How can I verify users facebook ID that he provides during signup process

2 comments

1. When user logs in using this FB button. Its session is generated. So I can use PHP API to get any information I want.

   I put this code in html body

                 <script>
     window.fbAsyncInit = function() {
     FB.init({
       appId      : <?php echo $facebook->getAppId(); ?>, // App ID
       channelUrl : '//WWW.example.com/channel.html', // Channel File
       status     : true, // check login status
       cookie     : true, // enable cookies to allow the server to access the session
       xfbml      : true  // parse XFBML
     });
   
     // Here we subscribe to the auth.authResponseChange JavaScript event. This event is fired
     // for any authentication related change, such as login, logout or session refresh. This means that
     // whenever someone who was previously logged out tries to log in again, the correct case below 
     // will be handled. 
     FB.Event.subscribe('auth.authResponseChange', function(response) {
       // Here we specify what we do with the response anytime this event occurs. 
       if (response.status === 'connected') {
         // The response object is returned with a status field that lets the app know the current
         // login status of the person. In this case, we're handling the situation where they 
         // have logged in to the app.
         testAPI();
       } else if (response.status === 'not_authorized') {
         // In this case, the person is logged into Facebook, but not into the app, so we call
         // FB.login() to prompt them to do so. 
         // In real-life usage, you wouldn't want to immediately prompt someone to login 
         // like this, for two reasons:
         // (1) JavaScript created popup windows are blocked by most browsers unless they 
         // result from direct interaction from people using the app (such as a mouse click)
         // (2) it is a bad experience to be continually prompted to login upon page load.
         FB.login();
       } else {
         // In this case, the person is not logged into Facebook, so we call the login() 
         // function to prompt them to do so. Note that at this stage there is no indication
         // of whether they are logged into the app. If they aren't then they'll see the Login
         // dialog right after they log in to Facebook. 
         // The same caveats as above apply to the FB.login() call here.
         FB.login();
       }
     });
     };
   
     // Load the SDK asynchronously
     (function(d){
      var js, id = 'facebook-jssdk', ref = d.getElementsByTagName('script')[0];
      if (d.getElementById(id)) {return;}
      js = d.createElement('script'); js.id = id; js.async = true;
      js.src = "//connect.facebook.net/en_US/all.js";
      ref.parentNode.insertBefore(js, ref);
     }(document));
   
     // Here we run a very simple test of the Graph API after login is successful. 
     // This testAPI() function is only called in those cases. 
     function testAPI() {
       console.log('Welcome!  Fetching your information.... ');
       FB.api('/me', function(response) {
         console.log('Good to see you, ' + response.name + '.');
       });
     }
   </script>
   

   PHP Side Code

           $config = array();
           $config['appId'] = 'myappid';
           $config['secret'] = 'myappsecretid';
           $config['fileUpload'] = false; // optional
   
           $facebook = new Facebook($config);
           $access_token = FALSE;
           $user = $facebook->getUser();
           if($user){
             // The user is logged in
             try{
               $user_profile = $facebook->api('/me');
               $access_token = $facebook->getAccessToken();
               // Here : API call succeeded,
               // you have a valid access token
               print_r($user_profile);  // all the user info is in this object
             }
             catch(FacebookApiException $e){
               // Here : API call failed,
               // you don't have a valid access token
               // you have to send him to $facebook->getLoginUrl()
               $user = null;
             }
           }
   

2. You can do something like this,

   before signup test via ajax that is fb id exist and if reponse is +ve than process signup else show him message ‘wrong fb id’.

   ajax fx may be

   <?php
   function test(){
      if(isset($_POST['fb_id']) && $_POST['fb_id'] != ''):
         $test=wp_remote_get('http://graph.facebook.com/'.$_POST['fb_id']);
         $test=wp_remote_retrieve_body($test);
         $test=json_decode($test);
         //check any json element for valid id like username etc
         if(){//pass
           $status=array('status'=>'pass');
           echo json_encode($status);
         }else{//fail
           $error=array('status'=>'fail');
           echo json_encode($error);
         }
     else:
       $error=array('status'=>'fail');//in case empty value for fb id from form
       echo json_encode($error);
     endif;
   die();
   }
   ?>
   

Comments are closed.