Making an FB app in PHP without the SDK

[Leozack]

Hi all - this might sound silly but I figured when trying to make an FB app I'd avoid the SDK so I'm not reliant on it .... yeah so anyway.
I've finally got the basics of login and accessing the logged in person's name & picture done - but it's taking so long to do this and I'm sure (even without the SDK) there's a far superior way people have worked out?

Currently my index.php looks like this

// CHECK SESSIONS ENABLED

session_start();
$_SESSION['test'] = "testing";

if($_SESSION['test'] != "testing") {
	exit;
}

// CHECK FB/APP LOGIN
header('Location: '."[URL unfurl="true"]https://www.facebook.com/dialog/oauth?client_id=<appid>&redirect_uri=http://www.website.com/page2.php");[/URL]
die();

and page2.php looks like this

// CHECK SESSIONS ENABLED

session_start();
$_SESSION['test'] = "testing";

if($_SESSION['test'] != "testing") {
	exit;
}

// CHECK FOR DIRECT PAGE LINK

if (!$_GET) {
	header('Location: '."[URL unfurl="true"]https://www.facebook.com/dialog/oauth?client_id=<appid>&redirect_uri=http://www.website.com/page2.php");[/URL]
	die();
}

// CHECK FOR DENIED LOGON

if (($_GET['error']=="access_denied") and ($_GET['error_code']=="200") and ($_GET['error_description']=="Permissions error") and ($_GET['error_reason']=="user_denied")) {
	// "Facebook login is required to use this app";
	exit;
}

// GET TOKEN FROM CODE

if ($_GET['code']) {
	$response = file_get_contents("[URL unfurl="true"]https://graph.facebook.com/oauth/access_token?client_id=<appid>&redirect_uri=http://www.website.com/page2.php&client_secret=<secret>&code=".$_GET[/URL]['code']);
	parse_str($response, $response);	// Turn $response string of URL style key/value pairs into array called $response

	// TEST TOKEN IS VALID
	if ($response) {
		$acctok = $response['access_token'];
		$inspect = file_get_contents("[URL unfurl="true"]https://graph.facebook.com/debug_token?input_token=".$acctok."&access_token=<appid>|<secret>");[/URL]
		$inspect = json_decode($inspect, true);

		// CHECK TOKEN CONTENTS ARE VALID
		if (($inspect['data']['app_id'] == "<appid>") and ($inspect['data']['is_valid'] == "1") and ($inspect['data']['expires_at'] > time())) {
			$uid = $inspect['data']['user_id'];
			$uname = file_get_contents('[URL unfurl="true"]https://graph.facebook.com/'.$uid.'?fields=name&access_token='.$acctok);[/URL]
			$uname = json_decode($uname, true);
			$uname = $uname['name'];
			//header('Location '."[URL unfurl="true"]https://graph.facebook.com/".$uid."/picture?type=normal");[/URL]
			echo "Welcome ".$uname."<br /><img src='[URL unfurl="true"]https://graph.facebook.com/".$uid."/picture?type=normal'[/URL] />";
		} else {
			// "Session invalid or timed out - please try logging in again";
			exit;
		}
	}
}
exit;

_________________________________
Leozack

MakeUniverse($infinity,1,42);

 

[ChrisHirst]

Far be it from me to state the obvious, but the Facebook API/SDK is there to remove the need for developers to 'reinvent the wheel' and/or having to 'guess' how things work on the Facebook side of things.
Far from making you 'reliant' it will 'future-proof' your application.

Chris.

Indifference will be the downfall of mankind, but who cares?
Time flies like an arrow, however, fruit flies like a banana.
Webmaster Forum

 

[Leozack]

Perhaps, perhaps not. They clearly off the "manual method" but then I just find myself wondering how their basic functionality is accessible. Sure I could use an SDK or something but I wouldn't udnerstand it as much, and anytime they change it I'd have to change too. I've got this far without it and it'd just be nice to not need it.
Also one of the key things I'll need is a "multi user selector" to add friends to a group list. I found there are lots of 'versions' or such a tool - you'd think it was a simple common conctrol, the sort you'd drag n drop in a .net environment. Apaprently you can do stuff with their JSDK or XFBML or whatever. I guess technically again I could do it with php but I'd still need JS to handle the interaction. Meh :| ?But if I inch closer to the JSDK then you'd say just use that and stuff the PHPSDK lol though they are not exactly covering the same ground

_________________________________
Leozack

MakeUniverse($infinity,1,42);

 

[Leozack]

Hmmm noone? I thought at least the multi user selector would be something someone has bashed out 100 times before

_________________________________
Leozack

MakeUniverse($infinity,1,42);

 

[jpadie]

I imagine any of the normal jQuery classes for picklists will be just fine.

But it wouldn't be too difficult to roll your own.

Definitely advisable to use an SDK on both client and server side. These sdks abstract the low level calls for you. It is frequently the low level api that changes whilst the abstraction layer stays static or is enhanced with more functionality. There would be no point in an SDK otherwise.

 

[Leozack]

I guess - I prefer to do things myself for a better understanding of the flow and finer control of what happens - but we'll see! I guess I haven't got into the actual client side yet but using the JSDK may make sense if it means I can code dump for the important stuff like the friend picker without spitting out my own lists with event controls

_________________________________
Leozack

MakeUniverse($infinity,1,42);

 

[Leozack]

Hmmm also I've avoided JQ this far in life as I'm used to just JS, so any JQ will be a whole new learning experience

_________________________________
Leozack

MakeUniverse($infinity,1,42);

 

[jpadie]

worth learning otherwise you will need to code your picker to work with every browser and every browser iteration. use jQuery and you just need to build the functionality and let the framework sort out compatibility.

if you are proficient with javascript, learning the jQuery selector and DOM navigation syntax will take only an hour. it is well documented.