As you all know recent changes in privacy issues made Facebook to change their basic API and added some security concerns. From my best practise, most of the old applications are safe, but you will be in trouble when you create new application. By default you cannot access user’s photos, profile pictures , albums etc. If you continue with old REST API, you may face this problem. You will get an empty array or json string when you call photos.getAlbums function.

If you test these functions from Facebook Console Tool:

http://developers.facebook.com/docs/reference/rest/photos.getAlbums

It returns real value when you select old applications and returns empty string [] if you select your newly created Facebook app.

To get all those support, you need to use new Graph API

But if you follow the same steps mentioned in that official document, you will still get this empty string problem. Because, in the basic authentication call, there is no permission type is mentioned. You can only see a basic message with Allow or Deny button.

According to that document, as the part of authentication, you need to call this url with your client id and redirect url and it returns an access_token after a #

https://graph.facebook.com/oauth/authorize?
    client_id=...&
    redirect_uri=http://www.example.com/oauth_redirect

You need to use this access_token to request all other functions, eg:

https://graph.facebook.com/me?access_token=...

This call will work for most of the requests except photos or albums. So the mistake in these calls are the permission.

Here is the correction:

https://graph.facebook.com/oauth/authorize?
    client_id=...&
    redirect_uri=http://www.example.com/oauth_redirect&perms=publish_stream,user_photos

Here we pass perms parameter to set different permission and if you use the access_token after this request , you can access user photos and albums. You can see another permission popup with album and photo access.

Here is the list of such extended permissions in Facebook.

This is the problem when you use new Javascript SDK for graph API, or when you try to integrate these API in PHP or PERL or any other Server side scripting language from the scratch.

If you use new Facebook PHP Graph SDK , you cannot get these problems, but there is still another hidden problem if you continue testing code by the example provided by them.

It is my next POST . See you at there

Thanks

Sajith

Tags: album, albums, api, documentation, empty string, error, facebook, featured, functions, graph, graph api, help, missing, permission, photos, php, privacy, problem, rest, rest api, security

Like the old REST API, you don’t need to add 2-3 files for Facebook PHP SDK. The new graph api comes in a single file which is located at http://github.com/facebook/php-sdk/

Copy the facebook.php file in to your webroot and include this file in your php code.

require_once(‘facebook.php’);

To work fully functional, you need CURL and JSON installed in your server. To check this use phpinfo() function.

To make sure, these missing is the main problem, add  exit(‘Curl error’); just above the line   throw new Exception(‘Facebook needs the CURL PHP extension.’); in facebook.php file.

Same for JSON.

The Linux way of installing CURL is :

sudo apt-get install curl libcurl3 libcurl3-dev php5-curl

To install JSON in your linux machine, follow these steps:

1. pecl install json
2. Add json.ini file in /etc/php.d/
3. edit json.ini (in VI) and add this line: xtension=json.so
4. Save the file and restart appache (/etc/init.d/httpd restart)  or apache2 restart depends on your linux OS

See the example.php file in php-sdk from Github, if you call getSession function, you only get a NULL string if you are not logged in proper way. So I recommend to redirect into login page if there is no session available.

Here is the change:

if (! $facebook->getSession()) {

header(‘Location: ‘.$facebook->getLoginUrl());

}

Then try the rest of the part as per example.php , it will work

Good Luck

Sajith

Tags: api, apt-get, blank page, curl, error, facebook, graph, install, install curl, install json, json, pear, pecl, php, sdk, solution

There is a very strange issue with PHP session when you prefer session to save in files other than database (normal session).

The problem is: some times you can access all the saved session values from $_SESSION and sometimes it returns a empty array.

If you refresh 10 times, perhaps 4 times you will get session and 6 times you will get it empty.

The problem is not due to domain level security or session expiry . It is due to session file location. If you run a phpinfo() function in any of your page, you can see there is a part of sessions. There you can see a session variable session_save_path and it will be pointing to /tmp/ or /etc/somefolder or /var some folder inside the linux file architecture.

Since at clouds, different servers server at different time, some server can see the exact saved files in that location and some server cannot. (Since /tmp etc directories are not shared among them)

Solution:  Call the below php function and set session file path inside your web root . You need to call this function before your session_start() call

eg:

session_save_path(‘/mnt/stor1-wc2-dfw1/4675/5044/to/your/website/rootfolder/or/inner/directory‘);

For windows users as well, this is the solution. This problem occurs in ASP application as well.

Thanks

Sajith

Tags: $_session, asp, cloud, empty, error, php, refresh, saving, server, session, session not saving, session_save_path, session_start