Facebook PHP Permissions

Following on from the template PHP facebook application I described, I want to cover facebook permissions. Specifically, how can you get the authority to write on a user’s wall, or send them email?

The internet, as I am sure you have found out, is awash with a variety of walkthroughs and guides documenting the process. Most of them don’t seem to work though. This isn’t because they are bad. Its because Facebook seem to move the goalposts themselves. The code probably did work when it was posted, but that is no longer the case.

I have no idea of the shelflife of this article, but I do know that on May 1st 2011 it was working fine!

Up until now, we have been using the following line to authorise our applications:

$url = $facebook->getLoginUrl(array('canvas' => 1, 'fbconnect' => 0));

If you use that, you get a screen like the one below when you try and run the application:

PHP Security - Part 1.1

However, if your application is authorised like that, and you try to post to a user’s stream, it doesn’t give you an error. Nor does it ask for permission. Instead, it goes into an endless loop.

A search on setting permissions reveals lots of conflicting data, however, the following permission list is useful.

From that list, we can see that the publish_stream permission is what we are after. But how do we apply that to our getLoginUrl line? I tried simply adding “publish_stream=1″, however, that didn’t work. I eventually found some code which showed the correct technique:

    $url = $facebook->getLoginUrl(array(
    'canvas' => 1, 
    'fbconnect' => 0,
    'req_perms' => 'email,publish_stream,status_update,user_birthday,user_location,user_work_history'));

NB: if you are using PHP SDK Version 3 you will need to use the following instead:

$url = $facebook->getLoginUrl(array(
'scope' => 'email,publish_stream,status_update,user_birthday,user_location,user_work_history'
 ));

The array can also contain other values too:

     $url = $facebook->getLoginUrl(array(
'scope' => 'publish_stream,status_update',
'redirect_uri' => $canvasUrl.'main.php' 
));

If you do that, you get the following permissions screen:

PHP Security - Part 1.2

So, first you need to decide what permissions you want, then add them to the ‘req_perms’ string.

Ta da!

You can skip to the end and leave a response. Pinging is currently not allowed.

3 Responses to “Facebook PHP Permissions”

  1. [...] have already seen how to grant permissions to write to the wall, but how do you actually do it using PHP? Its fairly simple using the Javascript SDK, but to [...]

  2. Abanoub says:

    Hi
    This was REALLY helpful, i’ve been searching for somthing like this in more than 3 days.
    Could you please share the full index.php code for beginners like me to see whats going on behind the scenes?
    thanks again

Leave a Reply

Opposite of up:

Powered by WordPress | Cheap at&t cell phones for sale | Thanks to Sprint online specials, Video Game Music and Car Insurance