Home/ Questions/Q 510321
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-13T07:06:05+00:00

I almost have facebook connect working the way I need it on my site,

  • 0

I almost have facebook connect working the way I need it on my site, I need to work out a couple bugs still, below is from the facebook connect documents, it list the 3 different URL options below in the settings of FB connect. This could be very useful for me because when a user logs in for the 1st time on my site with facebook, I need to create there mysql profile with profile data from facebook.

Ok so I am a bit confused, I understand a Redirect URL just redirects the browser to a page but you can see that 2 of these links I save below are for a Callback URL, so I take it that facebook post data to the URL’s I provide? If I am correct, how can I know what data it post back in the Ping?

1)

Post-Authorize Callback URL: Facebook
pings this URL when a user authorizes
your application for the first time.
You can also call users.isAppUser to
determine if the user has authorized
your application.

2)

Post-Authorize Redirect URL: You can
redirect a user to this URL after the
user authorizes your application for
the first time. You can use this URL
only if the user authorizes your
application through login.php and not
the login dialog.

3)

Post-Remove Callback URL: Facebook
pings the URL when a user removes your
application.

When the user redirects in the browser I can run code like this to get there profile data from facebook but I am not sure about when facebook pings data?

$user_details=$fb->api_client->users_getInfo($fb_user, array('last_name', 'first_name', 'proxied_email','birthday_date', 'sex', 'is_app_user', 'current_location', 'about_me', 'activities', 'interests', 'relationship_status', 'pic_big', 'pic_small', 'books'));  

$firstName = $user_details[0]['first_name']; 
.....
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I don’t think I completelly understand your question, so I’ll try to answer what I can – if there’s anything missing, please comment here and I’ll edit the answer accordingly.

    You’re right assuming that Facebook sends POST data when pinging. So, basically what you’d do on the endpoint given (the url you told facebook to ping) is to read the $_REQUEST dict for the data you want. A list of every parameter Facebook sends on ping can be found here.

    What would happen is the following:

    1. User clicks to connect with your site with Facebook Connect
    2. A Facebook log-in page shows a confirmation to the user asking if he allows this operation
    3. If allowed, Facebook sends the POST data to the specified URL asap

    The same happens when the user removes herself from your site through Facebook Connect.

    Please note that you should validate carefully the data received on your endpoint. Since you’re creating persistent data on every post request, at least ensure the requests can only be received from facebook.

    Alternatively, you can just redirect the user somewhere after the authorization, call users_getInfo and check if is_app_user is true. If so, you go on creating your entities on your database.

    • 0