I am tweaking my application with some extra code, like checking if the permissions we need have been allowed by the user (maybe he has changed it after his first visit).
$permissions_needed = array('publish_stream,read_stream');
foreach($permissions_needed as $perm) {
if( !isset($permissions_list['data'][0][$perm]) || $permissions_list['data'][0][$perm] != 1 ) {
$login_url_params = array(
'scope' => 'publish_stream,read_stream',
'fbconnect' => 1,
'next' => 'http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']
//redirect_uri => 'https://www.mydomain.com/fb_app/'
);
$login_url = $facebook->getLoginUrl($login_url_params);
header("Location: {$login_url}");
exit();
}
How do i fix this? And when to use next vs redirect_uri as params?
Why dont you only prompt your users to allow extended permissions (or any permission) only when they are performing the action that requires that permission?
Here is a link to a SO Question detailing how to request permissions with the Facebook JS SDK.
If your use removed a certain permission it might have been because he/she did not know why your application needs that permission. By requesting for the permission only when the user performs that action, and maybe including a short explication on why you are requesting this permission, the users might be inclined to re-allow your application the permission in debate.
EDIT
For re-directions I usually use a JS redirect. Like this :