web2.0goodies.com » Profile Tabs http://web2.0goodies.com/blog Tips, Tricks, and How To's for Web 2.0 Tue, 03 Jan 2012 05:34:32 +0000 en hourly 1 http://wordpress.org/?v=3.3 Facebook Profile Tab Application (FBML) http://web2.0goodies.com/blog/facebook/facebook-profile-tab-application-fbml/ http://web2.0goodies.com/blog/facebook/facebook-profile-tab-application-fbml/#comments Sun, 18 Jul 2010 03:17:57 +0000 admin http://web2.0goodies.com/blog/?p=102 To Start with, setup your application with these instructions: (Insert link here).

Receiving Facebook Posts

You FBML application will receive information from Facebook in the form of a signed post. To determine if a post from facebook is authentic, there is an algorithm described here.

I have written a class I use that looks like this: 

require_once('config.php');

class Joey_Facebook{
	public static function getFacebookParams(){
		if(!isset($_POST['fb_sig'])) throw new Joey_Facebook_Exception("No Facebook Signatore Parameter");

	    $parameters = $_POST;    

	    if(self::authenticatePayloadFromFacebook($parameters, FACEBOOK_APPLICATION_SECRET)){
	    	return $parameters;
	    }
	    else{
	    	throw new Joey_Facebook_Exception("Parameters Do Not Authenticate!");
	    }
	}

	private static function authenticatePayloadFromFacebook($parameters, $application_secret){
		ksort($parameters);
	    $payload = '';

		foreach ($parameters as $key => $value) {
	        if ($key != 'fb_sig') {
	            $payload .= substr($key, 7) . '=' . $value;
	        }
	    }

	    if (md5($payload . $application_secret) == $parameters['fb_sig']) {
	    	return true;
	    }
	    else{
	    	return false;
	    }
	}
}

class Joey_Facebook_Exception extends Exception{
	public $msg;
	public function __construct($msg){
		$this->msg = $msg;
	}
}

Once you have authenticated the request, you can now use the data in it. The important data (to me) is…

When a user has granted your appliation basic permissions, the $_POST['fb_sig_user'] is the facebook users id. Your application can use this to store and retrieve database records, display customized content, etc…

If your application is viewed via a profile tab, the profile owner’s fbid is in $_POST['fb_sig_profile_id'].

With these two basic pieces of information you can essentialy embed basic web applications into Facebook. You can gather much more information from the post, and also use Facebook’s API (btw… It does need to be de-mistified…) to gather more information about the user and add more social features to your application.

Getting a user to “Add Application”

To redirect the user to the basic add application page, view the details on this page.

]]> http://web2.0goodies.com/blog/facebook/facebook-profile-tab-application-fbml/feed/ 0