0
因此,我正在開發一款應用程序,您可以在其中發送愛情詩,然後將其轉回到您的Facebook牆翻譯版。應用程序在畫布頁面中工作,但不在頁面選項卡
所以它應該是一個非常簡單的任務。我要求access_token和user_id:他們填寫表格並將其發送給我。
當我將應用程序移至頁面選項卡時,首次遇到重定向問題時出現問題。
發生了什麼事,現在是,我們不再讓「客戶」的用戶名時,他是我們的粉絲頁面上,雖然他時,他正在訪問的應用程序....
因此一個wounder。什麼可能這取決於:
這裏是我的代碼:
<?php
/*
Template Name: Febuary Love app
*/
?>
<?php
require ('fb-php-sdk/facebook.php');
//Create facebook application instance.
$facebook = new Facebook(array(
'appId' => 'xxxx',
'secret' => 'xxxxxxxx',
'cookie' => true,
));
//get user- if present, insert/update access_token for this user
$user = $facebook->getUser();
if($user){
try {
$userData = $facebook->api('/me');
} catch (FacebookApiException $e) {
die("API call failed");
}
$access_token = $facebook->getAccessToken();
}
else {
echo "Please login...<br />";
$my_redir_url = 'http://www.facebook.com/pages/Copypanthers/131063547012851?sk=app_286456534743923';
$dialog_url = "http://www.facebook.com/dialog/oauth?scope=user_about_me,publish_stream,offline_access&client_id=286456534743923&redirect_uri=" . urlencode($my_redir_url);
echo("<script> top.location.href='" . $dialog_url . "'</script>");
}
echo $user;
//create authorising url
if(!$user){
$loginUrl = $facebook->getLoginUrl(array(
'canvas' => 1,
'fbconnect' => 0,
'scope' => 'offline_access,publish_stream',
'redirect_uri' => 'http://apps.facebook.com/february_love'
));
}
if('POST' == $_SERVER['REQUEST_METHOD'] && !empty($_POST['action']) && $_POST['action'] == "new_post") {
// Do some minor form validation to make sure there is content
if (isset ($_POST['title'])) {
$title = $_POST['title'];
} else {
echo 'Please enter the Poem name';
}
if (isset ($_POST['description'])) {
$description = $_POST['description'];
} else {
echo 'Please enter some notes';
}
$tags = $_POST['post_tags'];
$access_token = $_POST['access_token'];
$user = $_POST['user'];
// ADD THE FORM INPUT TO $new_post ARRAY
$new_post = array(
'post_title' => $title,
'post_content' => $description,
'post_category' => array($_POST['cat']), // Usable for custom taxonomies too
'tags_input' => array($tags),
'post_status' => 'draft', // Choose: publish, preview, future, draft, etc.
'post_type' => 'post', //'post',page' or use a custom post type if you want to
'access_token' => $access_token,
'user' => $user,
);
//SAVE THE POST
$pid = wp_insert_post($new_post);
add_post_meta($pid, 'access_token', $access_token, true);
add_post_meta($pid, 'user', $user, true);
//SET OUR TAGS UP PROPERLY
wp_set_post_tags($pid, $_POST['post_tags']);
//REDIRECT TO THE NEW POST ON SAVE
$link = get_permalink($pid);
wp_redirect();
} // END THE IF STATEMENT THAT STARTED THE WHOLE FORM
//POST THE POST YO
do_action('wp_insert_post', 'wp_insert_post');
get_header(); ?>
<?php if (have_posts()) while (have_posts()) : the_post(); ?>
<div class="form-content">
<!-- WINE RATING FORM -->
<div class="wpcf8">
<a href="<?php echo $loginUrl; ?>" target="_top">
<div id="steps-app">
<div id="step1">
<img src="https://www.copypanthers.com/wp-content/uploads/2012/02/step1.png">
<p>First <em>allow</em> the app so we can send you the translated poem</p>
</div>
<div id="app_center">
<img src="https://www.copypanthers.com/wp-content/uploads/2012/02/accept_app.png">
</div>
<div id="step2">
<img src="https://www.copypanthers.com/wp-content/uploads/2012/02/step2.png">
<p>Then send us the poem or message</p>
</div>
<div id="arrow">
<img src="https://www.copypanthers.com/wp-content/uploads/2012/02/narrow.png">
</div>
</div></a>
<div class="content-app">
<?php the_content(); ?>
<h2>Share some February Love!</h2>
<p>Although the 14th of February should be dedicated to your loved one, we think that friends, bosses or favorite co-workers deserve some affection, too. <br/><br/>So until the 13th of February we will translate a poem or message from you to them <em>for free</em>. We will also reward 2 writers with a special <em>Valentine’s Day gift.</em><br/><br/> </p>
<form id="new_post" name="new_post" method="post" action="" class="wpcf7-form" enctype="multipart/form-data">
<!-- post name -->
<fieldset name="name">
<label for="title">Title of your poem or message:</label>
<input type="text" id="title" value="" tabindex="5" name="title" />
</fieldset>
<!--<fieldset class="dedication">
<label for="dedication">Dedicated to (all my co-workers for example):</label>
<input type="text" value="" tabindex="10" id="dedication" name="dedication" />
</feildset> -->
<!-- post Category -->
<fieldset class="category">
<label for="cat">Translate to:</label>
<?php wp_dropdown_categories('tab_index=10&taxonomy=category&hide_empty=0'); ?>
</fieldset>
<!-- post Content -->
<fieldset class="content">
<label for="description">Love poem:</label>
<textarea id="description" tabindex="15" name="description" cols="70" rows="5"></textarea>
</fieldset>
<!-- post tags -->
<fieldset class="tags">
<label for="post_tags"></label>
<input type="hidden" value="" tabindex="35" name="post_tags" id="post_tags" />
</fieldset>
<fieldset class="submit">
<input type="submit" value="Send" tabindex="40" id="submit" name="submit" />
</fieldset>
<fieldset class="access_token">
<label for="access_token"></label>
<input type="text" value="<?php echo $access_token;?>" id="access_token" name="access_token" />
</fieldset>
<fieldset class="user">
<label for="user"></label>
<input type="text" value="<?php echo $user;?>" id="user" name="user" />
</fieldset>
<input type="hidden" name="action" value="new_post" />
<?php wp_nonce_field('new-post'); ?>
</form>
</div><!-- END content-app -->
</div> <!-- END WPCF7 -->
</div><!-- .entry-content -->
</div><!-- #post-## -->
<?php endwhile; // end of the loop. ?>
<?php get_footer(); ?>
坦克抽出時間。
問候
我覺得這種說法奇怪:「_What有現在發生的是,當我在我們的粉絲頁面上時,我們不再獲得「客戶端」的用戶名。「在世界上,如何僅僅因爲他們是你的頁面粉絲就能夠使用你的代碼獲得某人的用戶名呢?這聽起來像是一個巨大的安全漏洞。 – DMCS 2012-02-04 10:07:56
發佈這麼多的代碼通常是一個壞主意。人們不會太願意篩選那裏的所有代碼。最好只包括你認爲相關的關鍵部分。 – Lix 2012-02-04 10:34:26