Post on someones wall using Facebook API PHP

Question

Is it possible to write an app that posts message on someones wall and if that user hasnt accepted permission for that is prompted to do so at this moment?

here is my code:

$attachment =  array(
        'access_token' => $access_token,
        'message' => "$message",
        'name' => "testName",
        'description' => "Check Out new message",
        'link' => '',
        'picture' => "test message"
    );

    try {
        $response = $facebook->api("/userId/feed/", 'POST', $attachment);
    } catch (FacebookApiException $e) {

    }

Answer 1

Here is something I wrote on the subject a while back for documentation purposes. Hope it helps you out:

Creating an App with the Facebook Graph API January 27, 2012

Getting Started in Facebook To get started building a Facebook Application using the Graph API, you will first need to register with Facebook before you can begin coding at https://developers.facebook.com. After creating an account or logging in with an existing account, you will need to create a new App (or configure the app properly if you are using an existing app). To create your Facebook Application, go to https://developers.facebook.com/apps and click on "Create New App" (or "Edit App" if you already have one created and would like to configure it). Under the Settings->Basic tab, you will need to, at the very least, fill out the App Display Name, Contact E-Mail, and Site URL. Of these, the Site URL is the most important and MUST point to where your application will reside (This can always be updated later if you don't know yet). Next, go to the Settings->Auth Dialog tab. You aren't required to fill any of this out, but it is a good idea since this is what the users will see when they are Allowing your App to access their account. Save everything and head back to https://developers.facebook.com/apps. You should see the App that you just configured on this page. The two things you will need to copy down to move forward from this point are the App ID/API Key and the App Secret. You are now ready to begin creating your application.

Understanding the Flow Before you start coding your application, it is best to understand the flow of Authenticating a user and getting your App installed on their Facebook Account. Until your App is installed on a users account and they have given the app explicit permission to publish content to their account, you will not be able to do anything. Good news is, a user only has to authenticate the App one time (unless they uninstall it). Take a look at the diagram below to understand how the flow works:

Authenticating a User To Initiate the process of Authenticate, you will have to build a link that will direct the user to your App. This is how you will build your link: https://www.facebook.com/dialog/oauth?client_id=[Your API KEY]&redirect_url=[Service that will handle Authentication]&scope=[Permissions you Need]&display=touch - client_id: This is your API Key that you got from Facebook when you created your application. - redirect_url: This is the service that will handle all of your authentication. It should be located at the Site URL that you configured when you set up your application with Facebook. This is URL will have to remain constant throughout the Authentication Process. - scope: This is any permission that you will need for the user's account. You should only ask for what you really need. We normally only need publish_stream. For a complete list of permissions see: https://developers.facebook.com/docs/reference/api/permissions/ - display: This is what tells Facebook what skin to use. Since we are using this for mobile applications, you should set this to "touch." If you are not developing for a mobile device, you may omit this all together.

When the user clicks on the link that you build, they will be taken to the page below if they are logged in. If they are not logged in, they will be prompted to login first. If the user accepts your application, declines your application request, or fails to log in they will be directed to the redirect_url that you specified above. Depending on the user's action on this page, Facebook will append different Query Strings to your redirect_url when it sends the user there.

If the user clicks "Allow", they will be sent to your redirect_url and the query string will contain a variable called code. This is what you will use to get an authentication token for the user which will allow you access to their account from the App. If the user clicks on "Don't Allow", fails to log in, or something else goes wrong, the following query strings will be appened to your redirect_url: error_reason, error, and error_description. An example of a successful request to your redirect URL: =">http://niobiumstudio.com/appia/fbconnect/auth.php?code=AQDi7fT3whSPJr0O2ECwv494QSSNyrTFK_SGIexEFUGmw5XS8SvzfYiAsxpn0FspQYHkMgaUYH--PS1AnJnCtE-iUdRl6V3Moxfk4Cqz0igZbnkHxWi4Yl_KphXiRkbnCCW_zDqb4W2lfew9sla4FPDUKhXscRuQeI--61uQ0uStb9GwrOH4V94DjGWk1yS-Ffs#=

Once you have the code GET variable passed back to your redirect_url you will be able to exchange it with Facebook to get your OAuth Access Token. To do this, you will need to build a request to Facebook using the code you just got back. Here is what the request to get the access token looks like: https://graph.facebook.com/oauth/access_token?client_id=[Your API Key]&redirect_url=[Service that Handles Authentication]&client_secret=[Your App Secret]&code=[User Acceptance Code] client_id: This is your API Key that you got from Facebook when you created your application. redirect_url: This is the service that will handle all of your authentication. It should be located at the Site URL that you configured when you set up your application with Facebook. This is URL will have to remain constant throughout the Authentication Process. THIS HAS TO BE THE SAME URL YOU USED ABOVE TO GET THE CODE client_secret: This is your App Secret Code that you got from Facebook when you created your application. code: This is the code that you got back in the Query String from the previous request.

When you successfully make this request you will receive the OAuth Access Token which allows you to access the user's Facebook Account. This is the final step to authentication. Unlike the "Code," the Access Token will be in the response body, not as a GET variable. Here is what a successful response will look like: access_token=AAAB9BKw79ywBAPjNYxRwLhUE1mOgd3Ei1Nq2gPXxyWhiCISZAZA6ihZAor1NEPHRjuQ5x7NrkA7ITuV2IHVZBs6ZAaigbNdsMnX3l58RrQAZDZD&expires=5862 You will have to parse the access token out and this is what you will use the access the User's account. Also notice that there is an expires value that is sent along with the access token. You will NOT be able to store this access token and use it at a later time any time you choose. You must use this right away to do what you need to and then discard it. If the request to get the Access Token fails, you will receive an error in the body instead of the access token and expiration. Unlike the access token, it will be in JSON format, so be aware of this. *For more information about Authentication Process, see: https://developers.facebook.com/docs/authentication/

Publishing to a User's Account Now that you have the Access Token, you will be able to access the user's account until the token expires. There are dozens of things that can be done with various permissions, but since we only asked for publish_stream, this documentation will only cover Updating a User's Status Message. To update a user's status, we will have to make a POST Request to the following URL: https://graph.facebook.com/me/feed?access_token=[Access Token] access_token: This is the access token that you got from the Authentication process. The POST should contain a variable called message. The message variable is a String and whatever it is set to, is what the user's Status Message will be set to. Here is what a "Hello World" request would look like if you made the POST Request using cURL and PHP $fb_post_url = "https://graph.facebook.com/me/feed?access_token=".$access_token; $message_text = "Hello World!";

$ch = curl_init(); curl_setopt( $ch, CURLOPT_URL, $fb_post_url ); curl_setopt( $ch, CURLOPT_POST, true ); curl_setopt( $ch, CURLOPT_POSTFIELDS, "message=".$message_text ); curl_setopt( $ch, CURLOPT_RETURNTRANSFER, true ); curl_setopt( $ch, CURLOPT_TIMEOUT, 30 ); $fb_post_response = curl_exec( $ch ); curl_close( $ch ) The POST Request will return either a "Success" or "Failure" JSON message in the Body of the response.

For More Information about Publishing to a User Account See: http://developers.facebook.com/docs/reference/api/status/

Authenticating User's who have Already Accepted your App After a user has already accepted your App, they will no longer be prompted to "Accept" your application when they click on your link since it is already installed. The authentication process stays exactly the same, except when they click the link that takes them to the Authentication Page, Facebook will determine that the Application has already been accepted and simply forward the user to your redirect_url with the code appended to the Query String. The user will be required to Log Into their Facebook account if they are not already logged in, but they will never have to "Accept" your application again. If you change your Application in the future and add additional permissions, the next time they attempt to use your App they will be prompted to accept the NEW permissions ONLY.

Answer 2

This is possible the same way you would post to the logged-in users wall: Instead of using the endpoint:

https://graph.facebook.com/me/feed

just use:

https://graph.facebook.com/[UserID]/feed

feed

This connection corresponds to the user's Wall. You can create a link, post or status message by issuing an HTTP POST request to the PROFILE_ID/feed connection. To see more details please see links, posts, and status messages documentation.

Quote from the "feed" subsection of the API reference on the user object.

Answer 3

In your code you have:

$response = $facebook->api("/userId/feed/", 'POST', $attachment);

You have only to replace with this:

$response = $facebook->api("/".$userId."/feed/", 'POST', $attachment);

And use the user's ID you want to post.

Answer 4

document.write('');

{"error":{"message":"An active access token must be used to query information about the current user.","type":"OAuthException","code":2500}

Answer 5

The answer is YES and NO :) You unable to post without permission, if you can, report as bug. It could be a crazy world if I just spot that someone else write to my wall. BUT there is one way. If you write to the person's wall on behalf of his friend. But in this case you have to get permission from the friend.

Answer 6

Here's some code that i use to posting to facebook wall using php curl :

$username = "${string}";
$message = "${string}";
$access_token = "${string}";


$url=curl_init();
$attachment=array('access_token'=>$access_token, 'message'=>$message);

curl_setopt($url, CURLOPT_URL, "https://graph.facebook.com/".$username."/feed");
curl_setopt($url, CURLOPT_POST, true);
curl_setopt($url, CURLOPT_POSTFIELDS, $attachment);
curl_setopt($url, CURLOPT_RETURNTRANSFER, true);

$result = curl_exec($url);

Hope this can help you