how can i get a facebook user's info like name, country, etc without making him login using fb connect, etc if i already know his facebook id?
I mean can i use the php facebook client to get those details without prompting for login if i already know the facebook id?
Thanks in advance :)
You can't get that information with just a facebook id unless the person who the information belongs to made that information public (which almost noone has).
The only solution I see is to ask your users for the extended permission "offline_access".
As far as I know you can only do this from within a facebook application or through the Facebook Connect javascript library (so not with the PHP library for instance).
This means that you will have to ask users to login at facebook through fb:connect atleast once, ask for offline access and store the facebook sessionKey in your local database.
Because you have offline access now, the facebook sessionKey won't expire and you can login serverside without the user being present.
This is how I implemented the php server side after attaining the permanent session:
$this->fb = new Facebook($settings["api_key"], $settings["secret"], false, true);
$this->fb->user = $facebookUserId;
$this->fb->api_client->session_key = $sessionKey;
$this->fb->api_client->set_user($facebookUserId);
The only other way to get a private users information is if you have an application and that user has given it access. Then you can snatch up any data using a FQL query.
$facebook->api_client->fql_query(
"SELECT first_name, last_name, location
FROM user
WHERE uid={$userid},
AND is_app_user;"
);
Related
Is there a way to get the user IDs of all the people who are using your Facebook application?
Doing an extensive research I concluded that there's NO method to do this!
What I have found:
An old REST API called friends.getAppUsers that gets all the IDs of the user's friends that authorized the application.
What I wish I had found:
After reading the App Login section in the authentication document:
In addition to User Login, Facebook
Platform support App Login using
the OAuth 2.0 Client Credential flow.
App Login allows you to take various
administrative actions for your app,
such as retrieving Insights data or
approving Requests.
I thought the application object would have a direct method for this (similar to accounts):
$facebook->api("/APP_ID/users");
But I was wrong. And then with the introduction of the insights feature, I was shocked that you can only get the count of the User IDs!
What you can do:
Storing the User ID in your DB as soon as a user authorize your application and if your application already has users (most likely the case), check if you have a record for each user that interacts with your application in your DB...this way, you'll get the User IDs for your active users in no time.
Just a little more on this - I managed to find a lot of the userIDs I was looking for by doing basic Graph API searches and then checking they were valid with my app.
Search an email address or username here:- https://developers.facebook.com/tools/explorer?method=GET
QUERY: https://graph.facebook.com/search?q=user#email.com&type=user
If you get a match or more than one, you can check it is valid as install on the FQL query button of the same explorer:-
SELECT uid FROM user WHERE uid = *USER_ID_TO_SEARCH* AND is_app_user = 1
If it appears as a uid, you're good - they're valid. This helped me get to what I needed (when I hadn't got some of my app users info on signup).
GET /v2.10/{app-id}/accounts
You will get all the accounts for the application
I'm trying to implement facebook connect to my website, and i have couple questions.
1: Is it possible to register user in my website using his current facebook email/password.
Let's say user clicks on link Register via facebook and then he have to give me permisions to access his password, email, etc... and after that is done i put that info in my own database and he will be able to login with that account any time he wants without needing to give me permisions any time in the future.
2: If that kind of registration is not possible, what's other solution would be the best for me? Because i need to somehow keep track of that user who logged in with facebook, because he can upload photos, send messages etc.
Anyways, i'm quite new with facebook and similar things, so i'm really lost here, hope some one can help me :)
EDIT Thank you all for wonderful answers it helped me a lot, now all that's left is to read documentation :)
Yes it is, it is possible to get the information of the user. But it is rather complicated, when you have never dealt with it.
First you need to send the user to the following link:
https://m.facebook.com/dialog/oauth?client_id=your-client-id&redirect_uri=xxx&scope=listof-information-you-want
Facebook will then return your client to the uri specified, if the user rejected it will give a reason. If it is not you will get an code in urlencoded format.
This code is needed for the following step, the request of the access token:
https://graph.facebook.com/oauth/access_token?redirect_uri=xxx&client_id=xxx&client_secret=xxx&code=xxxx
This will give back an access token, if the authorization didn't fail.
After that you can ask for the information you want:
https://graph.facebook.com/me?method=GET&metadata=true&format=json&access_token=access_token
This will include a facebook uid, which is unique for all users. Store it and you can discern between a register and login.
This is roughly the process for any oauth2 application.
Facebook will not ask repeatedly for permissions after the user granted them to you. So you can store the access token and reuse it for backend stuff and also use the same procedure you use for register for login.
You can never access the user's password from Facebook even with his/her permission, so the user will always have to authenticate via Facebook and have Facebook pass you the user id of the logged in user once authentication succeeds. You can store all kinds of other data locally, but not enough to authenticate the user yourself.
Once the user is authenticated, you'll have access to the user's Facebook user id via the API, which should be enough to connect all kinds of information to that specific user.
Facebook does not provide access to accounts when passwords are taken from your controls. It provides it own canvas for login information. Therefore you cannot use your first approach to store passwords in your databases. Check this out.
You can however store email addresses once user logins into his account using the facebook sdks. Check this out link for the example of C# SDK sample code.
You can use the Facebook APIs to fetch user email-id, photos, friendslist and other information and then play around accordingly.
You don't get access to the users password - only email if you ask for it.
Best way would be to have a table of users and their Facebook account id's.
If you want to allow users to sign up without Facebook then have a nullable field for their password and facebook id, and also have a field for username - which you could populate from Facebook if they register via that route.
I've been trying to figure out a way to have my iframe Facebook app (built in PHP) work without requiring separate authentication methods. I am already logged into Facebook, but for some reason I still see all these Oauth notices from the example in the PHP SDK.
The only data I need is publicly available even without them "adding" my app. I am looking to collect their Facebook ID (since this is a contest, we need a unique ID for tracking), their name and (optionally) their email address as well.
The problem is, I cannot use the API to fetch the public information unless I already know their Facebook username. Any ideas on how I might be able to get their logged-in username or public handle so I can then fetch the rest of the information?
For whatever reason, Oauth is driving me completely insane with Facebook today.
Sidenote:
I did manage to technically get the Javascript SDK operational, which fed some information to PHP for use. The only issue there is that once I login, I don't see the data. If I refresh...then it shows up. Unsure why the refresh is required, as I wouldn't expect a user to actually have to hit refresh in order to proceed with the app.
I guess you are a bit confused here, Facebook will NOT share the username, id, full name or email without the user explicitly authorizing/allowing your application (and in the case of the email, requesting the email permission!).
Read the official Canvas Tutorial for more information:
In order to gain access to all the user information available to your
app by default (like the user's Facebook ID), the user must authorize
your app.
Is it possible to get the ID (Facebook Graph API) of a user who is currently logged in, without any access tokens?
If not, then how do I get new access tokens every time a user visits my page?
You will need to init the Facebook Javascript SDK and the user will have to have authorized your app at least one time. After that when the user visits your page as long as they are logged into Facebook you'll have access to the id and can retrieve it using
FB.getLoginStatus
the response will contain the information you're looking for.
Check this blog post for more details on setting up the FB init and the initial login.
https://developers.facebook.com/blog/post/525/
You can check the facebook ID using their username
http://graph.facebook.com/radrivan
You can use the javascript sdk to get their accesstoken and let them allow your app.
https://developers.facebook.com/docs/facebook-login/login-flow-for-web/v2.2
Is there any way to get the Facebook User Id of visitors in my website by using the FB API, but without need to ask them to authenticate my Facebook app?
All I need is some facebook-related-identifier, it does not even have to be the User Id, but any kind of identifier that can relate the user to a facebook profile.
Ideas?
If the user does not explicitly authorize you to get some private data from his Facebook account (included his Facebook ID), you can not get them.
I cannot think of a way to get the Facebook ID without the authorization of the user.
Hope that helps.