When it comes to integrating your site with facebook, is it recommended to save all the user's info from Facebook to your DB, or is it recommended to query in real time all the info you need based on the user's id?
For example the avatar sizes are different on my site than on my facebook, so I may have no choice but to download the fb avatar, but for other things like name, gender, hometown, I was wondering if I need to save that data.
Also, if I decide to change extended permissions at a later time, is that going to be an easy task?
The choice of whether to cache or re-query is totally dependent on your requirements. If you absolutely need the name to be exact then you should re-query every time. I worked on an facebook application that just didn't care about most user details so we didn't even store them let alone cache them.
Extending permissions is pretty easy.
Related
I know there have been numerous questions regarding Facebook's policies in which we can store information into our application's database. I have looked at Storing Facebook API data and also have looked at https://developers.facebook.com/policy/ but I just want to ensure that I am not violating Facebook's terms of use. I want to store a user's objectID in order to get certain information about them for use on another screen on my application (namely their profile picture) into my database. I was wondering, is that considered okay? I have looked around and haven't seen anything explicitly speaking about storing a user's objectID so I just wanted to confirm this would be okay. If this is not okay, would any one have any suggestions on how I can get a specific user's profile picture? Thanks!
I believe for Facebook's API things like a user's object ID is actually just an ID for that user for specifically your application. Meaning, you have a unique ID for a user that is completely different than the ID that Facebook uses internally or that another application has for the same user. So unless I terribly misunderstand, you can and should store that.
I am trying to build an google chrome extension for Facebook.
I should be able to access the facebook api without actually asking the user to authenticate explicitly for my extension.
Is there a way to do that?
The answer is yes and no.
Yes: You can "read" as much as a they have loaded in their page through a Content Script that reads the window document. A good example could be the following.
In the manifest.json
"content_scripts" : [{
"matches" : ["http://www.facebook.com/*"],
"js" : ["js/vendor/jquery.min.js", "js/content.js"],
"run_at" : "document_end"
}]
In the js/content.js
var document = jQuery(window.document);
var posts = document.find("div[role='article']");
and then you can read as much as you wish of the user, or well, as much as the page loads. You could have some sort of timeout mechanism that checks whether there's new content in the page, or new elements were added to the dom, but at the end the user has to scroll down to load information, or you can hack this through Javascript.
No (and why you shouldn't): I'm not a legal guy, but I had been developing long enough to know that whenever a platform gives you an API, you are supposed to use it. Why? Because they can control what information you are reading, and they can protect their user information that way.
This is actually a delicate line, because sometimes you can enhance a website experience without necessary using a website API (and sometimes they don't even have one). This is then even appreciated if you are actually improving the user experience. In this case thought, I wouldn't do it though, because:
It's Facebook, I'm pretty sure they have in some Terms of Service a line where they describe what I just wrote about reading user's information through external scripts.
External applications that crawl your data have had bad reputation since day one (automatic posts, scamming, scrapping information, etc)
Facebook API is now based in Oauth2, which in its foundation was made to protect the users; through a token denial, a user can stop at any time an application from reading his/her data, while your application has no mechanism for that (uninstall may be it, but you may have stored already his/her data)
It's not that hard asking for permission and you would be saving yourself a lot of trouble.
How to do it the right way? Request an application ID, and load the facebook SDK in a Background Page. Prompt the user permissions (yes, the right way includes asking the user for permission on what you can read so he/she can deny you access to them if you misbehave) and then query the Facebook API with that.
Think about it. You can create an extension that reads the content of a user page whenever he logs into his/her bank. Or his email. Actually, anything that a user sees inside a browser window can be retrieved by an extension. This is extremely dangerous to the user if there's no control over which information is being taken from him!
Ask for permission first. Don't be THAT guy ;)
First i will tell what i want to achieve in my data mining project and then i will ask questions.
I am thinking of using the facebook to find particular user from particular location and from particular community. Then based upon their daily wall posting and likes , dislikes i want to generate a report on what user of particular community are doing or interested in.
Is that legal , i mean can i use my crawler to grab those users public data.
Read the Facebook Terms of Service.
That is what they are for, they tell you what you are allowed to do on their site and what not.
Most likely you are not allowed to access the web site with spiders, and the Facebook API will restrict your data gathering capabilities with rate control etc. except for users that are running your application (or you pay for the data...)
i want to get facebook userid which i can pass on to my website to keep track of user when i click a link on my app. The purpose is to provide 10% discount to all new user who go from facebook to our website but only for one time
Get the GraphAPI, which should get you the ID. Also, depending on your programming environment, there may be more convenient modules for the purpose - check out.
Kudos, for your good intentions of offering a discount! All the Best in Business.
I created a Facebook app(game) in JavaScript. I used Facebook's php-sdk. I dint make a good use of the sdk except to display the name of the user logged, and his details.
I want to store the score of each user at some place. Checked FQL. As far as I saw, it doesnt allow you to store data, there was only SELECT query available. So is there any way in which we can append the score to user information or something similar.
In short can we store the data on Facebook
OR
We should use our own database server only to store the data.
In general you need to store your own data. While it might be possible to fake it by using some attribute of a user, it's certainly not the way it's designed to work and you can't count on the data always being available. You are better off setting up your own database and use the users' FB IDs to tie the info together.
Facebook now supports posting scores via scores api found here.
You can also publish achievements relevant to the game as in here
These have enough guidance to help you out !