Facebook Oauth 2.0 Login using PHP 3.1.1 and Javascript SDKs?

I was going to write this as a comment but it got a bit long... :).

I was going to write this as a comment but it got a bit long... :) A couple of pointers using the PHP SDK: $facebook->getUser(); This will work regardless of authentication. GetUser() pulls publicly available data that does not require an access token, HOWEVER if you do have an access token and the user has provided email permissions for example, this method will also contain their email address. A better test for an authenticated user: $code = $_REQUEST'code'?

True : false; if (!$code) { echo (""); } will check if a user has authorised your app. $access = $facebook->getAccessToken(); Make sure that you always request the Access Token (priority! ) You will only ever recieve a signed request when you have been redirected from a facebook dialogue to your app.(i.e.) oAUTH dialogue.

This method of the SDK will also save your Access Token to a session variable. You can call the getAccessToken() method on any subsequent app page where a PHP session is active EVEN WHEN no signed request has been issued. Now that you have your valid access token for the logged in user, you can proceed with: $user = $facebook->api('/me'); or, simpler still: $user = $facebook->getUser(); I tend to reserve API calls for more complex requests such as posting to a users feed / friends feed.

So to recap: -> check for $code -> get signed request on first page after oAuth dialogue. -> If browser cookies are disabled (likely in ie) don't forget to pass your session to the next page with the SID constant. If you don't, you will loose your stored access token (not good!

).

Thanks, David. This definitely pointed me in the right direction, as I had assumed the SDK was taking care of this for me. I had no idea I needed to request the 'code' parameter!

The example. Php that comes along with the sdk makes no mention of this concept... – pN Oct 25 at 21:55 No problem, the 'code' parameter isn't actually part of the SDK it is just passed in the URL from facebook. Checking if it exists just clarifies that a user has auth'ed your app.

And I'm totally with you on Facebook not mentioning certain 'concepts'. Despite the volume of info provided they omit a lot of very relevant information. – David Barker Oct 26 at 11:25.

I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.