I have a simple product catalogue for businesses. There is a catalogue's management interface for adding products. Each business has a unique domain name where all its products are listed.
I would like to extend catagloue's functionality and allow businesses to have their products listed on facebook.
Functionality of the facebook application:
- Each business can install application from catalogue's management interface (I would like to have a button that opens facebook in a new window and prompts user to authorize access to one of user's existing Facebook Pages)
- installing application adds a Tab on selected Facebook Page,
- by clicking on a Tab visitor of the Facebook Page is presented with a list of products specific for this business. Data for that page is dynamic and can be accessed with a REST call and presented as json or html.
We would like each business that have a product catalogue with us to install application and have it automatically configured to use specific domain name when requesting product data.
Is it all technically possible? Could you point me into the right direction on how to
- install application from external website
- configure that application with a parameter (perhaps passed in url when requesting application installation)
- automatically add Page Tab for this application
Cheers,
Michal
Yes it is possible. But it'll be a little different from what you are thinking, i guess.
I recently implemented code to add a tab to a page programmatically, it is as follows(in PHP) :
$tabAdded=$facebook->api("/".$id."/tabs","post", array("access_token" => $access,
"app_id" => $fbconfig['appid']));
From the code we see that we need an app id, an access token, and the page id($id). $facebook is an instance of the FacebookPHPSDK.
So here's how we can get the three things in question:
First app id, you'll need to create a Facebook page tab app, select Page Tab in the app's Basic settings (where you can mention the page tab url. This url will have the content for a page tab.) You'll also need to enable website because you need to ask the user for necessary permissions (namely manage_pages). For your specific requirement you have to give the domain of the catalogue management app.
Second page id and access token, once you have manage_pages permission you can query the graph api to get the pages of the user using : api('me/accounts') this returns data with page name, page category, page id, page access token for all the user's pages.
#thaddeusmt has already mentioned that you can't create new applications, and need to use the same app, you have to read the signed request and get the page id, and serve content. All that will be left to do is link your customer domains to the correct page ids.
Hope this was useful.
You can install/uninstall (add/remove) application tabs to/from Pages using the Facebook API:
http://developers.facebook.com/docs/reference/api/page/#tabs
You cannot create new applications, however. So you will need to use the same application for each Page.
The way you can show different content for each Page in the Tab (using the same application) is by checking the Signed Request. This contains the ID of the Facebook Page. The code that serves up your application Tab can look at the Page ID and serve up the appropriate content for that Page.
I hope this helps get you on the trail. Good luck!
Yes it is possible.
It's a two way process
First you have to get page_access_token through graphAPI.
www.facebook.com/?fields=access_token
This will return Page_access_token.
Use page access token and use post method
www.facebook.com/yourpageid/tabs/
Post Parameters:
app_id= 'YourAppID'
access_token = 'access_token'
That way you can add your facebook app into facebookPage.
Related
My name is Alex.
Sorry for my rather bad Englisch because i come from Germany.
I just started programming with Node.js.
Previously i made some small static HTML and CSS websites.
I have some beginner questions (which might be dump).
I think these questions are very general for now and have therefore not included any code examples.
So far I have written a static HTML website which I host locally on my computer using Node.js and Express.
My Questions are:
Which actions within a web application should take place on the client side and which on the server side. For example, I have several buttons on the start page. With the help of which predefined users can log in. When clicking on a button, the user should be redirected to the login page. The user name of the respective user should be entered directly into the username field on the login page.
How do I implement such a transition?
The username would probably have to be passed to the server using a post call. How does the user get to the next page? Should this be a simple link or should I send the new HTML document to the user via app.sendFile()?
For example, how do I change tags in an HTML document using Node.js. The same example as before a user is logged in and redirected to the next page. Now he should be greeted with his name. The name can be read from a database using the UUID.
How do I get this name into a tag?
Do I need a template engine or are there other ways to change a static HTML page.
Thank you in advance for your help.
In my opinion, security-critical parts logic be placed on the server (logging in, checking balance, authorization, etc.).
Traditionally, no code on the client side is required. You click a link/submit a form, which sends a request to a server, the server responds, the client displays the new page.
Using client side code, however, can make your app smoother and reduce the load of the server. For example: the user clicks on the shopping cart button. Instead of reloading the whole page, the user sends an ajax request, and the server responds with the cart data. Then the client updates the document, displaying the formatted cart data.
You can't "change html tags" from nodejs. You can send a response. If you send a html response, you decide how to produce the response. You can just concatenate html strings, but using a template engine is a better solution.
For our ASP.NET application we have an API which users can use to send data from their website forms (e.g. a sign-up form) directly to our application.
To use this, obviously some programming is required to connect their forms to our API. Some users (or their website developers) find this too difficult. So the idea is to provide a standard webform which can be included in their website using an iFrame. The webform should be unique per user, specified by using an ID or key in the URL or in a hidden field. For example, they can link their iFrame to an URL like https://myapplication.com/webform/CustomerID-1001
My question is how can we secure this webform? For the API we use an API-key, but that is used only serverside. Since the suggested webform is hosted in our application, the user cannot set anything serverside. So how can we prevent a malicious website visitor from copying the entire form (including the complete URL or hidden fields) from a valid user's website and using it in an iFrame on their own malicious website? (or at least stop the form from working in this case)
Do you have any suggestions about securing such a webform?
At my company, they have a Wordpress site. Disclaimer: I'm a new hire here.
They also use a third party service/website called "act-on". Within act-on, we can manage our campaigns, generate webforms that submit data back to act-on and generate anchor tags that link to resources that act-on hosts.
I want to be clear, we upload documents to act-on. Then, act-on gives us links that we can place on our website to these documents. When a user clicks the link on our website, they are taken to a subdomain of our website that they did not create, to view the resource.
When I talk about "act-on", I'm referring to this service:
https://www.act-on.com/
Example:
We live at websitename.com.
The anchor tag that act-on creates, links to solutions.websitename.com/acton/resourcename
We didn't create a page or subdomain "solutions.websitename.com" and don't have any pages that reflect that.
I need to know how this works because their google analytics doesn't seem to track page visits to this subdomain.
How has act-on created some subdomain on our website? I don't understand that process. How can act-on link to files that they host, but the url be a subdomain of our website.
Thanks,
It is very similar to another company called reachlocal. They basically proxy all your web content, and in a lot of cases they even put up proxy phone numbers and record the calls audibly and transcript them. All this in addition to marketing campaigns such as analytics, PPC and alike.
A business essentially gives them this right when signing up and are told about it upfront.
It is all for the sake of keeping record in order on file of everything taking place, with web presence and "presented in a friendly interface and graphs. Which also allows employees to listen to recorded calls to "see how the employee does"
More than likely from my experience is they were given the keys for all web presence, including web, analytics, social sites and so on by the owner or project manager.
Unfortunately, by proxying all the websites they in turn get a lot of Google ranking, but it can be a valuable service for some.
Bottom Line: Someone at your job, signed up, gave them the go ahead to perform tasks such as proxy domain names and are in fact paying them.
Google analytics shows me the report for the root of my site (/), however, there are two possible roots. One for public users (and google bot), one for logged in users (like Facebook, for example).
Can I add some code, anywhere to my HTML, so that in Google Analytics I can see those two pages differentiated?
I don't want to code two different links for those two pages, for simple reasons:
I don't want/need to index the inside of my site, so I don't care that google bot doesn't know about it
I don't want my public main page to be domain.com/something
I don't want my 'logged in' main page to be domain.com/something-else
You can pass a special url for logged in users as a parameter to your track pageview call via serverside code (or a javascript funktion).
Example (assuming you use the asynchronous code):
_gaq.push(['_setAccount', 'UA-12345-1']);
_gaq.push(['_trackPageview', '/root_loggedind']);
Even though the url "/root_loggedind" does not physically exist it will register in your reports. The root for "normal" users will still register as simply "/".
I would like to recover the non-public information to a facebook page for an application "desktop" in C # and I do not know how. Do I have to go through a Facebook application that the user allow or do I get the Facebook user to have a access_token and display the page based on this one? FYI I use graph (and a JSON) that I get, I picked up this version as the "public" group:
https://graph.facebook.com/283774678311430
Do I have to go through a Facebook application that the user allow
Yes, you need an application to let the user give access to view the page or have the page owner give access
do I get the Facebook user to have a access_token and display the page based on this one?
Same answer, use the page owner as the user call /me/accounts and grab the page access token.