I have the following code which allows me to post a message to the currently logged in users facebook wall:
<?php
error_reporting( E_ALL | E_STRICT );
ini_set('display_errors', 1);
session_start();
require("facebook.php");
$facebook = new Facebook(array(
'appId' => 'app_id_here',
'secret' => 'secret_here',
'cookie' => true
));
$session = $facebook->getSession();
if( !empty( $session ) ) {
try {
$uid = $facebook->getUser();
$user = $facebook->api('/me');
$api_call = array(
'method' => 'users.hasAppPermission',
'uid' => $uid,
'ext_perm' => 'publish_stream'
);
$can_post = $facebook->api($api_call);
if( $can_post ) {
$facebook->api('/'.$uid.'/feed', 'post', array('message' => 'post some message here'));
echo 'Posted! Then redirect to an appropriate page.';
} else {
$url = $facebook->getLoginUrl(array(
'req_perms' => 'publish_stream'
));
header("Location: {$url}");
exit;
}
} catch ( Exception $e ) {
echo $e;
exit;
}
} else {
$url = $facebook->getLoginUrl(array(
'req_perms' => 'publish_stream'
));
header("Location: {$url}");
}
?>
I need to use this code in multiple places on my site, and need to constantly change the message being posted. So I thought I should use the url query string to send the message to the code above. i.e.
header(“Location: post_message.php?message=” . $some_message_here);
But that would mean that anyone who figures out the url will be able to start posting random messages right? i.e.
http://mysite.com/post_message.php?message=some message here
How do I use the code above in all the pages I need, pass it a string for the message to be posted, but stop users navigating to the page to post random messages?
1 Answer