not want them to if they are not already.
Thanks for any help!
No, i don't think it is possible to modify the next parameter. The only place where i saw the next parameter(in the PHP SDK) is in the getLogoutUrl() function, as seen in the source of the base_facebook.php. And that parameter defines which url to go, after logout.
For getLoginUrl() in the base_facebook.php file, we have
return $this->getUrl(
'www',
'dialog/oauth',
array_merge(array(
'client_id' => $this->getAppId(),
'redirect_uri' => $currentUrl, // possibly overwritten
'state' => $this->state),
$params));
as the last line in the function, which obviously means that the oauth-dialog will be shown, no matter what you try.
If your app is not on Facebook, then you can go for <fb:login-button>Login with Facebook</fb:login-button> in Javascript, and subsequently follow the example from this url. You'll see there that it's not possible to remove that dialog entirely, even if you don't ask for any permissions.
The Javascript SDK's FB.login() method will also bring up the auth dialog.
Hope this helps.
They have to accept permissions for the first time only. Facebook will never let you to get user's data without their knowledge/accept
If you are using php :
// Create our Application instance.
$facebook = new Facebook(array(
'appId' => $fbconfig['appid'],
'secret' => $fbconfig['secret'],
'cookie' => true
));
//Facebook Authentication part
$user = $facebook->getUser();
if (!$user) {
// user is not logged on --> redirect to the login url
} else {
// user is logged on you can do what you want
}
Hopefully this should be quick and easy.
session_start();
include("facebook.php");
$facebook = new Facebook(array(
'appId'=>'xxxxx50274xxxxx',
'secret'=>'xxxxxb932d62fbc6287feb18e5exxxxx',
'cookie'=>true
));
$fbuser = $facebook->getUser();
if (empty($fbuser)){
$fbloginurl=$facebook->getLoginURL();
echo "<html><body><a href='$fbloginurl'>Click</a></body></html>
} else {
die("Authenticated");
}
In this example, the first time I click the link to give permissions to the app to access my FB account, everything works fine. I can keep refreshing the page, and I get the "Authenticated" confirmation.
However, every time I restart the browser (starting a new session), it doesn't authenticate the app automatically and I have to click the link again. Of course as soon as I click the link I am immediately redirected back to the source page and presented with the "Authenticated" confirmation.
Is there any way of not having to click the authentication link during new browser sessions and have it authenticate automatically? I need to do this without a PHP Header directive, as I want the first time the user gives permissions to the app to be triggered by a manual click.
My FB login is persistent ("stay logged in" option is checked).
Thanks a lot for any help.
If I am understanding your scenario correctly (this is not an iframe app, correct?), this is all down to losing the website session cookie when the browser is closed. Once that cookie is gone, there is nothing to identify the user to your server-side code and so no way to know if the user has previously authorized your app.
You need to find a way to persistently identify the user, or at least identify that he has already given permissions. The simplest way would probably be to set your own (permanent) cookie once the user has first authenticated. Then whenever the session cookie is lost, check the presence of the permanent cookie and if it's there, do a PHP redirect to Facebook (which will be invisible to the user). If there is no cookie, present the HTML link to the user like you are doing now.
Comparing it to my code, the only difference I see is that I check to see if $fbuser is valid - if it isn't send me to the login screen. I'm also using top.location.href.
// Login or logout url will be needed depending on current user state.
if ($fbuser) {
$logoutUrl = $facebook->getLogoutUrl();
}
else {
$loginUrl = $facebook->getLoginUrl(array('scope' => 'publish_actions', 'canvas' => 1, 'fbconnect' => 0, 'redirect_uri'=>config_item('facebook_url').$pf));
echo "<html><body><script> top.location.href='" . $loginUrl . "'</script></body></html>";
exit(0);
}
Hope that helps.
We redirect users to below URL on mobile phones for application authorisation:
https://m.facebook.com/dialog/oauth?client_id=XXXXXX&redirect_uri=http://www.server.com/callback.php&scope=offline_access,user_likes,publish_stream,publish_checkins,user_checkins&display=wap
If the user is logged in to Facebook on his/her phone, no problem, Facebook automatically redirects to oauth dialog page.
If user is not logged in, Facebook asks them to login first.
On wap site(A Nokia phone), it redirects to oauth dialog without any problem after login.
But on touch site(An iPhone), it add hastags to URL, redirects user to his/her Facebook homepage.
Even display=wap parameter on URL doesn't help on this issue.
Any ideas on how to solve this problem?
Thank you
Actually, here's a cleaner solution. (I hadn't seen the API for getLoginUrl at the time of my previous post. http://developers.facebook.com/docs/reference/php/facebook-getLoginUrl)
require_once("facebook.php");
$config = array(
"appId" => APP_ID,
"secret" => APP_SECRET
);
$facebook = new Facebook($config);
$params = array(
"scope" => "offline_access,user_likes,publish_stream,publish_checkins,user_checkins",
"redirect_uri" => "http://www.server.com/callback.php",
"display" => "touch"
);
$url = $facebook->getLoginUrl($params);
header("Location: $url");
I experienced the same problem and had troubles isolating it since it worked in Chrome on the desktop but not while using the iPhone's Safari browser.
I did a urlencode around the redirect_url parameter and set display to touch. So to use your link above as an example, I'd try this:
https://m.facebook.com/dialog/oauth?client_id=XXXXXX&redirect_uri=http%3A%2F%2Fwww.server.com%2Fcallback.php&scope=offline_access,user_likes,publish_stream,publish_checkins,user_checkins&display=touch
I sincerely hope that works for you. It seemed to have brought me luck.
I was developing facebook canvas application, and I found this simple code fails. I don't know what went wrong, because I took it straight from tutorial:
<?php
require 'facebook.php';
/*
Facebook::$CURL_OPTS[CURLOPT_SSL_VERIFYPEER] = false;
Facebook::$CURL_OPTS[CURLOPT_SSL_VERIFYHOST] = 2;
*/
$facebook = new Facebook(array(
'appId' => 'xxx',
'secret' => 'xxx',
'cookie' => true,
));
//Request params
if(!($facebook->getSession()))
{
header("Location:" . $facebook->getLoginUrl(array('req_perms' => 'publish_stream')));
exit;
}
?>
the problem is at header("Location:" . $facebook->getLoginUrl(array('req_perms' => 'publish_stream')));. When I remove it (including removing the exit), the application can run well. However, when I have it, the application doesn;t show anything. Just blank page. And there is "load resource error from channel.facebook.com" on chrome's developer tools.
Can anybody help me spot what when wrong? I don't understand what went wrong In this code. I have made sure that appId and secret are correct.
This might help you:
load resource error from channel.facebook.com is irrelevant to your problem, I've seen that error plenty of times on the facebook page, it is their problem.
Most likely you are getting a blank screen because there is a PHP error, and you have error_reporting set to 0. Try error_reporting(E_ALL) to see if this is the problem.
Where is this code located, is the header you are sending ahead of other text output? Try placing the code on top of the page.
These are just some basic stuff you can check, hope it helps. Good luck.
I had the same problem (blank page) when trying to redirect (in PHP from the server side) to the login URL generated with the function getLoginUrl of the Facebook PHP SDK.
The problem seems to be related to the fact that the redirection is in the iFrame.
The redirection needs to be for the parent frame and not the canvas frame.
In PHP there is no way to tell the browser to redirect the parent frame soo you have to do it in Javascript:
$loginUrl = $facebook->getLoginUrl(array('req_perms' => 'publish_stream'));
echo '<script type="text/javascript">top.window.location="'.$loginUrl.'";</script>';