How to set manage_pages permission on a specific facebook page?

Question

How to set manage_pages permission on a specific facebook page?

how can I set the resolution for my application only on a specific page. Now my application gets permission to manage all pages of fb user. How can I limit this and get permission to access a specific page?

I use one simple authentication method.

$app_id = 'xxxxxxxxxxxxx'; $app_secret = 'xxxxxxxxxxxxxxxx'; $my_url = 'http://xxxxxxxxxxx.com/xxxx/facebook?client=params'; $code = $_REQUEST["code"]; //auth user if(empty($code)) { $dialog_url = 'https://www.facebook.com/dialog/oauth?client_id=' . $app_id . '&redirect_uri=' . urlencode($my_url).'&scope=offline_access,read_stream,publish_stream,manage_pages'; echo("<script>top.location.href='" . $dialog_url . "'</script>"); } //get user access_token $token_url = 'https://graph.facebook.com/oauth/access_token?client_id=' . $app_id . '&redirect_uri=' . urlencode($my_url) . '&client_secret=' . $app_secret . '&code=' . $code; $access_token = file_get_contents($token_url); am using the above code for authentication. when i try to print the $_REQUEST params, i couldnt find any variable names 'signed_request'. is any other method can we use with the above code..??

+2

php facebook-graph-api

jinson Mar 19 '12 at 11:53

source share

2 answers

Thiefmaster · Answer 1 · 2012-03-19T11:56:11+0000

Unfortunately this is not possible. Very annoying, but good .. it's facebook, so you shouldn't expect anything else.

ifaour · Answer 2 · 2012-03-19T13:44:20+0000

You must do this for your part. Facebook will send you the page id in signed_request so you can check the page and show / disable content:

 <?php if(!empty($_REQUEST["signed_request"])) { $app_secret = "APP_SECRET"; $data = parse_signed_request($_REQUEST["signed_request"], $app_secret); if (isset($data["page"])) { echo $data["page"]["id"]; } else { echo "Not in a page"; } } function parse_signed_request($signed_request, $secret) { list($encoded_sig, $payload) = explode('.', $signed_request, 2); // decode the data $sig = base64_url_decode($encoded_sig); $data = json_decode(base64_url_decode($payload), true); if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') { error_log('Unknown algorithm. Expected HMAC-SHA256'); return null; } // check sig $expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true); if ($sig !== $expected_sig) { error_log('Bad Signed JSON signature!'); return null; } return $data; } function base64_url_decode($input) { return base64_decode(strtr($input, '-_', '+/')); }

This code is taken from this answer. Just check $data["page"]["id"] for the one you want.

How to set manage_pages permission on a specific facebook page?

More articles: