SitePoint Sponsor

User Tag List

Results 1 to 4 of 4
  1. #1
    SitePoint Zealot
    Join Date
    Dec 2010
    Posts
    118
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    connect website with facebook?

    I am using this script to get the user image,name and email..
    now, how can I get those details and enter them into the database?

    I thought about Ajax to send a request like that:
    insertDB.php?image=abc&name=dan&email=dan@dan.com
    but its some kind of a security issue since bots could register to my website...
    (just send GET requests..).

    what can I do to solve this problem?
    Code HTML4Strict:
     <html>
        <head>
          <title>My Facebook Login Page</title>
        </head>
        <body>
          <div id="fb-root"></div>
          <script src="http://connect.facebook.net/en_US/all.js"></script>
          <script>
             FB.init({ 
                appId:'169630839752390', cookie:true, 
                status:true, xfbml:true 
             });
    		  FB.api('/me', function(user) {
               if(user != null) {
                  var image = document.getElementById('image');
                  image.src = 'http://graph.facebook.com/' + user.id + '/picture?type=large';
                  var email = document.getElementById('email');
                  email.innerHTML = user.email;
                  var name = document.getElementById('name');
                  name.innerHTML = user.name;
               }
             });
          </script>
    	  <fb:login-button perms="email,user_birthday,publish_stream">Login with Facebook</fb:login-button>
         <div align="center">
         <img id="image"/>
    	 <div id="name"></div>
    	  <div id="email"></div>
         </div>
        </body>
     </html>

  2. #2
    SitePoint Wizard bronze trophy chris.upjohn's Avatar
    Join Date
    Apr 2010
    Location
    Melbourne, AU
    Posts
    2,189
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    You could use a hidden form and submit it with javascript then use your PHP script to check that all the fields have valid values.

  3. #3
    SitePoint Zealot
    Join Date
    Dec 2010
    Posts
    118
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    how can I submit a form with javascript ?

    Edit:
    Ok, I found out how to submit a form with javascript.
    But, it still don't solve my problem.
    I want the Facebook plug-in to send immedialty the data to my php script.
    for example I am getting there the user.id and I don't want some hacker will use it to "steal" other people id's.
    (with your solution he could just easily make fake form and send other people id's...)
    so I need the Facebook plug-in to insert the database the data...

  4. #4
    SitePoint Wizard bronze trophy chris.upjohn's Avatar
    Join Date
    Apr 2010
    Location
    Melbourne, AU
    Posts
    2,189
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    To solve that you can use the javascript code to generate the form so instead the page starts off with...

    HTML Code:
    <form action="facebook_auth.php" method="post"></form>
    Using javascript to dynamically generate the form would be the best solution i can offer as once the fields have been generated the form gets submitted and the person viewing the page has no chance to see the generated values.

    Another solution is to use PHP to grab the user values and insert the values within the same PHP script which eliminates all security risks.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •