-2

I'm trying to allow users to register on my web application via Facebook. As part of my normal registration users must supply their email address, and I need to include this as part of the Facebook registration.

I am using the code below, which works correctly, except it doesnt return the user email address as part of Facebook's response. I am aware I need to specifically "ask" for the email, but I'm confused where/how I do this in my code below?

I am also aware a user may choose to not supply their email address as part of the process, but I'm able to handle that.

    // Grab our facebook details
    $app_id = $this->config->item('fb_app_id');
    $app_secret = $this->config->item('fb_secret_key');
    $my_url = $this->config->item('fb_url');

    session_start();

    if(isset($_REQUEST["code"]))
    {
        $code = $_REQUEST["code"];
    }
    else
    {
        $_SESSION['state'] = md5(uniqid(rand(), TRUE)); //CSRF protection
        $dialog_url = "https://www.facebook.com/dialog/oauth?client_id=" 
        . $app_id . "&redirect_uri=" . urlencode($my_url) . "&state="
        . $_SESSION['state'];
        echo("<script> top.location.href='" . $dialog_url . "'</script>");
    }

    if ((isset($_REQUEST['state'])) && (($_REQUEST['state'] == $_SESSION['state'])))
    {
        $token_url = "https://graph.facebook.com/oauth/access_token?"
        . "client_id=" . $app_id . "&redirect_uri=" . urlencode($my_url)
        . "&client_secret=" . $app_secret . "&code=" . $code;

        $response = file_get_contents($token_url);
        $params = null;
        parse_str($response, $params);

        $graph_url = "https://graph.facebook.com/me?access_token=". $params['access_token'];

        $user = json_decode(file_get_contents($graph_url));
        if ( ! empty($user))
        {
                            // NO EMAIL HERE?!
            $email = strtolower($user->email);


        }
    }
Laurence
  • 58,936
  • 21
  • 171
  • 212

2 Answers2

2

Looks like this has been asked before. The answer can be found here:

Facebook Graph API, how to get users email?

Community
  • 1
  • 1
Socken Puppe
  • 134
  • 3
  • thanks - I saw that - but I was confused where to include the 'scope' for email in my code above? I'll have another look... – Laurence Jun 20 '12 at 09:36
0

This code works for me...Hopefully it will work well for you also

define('FACEBOOK_APP_ID', 'YOUR_APP_ID_HERE'); define('FACEBOOK_SECRET', 'YOUR_APP_SECRET_HERE');

        // No need to change function body
        function parse_signed_request($signed_request, $secret) {
            list($encoded_sig, $payload) = explode('.', $signed_request, 2);

            // decode the data
            $sig = base64_url_decode($encoded_sig);
            $data = json_decode(base64_url_decode($payload), true);

            if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
                error_log('Unknown algorithm. Expected HMAC-SHA256');
                return null;
            }

            // check sig
            $expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
            if ($sig !== $expected_sig) {
                error_log('Bad Signed JSON signature!');
                return null;
            }

            return $data;
        }

        function base64_url_decode($input) {
            return base64_decode(strtr($input, '-_', '+/'));
        }

        if ($_REQUEST) {
            $response = parse_signed_request($_REQUEST['signed_request'],
                            FACEBOOK_SECRET);
            /*
            echo "<pre>";
            print_r($response);
            echo "</pre>"; // Uncomment this for printing the response Array
            */

            $email = $response["registration"]["email"];
Pramod Kumar Sharma
  • 7,851
  • 5
  • 28
  • 53