6

I am working on a member ordering system and I would like to let the user without register, they can directly login with Facebook.

The problem is, what is the data flow in this approach? For example, do Facebook return the user account / ID/ email or any other information so that I can insert them in my system, or it is just a session that indicate he/she is logged in?

Also, I would like to collect their phone number(for order confirmation). If the visitor did not specific it in their Facebook account, how to handle the case?

Below is the code after my research but it seems only member ID can be returned?

<?php

    define('YOUR_APP_ID', 'YOUR APP ID');

    //uses the PHP SDK.  Download from https://github.com/facebook/php-sdk
    require 'facebook.php';

    $facebook = new Facebook(array(
      'appId'  => YOUR_APP_ID,
      'secret' => 'YOUR APP SECRET',
    ));

    $userId = $facebook->getUser();

    ?>

    <html>
      <body>
        <div id="fb-root"></div>
        <?php if ($userId) { 
          $userInfo = $facebook->api('/' . $userId); ?>
          Welcome <?= $userInfo['name'] ?>
        <?php } else { ?>
        <fb:login-button></fb:login-button>
        <?php } ?>


            <div id="fb-root"></div>
            <script>
              window.fbAsyncInit = function() {
                FB.init({
                  appId      : 'YOUR_APP_ID', // App ID
                  channelUrl : '//WWW.YOUR_DOMAIN.COM/channel.html', // Channel File
                  status     : true, // check login status
                  cookie     : true, // enable cookies to allow the server to access the session
                  xfbml      : true  // parse XFBML
                });
            FB.Event.subscribe('auth.login', function(response) {
              window.location.reload();
            });
              };
              // Load the SDK Asynchronously
              (function(d){
                 var js, id = 'facebook-jssdk', ref = d.getElementsByTagName('script')[0];
                 if (d.getElementById(id)) {return;}
                 js = d.createElement('script'); js.id = id; js.async = true;
                 js.src = "//connect.facebook.net/en_US/all.js";
                 ref.parentNode.insertBefore(js, ref);
               }(document));
            </script>

      </body>
    </html>
Peter O.
  • 32,158
  • 14
  • 82
  • 96
user782104
  • 13,233
  • 55
  • 172
  • 312
  • 1
    Successfully going through the login flow gets you an access token, and with that you can request user data from the API - basic information, or more if you asked for the according permissions. You will not get a telephone number though, that is not available via API. – CBroe Oct 15 '13 at 09:03

6 Answers6

4

Well has you have noticed on your line where you have this:

<?php if ($userId) { 
      $userInfo = $facebook->api('/' . $userId); ?>
      Welcome <?= $userInfo['name'] ?>
    <?php } else { ?>
    <fb:login-button></fb:login-button>
    <?php } ?>

Instead of using the $userId you can do this:

$userInfo = $facebook->api('/me','GET');

This will give you the info about the current logged user.

Now the data that is returned by the facebook API it depends on the permissions you request to the user, when the user is granting permission to your site. Here you can find a list of the User object data, that is returned and the respective permission for that, in case of need. https://developers.facebook.com/docs/reference/api/user/

Since some of the data required by you, like the mobile number or email address, it's not mandatory on facebook, maybe the best approach for you is to use the registration form: https://developers.facebook.com/docs/plugins/registration/

The registration plugin lets people easily sign up for your website with their Facebook account. The plugin is a simple iframe that you can drop into your page. When logged into Facebook, people see a form that's prefilled with their Facebook information, where appropriate.

The registration plugin gives you the flexibility to ask for additional information that's not available through the Facebook API (for example, someone's favorite movie). The plugin also lets people who do not have a Facebook account — or do not wish to sign up for your site using Facebook — to use the same form as those who are connecting with Facebook. This eliminates the need for you to provide two separate login experiences.

Fabio Antunes
  • 22,251
  • 15
  • 81
  • 96
2

You can use the following URL to see what all information you can get from the Facebook.

https://developers.facebook.com/tools/explorer

it is easy to understand the information that we can get from Facebook.

My personal suggestion is to stick with the java-script API for Facebook integration, i found it more useful. To use Facebook graph API for getting information about any user you will need an access token, so the flow should obviously start from there, then initialize each of your requests, if the phone number is not there with the Facebook account after processing the response you should request phone numbers in an alternate way, I hope the above URL will help you understand what all information about a user you can request to Facebook.

Robin
  • 854
  • 8
  • 20
1

I'd recommend you to use a well tested Library like Opauth or HybridAuth.

With them you can ask for any extra data that Facebook has stored. You can also user other sites, like Google or Twitter, for authentication.

Be sure to follow Facebook recommendations, and don't ask for all permissions at once. At least, try to login as a Facebook user and see if just one dialog asking for permissions is presented to the user. Some permissions (e.g. create event) asks more than once for user authorizations. It is a sure way to make them quit your site.

See that it looks like you can't be sure that the email address has been verified by Facebook.

Community
  • 1
  • 1
neves
  • 33,186
  • 27
  • 159
  • 192
1

Though this is not a direct answer i would recommend you to study the implementation of this cake-php plugin at github

https://github.com/webtechnick/CakePHP-Facebook-Plugin

Sumit Kumar
  • 1,855
  • 19
  • 19
1

If you're going with PHP, why not use the PHP wrapper API provided by FB and not the JS. I've been using HybridAuth for my PHP projects and you should give it a try, the advantage being, you can easily add more providers in the future like Google, Twitter without having to go through each one's APIs when you think it's time to integrate more social features.

Deepak Thomas
  • 3,355
  • 4
  • 37
  • 39
  • Continuing the answer to your question, you can have a _checkpoint_ for first-time users prompting to enter their phone number (or run a FQL query for cell,other_phone IF your app is white-listed) – Deepak Thomas Oct 21 '13 at 13:06
1

I'm using the Facebook SDK for PHP in a project right now, here is the way I'm requesting user data:

// If user is not logged in, set the login URL asking for permissions
if( $userId == 0 ) {
      // Generate a login url
      $url = $facebook->getLoginUrl( array( 'scope' => 'email, user_status' ) );
      ... Your Login button ...
} else {
      // Get user's info
      $userdata = $facebook->api( '/me' );
      $data = array(
            'first_name'    => $userdata['first_name'],
            'last_name'     => $userdata['last_name'],
            'username'      => $userdata['username'],
            'email'         => $userdata['email'],
            'languages'     => $userdata['languages'],
            'locale'        => $userdata['locale'],
            'timezone'      => $userdata['timezone'],
            'gender'        => $userdata['gender'],
            'location'      => $userdata['location'],
            'hometown'      => $userdata['hometown'],
      );
      print_r( $data );
}
José SAYAGO
  • 798
  • 6
  • 15