Access Token Application: Retrieving Email Address and Birthday - PHP

Suppose you wish to create a PHP application using the Facebook API that will display the following information on the browser after logging in:

1. photo
   
2. id
   
3. name
   
4. Facebook URL
   
5. about
   
6. birthday
   
7. bio
   
8. gender
   
9. email

The following is the complete working script:

<?php
//###Define Facebook Application ID and Secret; then get cookie
define('FACEBOOK_APP_ID', 'Your website facebook application ID');
define('FACEBOOK_SECRET', 'Your website facebook secret');
function get_facebook_cookie($app_id, $application_secret) {
  $args = array();
  parse_str(trim($_COOKIE['fbs_' . $app_id], '"'), $args);
  ksort($args);
  $payload = '';
  foreach ($args as $key => $value) {
    if ($key != 'sig') {
      $payload .= $key . '=' . $value;
    }
  }
  if (md5($payload . $application_secret) != $args['sig']) {
    return null;
  }
  return $args;
}
$cookie = get_facebook_cookie(FACEBOOK_APP_ID, FACEBOOK_SECRET);
?>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"
      xmlns:fb="http://www.facebook.com/2008/fbml">
<body>
<?php if ($cookie) {
//###cookie is set, user is logged in
$user = json_decode(file_get_contents('https://graph.facebook.com/me?access_token='.$cookie['access_token']));
//###display the user profile photo
echo '<img src="http://graph.facebook.com/'.$user->{'id'}.'/picture" alt="'.$user->{'name'}.'"/>';
echo '<br />';
//###display the user Facebook ID
echo '<b>Your Facebook ID:</b> '.$user->{'id'};
echo '<br />';
//###display the user Facebook name
echo '<b>Your name:</b> '.$user->{'name'};
echo '<br />';
//###display the user Facebook URL
echo '<b>Your Facebook URL:</b> '.$user->{'link'};
echo '<br />';
//###display the user Facebook about information
echo '<b>Your Facebook about information:</b> '.$user->{'about'};
echo '<br />';
//###display the user birthday
echo '<b>Your birthday:</b> '.$user->{'about'};
echo '<br />';
//###display the user bio in Facebook
echo '<b>Your bio in Facebook:</b> '.$user->{'bio'};
echo '<br />';
//###display the user gender
echo '<b>Your gender in Facebook:</b> '.$user->{'gender'};
echo '<br />';
//###display the user email address used in Facebook
echo '<b>Your email address used in Facebook:</b> '.$user->{'email'};
echo '<br />';
echo '<br />';
echo '<fb:login-button perms="email,user_birthday" onlogin="window.location.reload(true);" autologoutlink="true"></fb:login-button>';
}
else
{
//###user is not logged in, display the Facebook login button
echo '<h2>Facebook Application using Access token Key</h2>';
echo '<br />';
echo 'This is a more important script that will be able to grab the user email address, birthday and other information, such as profile photos.';
echo '<br />This information will be displayed in the web browser once the user has successfully logged in';
echo '<br /><br />';
echo '<fb:login-button perms="email,user_birthday" autologoutlink="true"></fb:login-button>';
}
?>
<div id="fb-root"></div>
<script src="http://connect.facebook.net/en_US/all.js"></script>
<script>
FB.init({appId: '<?= FACEBOOK_APP_ID ?>', status: true,
cookie: true, xfbml: true});
FB.Event.subscribe('auth.login', function(response) {
window.location.reload();
});
</script>
</body>
</html>

Code Discussion

First, the script checks whether the user is logged in. If not, the Facebook login button is shown:

echo '<fb:login-button perms="email,user_birthday" autologoutlink="true"></fb:login-button>';

The important property in the login button is the permission parameter:

perms="email,user_birthday"

This allows your PHP web application to ask for permission from the user who will be logging in to your website. This is required by Facebook for privacy reasons.

Once the user is logged in to your website, the cookie is set; the script will retrieve the information from the Facebook graph API using this line:

$user = json_decode(file_get_contents('https://graph.facebook.com/me?access_token='.$cookie['access_token']));

The access token key is found in the $cookie variable, which will be used by your application to retrieve user-related information.

Once the variable is known in the JSON syntax shown in the screen shot previously, you can use those variables to retrieve information, and use the values in your application. For example, you can use them in retrieving the email address:

echo '<b>Your email address used in Facebook:</b> '.$user->{'email'};

Another important feature in the script above occurs when a person logs out from your website. Of course, the ideal case is that, once the user logs out, the page will be reloaded to remove all the Facebook user-related information on the web page.

This is possible by adding a reloading option in the Facebook login/logout button:

echo '<fb:login-button perms="email,user_birthday" onlogin="window.location.reload(true);" autologoutlink="true"></fb:login-button>';

So when the user clicks the logout button, it will take the user to the original page (before logging in), as shown below: