easy example posting message on page as page

Question

Today I tried almost everything with the Facebook API. I'm using the PHP SDK. It worked out to log in as a user, as a page and as an app.

I have made the most simple login system as possible now:

Login.php

$app_id = "xx";
$app_secret = "xx";
$my_url = "continue.php";
session_start();   
// TOESTEMMING VRAGEN
$code = $_REQUEST["code"];
if(empty($code)) {
    $_SESSION['state'] = md5(uniqid(rand(), TRUE)); // CSRF protection
    $dialog_url = "https://www.facebook.com/dialog/oauth?client_id=" 
    . $app_id . "&redirect_uri=" . urlencode($my_url) . "&state="
    . $_SESSION['state'] . "&scope=manage_pages";
    echo("<script> top.location.href='" . $dialog_url . "'</script>");
}

At continue.php I have this code:

session_start();
if($_SESSION['state'] && ($_SESSION['state'] === $_REQUEST['state'])) {
    $graph_url = "https://graph.facebook.com/me/accounts?access_token=" 
    . $params['access_token'];

    $accounts = json_decode(file_get_contents($graph_url));
    print_r($accounts);
} else {
    echo("The state does not match. You may be a victim of CSRF.");
}

I'm getting the login, I can give access, but when I continue I get this message:

stdClass Object ( [error] => stdClass Object ( [message] => An active access token must be used to query information about the current user. [type] => OAuthException [code] => 2500 ) )

What I try to achieve is: On an admin part of my website I want to create a dialog where administrators can post updates to a facebook-page as a page-account. I also tried to login as an app, but I don't know if that's the right solution.

I can't find a tutorial on the web about which approach is needed for which solution. The advantage of logging in as an app, is that administrators don't need to have a facebook account. But can I (as an app) post an update to a facebook-page?

Sorry, I'm a bit confused. Thanks.

Answer 1

Your code is incomplete. I suggest you re-read http://developers.facebook.com/docs/howtos/login/server-side-login/

Before you can get the Page Access Token, you need the User Access Token

   if($_SESSION['state'] && ($_SESSION['state'] === $_REQUEST['state'])) {
     $token_url = "https://graph.facebook.com/oauth/access_token?"
       . "client_id=" . $app_id . "&redirect_uri=" . urlencode($my_url)
       . "&client_secret=" . $app_secret . "&code=" . $code;

     $response = file_get_contents($token_url);
     $params = null;
     parse_str($response, $params);

     $_SESSION['access_token'] = $params['access_token'];

     $graph_url = "https://graph.facebook.com/me?access_token=" 
       . $params['access_token'];

     $user = json_decode(file_get_contents($graph_url));
     echo("Hello " . $user->name);
   }
   else {
     echo("The state does not match. You may be a victim of CSRF.");
   }

Answer 2

Basic example to post on a Page you own (posting as the Page):

Make sure user/page_owner has auth'd the app and is logged in (usual FB API methods). User must have manage_pages (admin) permissions for the page.

$facebook = new Facebook(... );
$user = $facebook->getUser();

Get the page access token:

$page_id = 123456;
$page_info = $facebook->api('/'.$page_id.'?fields=access_token');

Use the page access token to post to your Page:

if (!empty($page_info['access_token'])) {
  $args = array(
    'access_token' => $page_info['access_token'],
    'message' => 'Testing SDK !',
  );
  $post_id = $facebook->api('/'.$page_id.'/feed', 'post', $args);
  error_log('successfully posted post id '.$post_id);
} catch (FacebookApiException $e) {
  error_log('caught exception: '. $e);
}

If you still get an access token error, log the user access token and test/paste the user access token in the Debugger and verify manage_pages perms is enabled.

See also this helpful blog post on Page permissions.