I would like to know if I can store more data than a Facebook user id. In the old API it says no.
From ttp://developers.facebook.com/docs/ref … ndardinfo/:
The only storable values returned from this call are the user IDs.
But, could I store data if I do not relate it to the user? For instance: If the user is a woman, and rates something in my page, could I count a +1 women vote in my page without relating to the user?
That information is really old. Long ago Facebook changed the rules so you could "cache" any information 24 hours. Last year they then changed it so you could store it indefinitely. However, there are still rules on what that information can be used for. Look at the question "How long can I store data?" http://www.facebook.com/help/new/?page=1100
Now it's pretty much all based around permissions. Basic authorization gets you basic information about the user, based on their privacy settings. The user may not allow you to tell their gender. If you want more information, you need to prompt the user to grant you access to that additional information. Facebook has even setup a real time API for subscribing to user information changes. For example, you can get "alerted" if a user changes their gender (bad example).
Related
My goal is to make a website, in which user could customize a photo and then provide his friends indicators like name or id. My next task is to fetch that info from database and send messages on specific date to provided users. Ex birthday wishes, greetings, and so on.
I studied facebook send api for a few days now and couldn't find solution for myself. If I want to send message, I need to have Page-scoped id of user, which is acquired when the person text you first, which is not desired, because person wouldn't know what it is.
Also I was looking into Customer matching API, also seems to require the same PSID. The next thing I checked was Send Dialog API, which seems to send messages instantly, but not on the specific date. Also I checked unofficial facebook-chat-api, which asks for user ID, whereas I can find my id, I couldn't find ids of my friends.
So I just want to know is it even possible, if yes, I'd really appreciate your help.
User to User communication is not possible (and not allowed) in an automatic way, there is no API for it except for the Send Dialog. The Messenger platform is for page to user communication only.
Do not use inofficial tools, they are not allowed and might get you banned.
I have a doubt about real-time Instagram subscription in the API. Can i subscribe to whatever user i want? or there is some restrictions about the users that i want to subscribe?
I arises this doubt because in the Instagram of real time subscriptions page says: Note that this subscription is for all of the client's authenticated users, not just a specific user.
Its means that i can only subscribe the users that have authorithed my app in Instagram??
I have to make an app that consumes the instagram subscriptions and when there is a new photo it automatly saves it in the DB.
Thanks
A few things, first if you use the "user" type, then you are correct it will ping your endpoint any time any user who has authorized your app posts, there is no IG side filter (yet), but you can easily filter on your end once you get the notification. Oddly, I did notice it now sends the media_id of the post (although the docs say it doesn't!?). If users do not authorize your app, then the only way to get notifications is via the other endpoints such as by tag.
I have found some issues though when dealing with "private" users, and some strange filter behavior to watch out for.
A final point, you said you want to save to your db - that could be in violation of their use policy, so be sure to clearly understand what IG's rules are and that you don't break them.
Hope this helps,
P
I've been exploring ways that it might be possible to promote the business of a friend of mine. One of these ways is by encouraging users to check in to his business, the incentive for this being that they go into the draw to win some kind of prize.
I've been trying to find if the code for this already exists but I might be looking in the wrong places. If it doesn't what would be the best way to do it using the graph APIs.
Thanks.
You can use Facebook app to check-in to your page/business.
All page check-ins can be fetched using following request by your code
https://graph.facebook.com/PAGE_ID/checkins?access_token=PAGE_ACCESS_TOKEN
If you want to get only specific time period check-ins use since and until params in query.
You have to parse the json response and store in an array and randomly select the winner.
you can contact the winner using their facebook id and send them a message.
You will have to write the code yourself, but it would essentially work like this:
Get the user to allow access to the "Raffle" application and get their email address and permissions to look at their check-ins. Email is required to contact the winner.
Use a scheduled script (cronjob) to periodically check if the user has checked-in anywhere (in particular, the business you want to promote).
Award a raffle ticket for each unique check-in within a 24 hour period.
Hold a draw between all the users who checked in on that day or week and award the prize to someone randomly.
Pretty simple flow, but complex code.
Currently on my website, users login with their login id and password, they are also required to enter their email when they register. Both login_id and email column on the users table have unique index. users table also stores other data associated with the user such as gender,last_name,first_name but these are optional (nullable) fields.
There are two changes I would like to make to the website.
The first one is, users can use their email (in addition to login_id) to login. For new users, when they register, they no longer need to provide a login_id because they will be using their email to login.
The second change is, they can login with facebook. For new users, if they login with facebook for the first time, their facebook uid will be obtained and stored in my database. This means I will have to add a facebook_uid column on the users table.
For existing users, when they login with facebook for the first time, I should first obtain their email address from their facebook profile and then check if there already exists a record using that email in the users table, if yes, their facebook uid will also be stored on the facebook_uid column on that record.
According to facebook, its platform supports two different OAuth 2.0 flows for user login: server-side flow and client-side flow. Which one or both is required for this use case?
Also, what problems can be anticipated when I implement the features like I describe above?
You could take either approach for this, it's entirely up to you. Both methods will give you the data you need, it's a question of how comfortable you are working on the back vs front end. You just need to ask for permission to access to the user's email address.
Problems that could happen: I'm not sure but there may be legal restrictions on storing the user's Facebook ID. Also, what if someone (not me, an evil person!) registers with my email address and you don't validate that they really have access to that address - then when I log in via Facebook, the app will assume we're the same person and the evil hacker now has access to my account. Unlikely scenario but could happen...
If I have a Facebook app, and my users agree to allow my app to access their information, photos, friends, etc, is it ethical to grab their information when they log in, and then saving it in memory so that the next time he goes to my app, it can load faster?
If so, what about when the user logged off? Is the right thing to do to is to delete all the cached information and photos that the user provided?
Has Facebook got any way to detect that we're doing this (saving their information, etc)?
EIDT: Just to be clear, Facebook's term and agreement is not very clear on this matter (agreeing to access information is not always equal to agreeing to have the information stored). As in where I'll be storing the data, it will be just in the user's disk, not my own server. So I can't guarantee that the data is being encrypted securely (If someone steal the phone, that someone will probably be able to get the data)
And yes, my intention is to give my users a better app experience, not anything else.
EDIT2: I'm torn, one answer with very high votes says it's ok because I'm providing a better user experience, but others says I'm breaching privacy. Can anyone provide links to the documentations? Or can more people vote? I'm really glad for the responses!
You're not being malicious. Providing the user a faster experience is beneficial to both the user and to you.
With that said, if the data is not stored on your server in a secure manner and you're being reckless or negligent with the security of that data, then that may raise some ethical questions.
I'd say that it would probably be best to have it off by default, but possibly prompt users to opt-in for faster load times. I think a lot of people would have a problem with you storing their personal data on your server for an arbitrary amount of time past when they sign out of the app.
My answer is similiar to #Keysmack.
I believe you should set default to "off" for caching user's personal fb data.
Opt-in for faster load,performance, more features, etc are all good reasons.
The reason you should offer off by default is that it is actually illegal to store user info without getting their permission in countries such as Australia.
so make sure you consider the legal requirements of the countries your users come from as well as the FB T&C.
Update: Apparently my country passed some new law that makes it a legal requirement to store data for up to 90 days.