问题
I have created a Page Tab Facebook App where I want to display different content depending on the user being a fan or not. (Also called fan gate, landing page or reveal page)
For this I'm using the PHP SDK, in specific the following code:
<?php
require 'src/facebook.php';
$facebook = new Facebook(array(
'appId' => 'APP_ID',
'secret' => 'APP_SECRET',
'cookie' => true,
));
?>
And in the content:
<?php
$signed_request = $_REQUEST["signed_request"];
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
$data = json_decode(base64_decode(strtr($payload, '-_', '+/')), true);
if (empty($data["page"]["liked"])) {?>
Thank you for liking our Page!
<?php } else { ?>
You haven't liked our page yet..
<?php };
// Debugging Code
echo "REQUEST:<br>";
print_r($_REQUEST);
echo "<br>GET:<br>";
print_r($_GET);
echo "<br>POST:<br>";
print_r($_POST);
?>
This works when I'm logged in with my Facebook User and when I use it on my own Page. Meaning the signed_request is present in both $_POST and $_REQUEST.
However, when I test it with another user, there is no signed_request value in those variables..
Notes: - I already took a look at my URL Settings in the App Configuration (300 Redirect and stuff) but this looks fine, and like I said with my User it's working.. - the signed_request is not just empty, it doesn't even exist.
Does anybody have similar issues?
I would not mind using the Javascript SDK instead of PHP if it works then, but I'm not very experienced in Javascript.
EDIT:
As i found out you always have to have a non-secure (http) and a secure (https) URL. Even if you enter a secure URL as the standard URL, facebook will contact it using http and will then get redirected (depends on server configuration) to the https, which makes you lose your signed_request.
回答1:
signed_request is never passed via GET but POST. $_REQUEST contain data according to configuration in php.ini (request_order or variables_order)
Since you are using PHP-SDK it's better to use it for signed_request retrieval:
$signed_request = $facebook->getSignedRequest();
$liked = $signed_request['page']['liked'];
For applications running in Page Tab signed_request is always passed, so if you not get it ensure there is no redirections that omit POST data being passed.
回答2:
I just had a similar problem. In my case the problem was that in the app config i had not put a slash at the end of the tab URL which was referencing a directory (with an index.php in it). So i got a redirect to the same URL with a slash at the end and lost the $_POST this way.
来源:https://stackoverflow.com/questions/9189783/not-receiving-signed-request-in-facebook-iframe-app