As documented in Facebook Page Tab Tutorial:
When a user navigates to the Facebook
Page, they will see your Page Tab
added in the next available tab
position. Broadly, a Page Tab is
loaded in exactly the same way as a
Canvas Page. When a user selects your
Page Tab, you will received the
signed_request parameter with one
additional parameter, page. This
parameter contains a JSON object with
an id (the page id of the current
page), admin (if the user is a admin
of the page), and liked (if the user
has liked the page). As with a Canvas
Page, you will not receive all the
user information accessible to your
app in the signed_request until the
user authorizes your app.
So one way to capture the page id would be:
<?php
// PATH TO FB-PHP-SDK
require '../../src/facebook.php';
$facebook = new Facebook(array(
'appId' => 'APP_ID',
'secret' => 'APP_SECRET',
'cookie' => true,
));
$signed_request = $facebook->getSignedRequest();
if( $page = $signed_request['page'] ) {
echo $page['id'];
}
?>
OR a solution without the PHP-SDK:
<?php
if(!empty($_REQUEST["signed_request"])) {
$app_secret = "APP_SECRET";
$data = parse_signed_request($_REQUEST["signed_request"], $app_secret);
if (isset($data["page"])) {
echo $data["page"]["id"];
} else {
echo "Not in a page";
}
}
function parse_signed_request($signed_request, $secret) {
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
// decode the data
$sig = base64_url_decode($encoded_sig);
$data = json_decode(base64_url_decode($payload), true);
if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
error_log('Unknown algorithm. Expected HMAC-SHA256');
return null;
}
// check sig
$expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
if ($sig !== $expected_sig) {
error_log('Bad Signed JSON signature!');
return null;
}
return $data;
}
function base64_url_decode($input) {
return base64_decode(strtr($input, '-_', '+/'));
}
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
