我有一个名为fbmain.php的文件,它会对用户进行身份验证。
<?php
//set facebook application id, secret key and api key here
$fbconfig['appid' ] = "MY_APP_ID";
$fbconfig['secret'] = "MY_APP_SECRET";
$uid = null; //facebook user id
try{
include_once "facebook.php";
}catch(Exception $o){
echo '<pre>';
print_r($o);
echo '</pre>';
}
// Create our Application instance.
$facebook = new Facebook(array(
'appId' => $fbconfig['appid'],
'secret' => $fbconfig['secret'],
'cookie' => true,
));
//Facebook Authentication part
$session = $facebook->getSession();
//Get permission from user
$loginUrl = $facebook->getLoginUrl(
array(
'canvas' => 1,
'fbconnect' => 0,
'req_perms' => 'email,publish_stream,status_update'
)
);
if (!$session) {
echo "<script type='text/javascript'>top.location.href = '$loginUrl';</script>";
exit;
}
if ($session) {
try {
$uid = $facebook->getUser();
} catch (FacebookApiException $e) {
echo "<script type='text/javascript'>top.location.href = '$loginUrl';</script>";
exit;
}
}
//signed_request part
$signed_request = $_REQUEST['signed_request'];
$secret = $fbconfig['secret'];
$data = parse_signed_request($signed_request, $secret);
$fan_page_id = $data['page']['id'];
$admin_check = $data['page']['admin'];
$like_check = $data['page']['liked']; //New
//Get fan page id
function parse_signed_request($signed_request, $secret) {
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
// decode the data
$sig = base64_url_decode($encoded_sig);
$data = json_decode(base64_url_decode($payload), true);
if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
error_log('Unknown algorithm. Expected HMAC-SHA256');
return null;
}
// check sig
$expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
if ($sig !== $expected_sig) {
error_log('Bad Signed JSON signature!');
return null;
}
return $data;
}
function base64_url_decode($input) {
return base64_decode(strtr($input, '-_', '+/'));
}
?>
我已将fbmain.php文件包含到我的index.php文件中并访问用户数据 后来我想访问用户生日。所以我添加了'user_birthday'权限对fbmain.php文件的引用。文件如下所示
//Get permission from user
$loginUrl = $facebook->getLoginUrl(
array(
'canvas' => 1,
'fbconnect' => 0,
'req_perms' => 'email,publish_stream,status_update,user_birthday'
)
);
index.php文件的代码如下所示,
<?php
//index.php file
include_once "fbmain.php";
$me = $facebook->api('/me');
$_SESSION['id'] = $me['id'];
$_SESSION['name'] = $me['name'];
$_SESSION['link'] = $me['link'];
$_SESSION['email'] = $me['email'];
if($me['birthday'] == null){ ?>
<script>
top.location = 'http://www.facebook.com/dialog/oauth?client_id=MY_APP_ID&redirect_uri=MY_REDIRECT_URL&scope=user_birthday';
</script>
<?php }else{ ?>
//Some other codes
<?php } ?>
如果$ me ['birthday']返回null值,我会将用户重定向到请求用户生日的权限窗口。我不得不添加这部分,因为我稍后将user_birthday添加到权限引用的范围内
这适用于某些用户并显示“请求权限”窗口,要求访问用户的生日。
但是对于一些用户来说它会显示一条Facebook错误消息(可能是因为我在显示“请求权限”窗口之前尝试访问用户的生日:$ me ['birthday'] == null)
有人能告诉我一个正确的方法来获得用户重新获得用户生日的许可吗?
请注意,此问题仅适用于已在我的应用中进行过身份验证的用户
答案 0 :(得分:0)
您知道facebook在 getLoginUrl()功能中将权限参数从 req_perms 更改为范围。尝试范围,可能会有效。
答案 1 :(得分:0)
我不明白php ... bt check FB.ui
https://developers.facebook.com/docs/reference/dialogs/oauth/
在这里你有oAuth对话框来询问用户权限。
答案 2 :(得分:0)
您可以使用范围参数来请求权限。 这是您要替换的代码
if ($user) {
$logoutUrl = $facebook->getLogoutUrl();
} else {
$loginUrl = $facebook->getLoginUrl(
array(
'scope' => 'email,publish_stream,user_birthday',
)
);
如果您使用这些代码,您的访问者首次访问此代码请求完整的权限,并且已经为其他权限进行了认证用户来到此页面,它仅请求生日权限。 你不需要使用
if($me['birthday'] == null){ ?>
<script>
top.location = 'http://www.facebook.com/dialog/oauth?client_id=MY_APP_ID&redirect_uri=MY_REDIRECT_URL&scope=user_birthday';
</script>
<?php }else{ ?>
//Some other codes