[Tutorial][PHP] Creating Facebook Log-in.

[joshua06860]

Hi all!

For all of those who are familiar with PHP and are looking for a way of integrating Facebook login into their website, I have compiled together a simple way of doing so. Now, along with every website that has a user table in their database, ever user should have a unique ID, this includes Facebook. So, what we're going to do is use the Facebook API to get the current logged-in users ID and check if a user has the matching ID in the database. For this example I'm using Facebook's PHP SDK v3 (https://github.com/facebook/facebook-php-sdk).


Now, first of all, to start using the SDK we need to do a few things.
Start by including the "facebook.php" file into your project.

PHP Code:

require_once('facebook.php'); 


Now we'll need to set a few configuration parameters using the application id & the application secret (assuming you have a Facebook app setup, if not visit https://developers.facebook.com/).

PHP Code:

      $config = array(
        'appId' => 'APP_ID',
        'secret' => 'APP_SECRET',
        'allowSignedRequest' => false // optional but should be set to false for non-canvas apps
      ); 


Now, create an instance of the Facebook class and pass along the configuration and grab the user details.

PHP Code:

$facebook = new Facebook($config);
    $user_id = $facebook->getUser(); 


Next, we're going to want to check that the user was logged in, has given our application permission to view their details and we have the details.

PHP Code:

if($user_id){
        //We have a user! We'll leave this for later.
    }else{
        //We don't have a user! We'll re-direct them to Facebook, get them to login and give us permission.
        $login_url = $facebook->getLoginUrl(array('scope' => 'publish_stream, email'));
        header("Location: " . $login_url);
    } 


Once we have the user details, we can start to use their information! Congrats! You've passed the "hard" part.
Now, as an added measure, we're going to use a try-catch to double make sure we have a user.
In this example we'll also make a call to Facebook's Graph API and request some information.

PHP Code:

if($user_id){
        try{
            $user_profile = $facebook->api('/me','GET');
            /*
                $user_profile will contain some different information.
                The information of interest will be the user ID and probably the user's e-mail address
                $user_profile['id'], $user_profile['email']
            */
        }catch(FacebookApiException $e) {
            //Here we'll just get them to login again.
            $login_url = $facebook->getLoginUrl(array('scope' => 'publish_stream, email'));
            header("Location: " . $login_url);
        }
    }else... 


Now, I'm going to go ahead and stop at this part of the tutorial.
Now that you have the user's ID and their e-mail address you can run a few checks against the database to see if the ID correlates with a user.
The way I have done this is inside the users table I have a column called "fb_id". Now, if the ID we have from Facebook isn't in our database, we know that the current logged-in user has not registered with us and we can go ahead and generate a username & password, use their e-mail and populate the "fb_id" column for that user and create them an account automatically (either e-mailing them their details or creating a one-time username change and getting them to change their password or perhaps neither).


If it turns out the user ID we got from Facebook matches a user in the database, we'll just go ahead and log them in like they entered the correct username & password (i.e. set a session or whatever you do).


If you feel I've missed something or you get an error, feel free to PM me or reply to this thread.


Thanks! :-)

[redtom]

Nice work, could be a little more detailed on what does what but it gets the job done. +Rep