0

I need to check if Facebook app exist in Facebook's database with APP-ID and APP-SECRET provided by users through form input. I tried doing it like this: 

$apid   = $_POST['appid'];
$apsec  = $_POST['appsec'];

$fb = new Facebook\Facebook([
         'app_id' => $apid,
         'app_secret' => $apsec,
         'default_graph_version' => 'v2.5',
]);

    try{
         $appData=$fb->get('/'.$apid, $apid.'|'.$apsec);
         } catch(Facebook\Exceptions\FacebookResponseException $e) {
         // When Graph returns an error
         echo 'Graph returned an error: ' . $e->getMessage();
         exit;
         } catch(Facebook\Exceptions\FacebookSDKException $e) {
         // When validation fails or other local issues
         echo 'Facebook SDK returned an error: ' . $e->getMessage();
         exit;
         }

         $appData=$appData->getDecodedBody();

         if(isset($appData)){
                  $_SESSION['app_name']=$appData['name'];
                  $_SESSION['app_image']=$appData['url'];
                  }else{
                  //should return some kind of error message
                  }

I thought that if I make this call to Graph API from try block, that it will return some kind of error message or anything that I could use, but instead it kills whole script. Then, I thought of examining only the app access token, and I tried this:

$accessToken = new Facebook\Authentication\AccessToken($apid.'|'.$apsec);
$check       = $accessToken ->isAppAccessToken();
var_dump($check);

But it returns true for any random inserted app-id and app-secret, so it's not really checking does app exists. Please help if you know how to solve this.

Ognj3n
  • 759
  • 7
  • 27
  • I don't know why your script dies, have you tried to enable `error_reporting()`? If I use the above code with an invalid id and secret it **does** return an `FacebookResponseException` exception with a message set to **Invalid OAuth access token signature.** – Cyclonecode Mar 11 '16 at 13:15
  • Yes i did enable `error_reporting(E_ALL)`, but since my script died it doesn't show me anything. That is some kind of issue with server I'm working on, because if there is any slightly bigger error, it kills the script. So I need to find a way to detect if app exists on some other way. – Ognj3n Mar 11 '16 at 13:20
  • Then my guess would be that you have some kind of syntax error or similar in your file. What php version are you running? – Cyclonecode Mar 11 '16 at 13:21
  • I think not,because if I enter `app-id` and `app-secret` that do exist(i.e there is application with that credentials on Facebook), script works fine. When it encounters this line in which I make a get request to `Graph API` it dies because of something that I don't understand. Btw, thanks for being interested in my issue :) – Ognj3n Mar 11 '16 at 13:26
  • As long as you’re not even able to get the script to run, this is hardly a facebook-specific question. Start with this answer in the duplicate, to at least get PHP errors shown first: http://stackoverflow.com/a/12772851/1427878 – CBroe Mar 11 '16 at 15:45

0 Answers0