Lots of marketing articles suggest using a coupon as an incentive in a reveal tab, but I don't see how you would prevent people who have liked your page from abusing the coupon by accessing it over and over.
In my app, I want to offer a coupon that the user sees only the first time they like a page. Users who have been to that page before would not be able to access it again.
I also want to limit who can see it based on location.
When your iframe fan page is rendered, Facebook sents an HTTP POSt to your page with a signed_request post parameter. If you decode it, you will get details about whether they like your page and what country/language they are from. If country works for you, then you are all set for that part. Restricting the coupon to only being viewed is not possible based on the anonymous information Facebook sends. You would need to create an application and have the user approve your application so you can get their ID and log that they have seen it. This would also give you more detailed information about where they are located.
Related
I'm trying to write a web app, such that when a user fetch his/her username to the web app, the web app will retrieve the data stored previously in a Google Sheet, and construct a form (webpage) based on the username. What I mean is, each username will have different contents to work with.
The problem is, I just cannot get the page to display; it just shows up for a second, and a warning sign just appears, and this makes my webpage looks so suspicious, while in fact, it isn't.
Here's the part of the code to show up the webpage:
The code above checks if it's the first time the user comes to the page, so a welcome page should be loaded, then he/she can continue from there.
And here's the page after a blink of an eyes:
What I want to ask is, is there a way that I can load a page based on the username given? I don't really know what I am doing wrong. :<
Thank you guys so much in advance.
I have this question: is safe use an iframe to load the page where the customer will do the payment. For example paypal or DineroMail or the page that does the credit card payment.
Because My boss wants that the customer feels that never leaves the site so in my site I added an iframe (and inside this I load the url of the payment) but don't know if is correct and safe or no.
Thanks.
From a technical security point of view (Same Origin Policy), it is exactly as safe to open an iframe as it is to open a new tab.
From a UI point of view, opening an iframe in certain locations can deceive the user and you might be accused of trying to clickjack the user into making an inadvertent payment if you are not careful.
I cannot say anything about PayPal's own policy, but you should make sure they are okay with it.
I have been through this several times with many clients. A lot of it has to do with 1)he isnt comfortable with a customer leaving his site in fear the checkout wont occour or 2) its a pride thing that he wants clients to feel all the services can be performed in site.
One of the things that your boss needs to understand is that people like using paypal because they are trusted and its a familiar process to them. He needs to know that not only are people ok with being redirected to paypal, but they expect it. If I where to run into a site where they checked me out in an iFrame on paypal it would be a red flag for me. Why? Because with the redirect I can see the address bar. I know that Im at paypals site and I can see if its a secure connection.
If he is dead set on a customer never leaving a site. He needs to do something like paypal payments pro. This is probably the solution he really wants.
EDIT
I found your answer answer when dealing with the same issue myself last weekend and wanted to come back with something better!
Its called flex and its apart of the adaptive payments classic api. Which will take an additional application process which your boss may fee is well worth it.
https://developer.paypal.com/docs/classic/adaptive-payments/integration-guide/APIntro/
Head about 3/4 of the way down and youll see step by step instructions to do exactly what your loooking for. A secure paypal iframe.
Quick tip: If you have to incorporate it in your own processes simply do the following.
1) obtain your paykey after sending the request to paypal.
2) call in the javascript source as in the tutorial.
3) redirect the window manually as opposed to their created paypal button. aka https://www.paypal.com/webapps/adaptivepayment/flow/pay?paykey=YOURPAYKEY
another good source is : https://www.paypalobjects.com/webstatic/en_US/developer/docs/pdf/pp_adaptivepaymentsmobile.pdf
It is safe if Paypal allow it, but you have to be careful from a UI point of view.
If your site is loaded over http and you load the IFrame within your site, it appears to the user not to be secure even though the IFrame is loaded over https. This approach is also vulnerable to a MiTM attack as an attacker could intercept and change the IFrame URL to something like http://www.evil.com and nobody would be the wiser at the time of entering the card details.
If your site is loaded over https your customer has to trust you with their card details as they cannot be sure that the IFrame is actually pointing to the Paypal domain on https (https://www.paypal.com) and not your site. Yes they could right click and check the source, but this is a step too far for most users and technically an evil site could swap the IFrame for an evil version without the customer noticing.
My recommendation is to actually redirect to https://www.paypal.com because then it is shown in the address bar with a padlock and reassures users that they are giving their details to Paypal and nobody else.
I need to add context or the current state of my website to the URL of the page.. So that if a user copies and sends the URL to another user. The other user can see the exact state of the website that the sender was watching, i.e. the tab he was in,and the data he was viewing. I have seen similar things being implemented in other websites like facebook, gmail, etc but I don't know how to do that in my application. How should I approach this problem?
Use pushState and friends to modify the URL to one which your server can use to deliver a page that starts in the desired state.
I'm looking to create a Facebook Page with dynamic content based on the user visiting the page. For example, if the user has "liked" something with the consisting of "soccer" then it would display a little module specifically for soccer... or if they liked "baseball" then it would display baseball.
I guess my overall question is: "What content does FB allow developers to scrape and use in their code?" I want to utilize this on the Static FBML application.
Thanks in advance!
You may want check the open graph documentation:
http://developers.facebook.com/docs/opengraph/
Graph API: For accessing profile data
http://developers.facebook.com/docs/reference/api/
In order to request and receive extended information about a profile you need to setup a signed request from the Graph api. This can be done from a custom facebook app.
I feel like this should be extremely simple to find on the web... but I haven't found it yet.
I'm looking for something really simple.
I want anyone who visits my page, who want to post a comment on A SINGLE PAGE, to be able to enter text into a text box and click "submit" and have the comment posted to the page.
no checking for spam, nothing complicated just simply adding the text to the page and calling it a day.
any ideas on where I can find such a thing?
Why don't you create one?
You can't do it with HTML only.
You need to store the value in database inorder to maintain those values on the next visit. So you have to write server side logic to update a table and then fetch those values on the next visit. If you store user specific data in tables then you can show each user what he earlier posted, and can hide other users data.