Force to allow email in the facebook api

Question

Force to allow email in the facebook api

Asked 9 years, 1 month ago

Viewed 170 times

1

Hello.

I’ve been using the facebook api (http) for some time now, but I detected a problem a few days ago... There are people withdrawing email permission which then causes inconsistencies in the system.

There is a way to force the view to the email? That is, do not allow moving forward if do not let see email.

I was trying another solution. In callback see if you have the email variable or not. The problem is that the user can’t log in again because facebook already saves his preference of not allowing email.

1 answer

Browser other questions tagged php api facebook http

You are not signed in. Login or sign up in order to post.

by Guilherme Nascimento • **98,651** points · Answer 1 · 2015-10-12T16:09:20+00:00

I don’t know how you’re using and which version, but the logic doesn’t change much if you did something like:

$fb = new Facebook\Facebook(array(
    'app_id' => '{app-id}',
    'app_secret' => '{app-secret}',
    'default_graph_version' => 'v2.2'
});

try {
    $response = $fb->get('/me?fields=id,name', '{access-token}');
} catch(Facebook\Exceptions\FacebookResponseException $e) {
    echo 'Graph retornou um erro: ' . $e->getMessage();
    exit;
} catch(Facebook\Exceptions\FacebookSDKException $e) {
    echo 'Facebook SDK retornou um erro: ' . $e->getMessage();
    exit;
}

$user = $response->getGraphUser();

if (empty($user['email'])) {
      echo 'Esta página requer que você informe o seu e-mail';
      exit;
}

//Resto do script...

Now if at first access still has the email and only in the future the user removes the email, you can save the email in a database.

$user = $response->getGraphUser();

$result = mysqli_query($link, 'SELECT id, email FROM users WHERE idUser = ' . $user['id']);
if (false === $result) {
    echo 'Erro na query';
    exit;
}

$data = mysqli_fetch_assoc($res);

if ($data === NULL && empty($user['email'])) {
      //Emite erro se não houver usuário no banco e nem email no acesso
      echo 'Esta página requer que você informe o seu e-mail';
      exit;
} else if ($data === NULL && empty($user['email'])) {
      //Grava email no banco se ainda não existir
      if (false === mysqli_query($link, "INSERT INTO user (idUser, email) VALUES ($id, $email)")) {
           echo 'Erro ao inserir no banco';
           exit;
       }
} else if ($data !== NULL && false === empty($user['email']) &&
            $user['email'] !== $data['email']
) {
      //Atualiza email do banco de dados se ambos forem diferentes
      if (false === mysqli_query($link, "UPDATE user SET email = '" . $user['email'] . "' WHERE id = " . $data['id'])) {
           echo 'Erro ao atualizar o email';
           exit;
       }
} else {
      $user['email'] = $data['email']; //Seta a variavel vinda do banco na sua variavel principal
}

//Resto do script...

Note that the script is only illustrative, you can use any database that is within reach of your server, in case I used a simple example and maybe it is not functional, but it is only to understand the logic, chance to use mysql then read the documentation:

http://php.net/manual/en/book.mysqli.php