Hi, This has been driving me a little crazy for the past couple of days. Whoever is able to help me the most (what I feel like is the most), I'll shoot them $10 via PayPal. So. I decided to allow users to use the 'connect with facebook' option with a site of mine. Code is custom.. no pre-existing framework is used. It's build with PHP/MySQL. Really, i'm wanting to stay away from using the Javascript SDK, and wanting to solely use the PHP one. So, a couple of questions I have. 1. What exactly are access tokens? At the moment, the app is set to request offline_access, so.. haven't had much dealings with access codes all that much. From what I can tell, you need it to request specific information from the user (once they have approved the app).. but I have been able to access everything so far without even having touched access tokens. How does having an access_token change anything? When the user is active on the site, you can request everything without an access token. And if it is only for when they are offline, what's the point in the offline_access param? 2.Once a user is logged into my site via Facebook, it seems that they have to reclick the 'connect with facebook' (don't need to add access to the app again), if they have been inactive for a couple of hours. I'm not sure why this happens exactly, or how to prevent it? I have looked into looking at what cookies facebook provides and seeing if I can maybe keep the user logged in by creating a new facebook session myself. Whilst logged in, The following sessions are created [fb_13*******_code] [fb_13*******_access_token] [fb_13*******_user_id] However, when destroying the sessions set by facebook.. the [fb_13*******_state] is set instead of the above three. Can this be used to keep the user connected with facebook? 3. Whenever a user has 'connected' with facebook, facebook returns a 'code' variable in the URL. I'm not sure what this is for also, but it is the only PHP session variable that changes, whilst access_token, and user_id remain the same (obviously user id will stay the same, and i'm sure access token would change if offline_access wasn't enabled). What is 'code' used for? 4. When setting a new facebook class, you have the option (i believe) to set the 'cookie' => true. However, no cookies are actually set? Any help, would be much much appreciated Cheers
Have you read this page? http://developers.facebook.com/docs/authentication/ It explains what are "access_token" and "code" and where/how to use them.
Hi, To keep user connected you need to store user_id and access_token in COOKIES and use them to request any information on the Facebook script API and store those two variables in your database along with regular data you need to store like preferences and language and you'll get them with GET method when user authenticate and you can use them to fetch data even if the user is not connected in your case, hope you understood and you would give me $10 awards if there is something unclear feel free to say it . Thanks .
I develop rylcolikes.com is a system that allow to earn money clicking on facebook like buttons, i had a similar problem in rylcolikes and the solution is not elegant... You need to replace the setCookieFromSession() function in the facebook.php (From the facebook SDK) file... This function are located between the lines 668 and 705. You should replace the function by this: protected function setCookieFromSession($session=null) { $cookieName = $this->getSessionCookieName(); $expires = time() - 3600; $domain = $this->getBaseDomain(); if ($session) { $value = '"' . http_build_query($session, null, '&') . '"'; if (isset($session['base_domain'])) $domain = $session['base_domain']; $expires = $session['expires']; setcookie($cookieName, $value, $expires, '/', $domain); } } I told you is not an elegant solution but it works for me Buena suerte!