Old topic, but wanted to weigh in as I have recently learned a lot about how to do this and have had to put it into practice.<\/p>\n
Have a look at this link: http:\/\/nickring.com\/blog\/2012\/11\/facebook-fan-gate-using-php\/. It uses the The one main thing to remember is that Here’s an example – the following script will run when you go to this address: https:\/\/www.facebook.com\/yourFacebookPage\/app_xxxxxxxxxxxxxxx with ‘xxxxxxxxxxxxxxx’ being the app ID.<\/p>\n The above script is the script that is called from the URL set in the Canvas URL in the “App on Facebook” section of the App’s settings. The With the If you’re looking to have a bit more security on this, you can have the redirecting PHP script write some cookies and attach them to the URL such that the receiving script must compare the cookies and the URL params then delete the cookies after they’ve been read.<\/p>\n Hope this helps as I personally haven’t found any consistent information on this subject.<\/p>\n","protected":false},"excerpt":{"rendered":" Old topic, but wanted to weigh in as I have recently learned a lot about how to do this and have had to put it into practice. Have a look at this link: http:\/\/nickring.com\/blog\/2012\/11\/facebook-fan-gate-using-php\/. It uses the signed_request variable as some of the other responses show, but it shows how it does not require requesting […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-7614","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts\/7614","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/comments?post=7614"}],"version-history":[{"count":0,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/posts\/7614\/revisions"}],"wp:attachment":[{"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/media?parent=7614"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/categories?post=7614"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/unknownerror.org\/index.php\/wp-json\/wp\/v2\/tags?post=7614"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}signed_request<\/code> variable as some of the other responses show, but it shows how it does not require requesting the signed_request<\/code> variable via $_REQUEST<\/code>.<\/p>\nsigned_request<\/code> is only available when the PHP script accessing signed_request<\/code> is run within Facebook.<\/strong> If you run this script outside of Facebook in a script attempting to use the Facebook API, it will return an empty array.<\/p>\n\/\/ Check if the user has liked us on Facebook, require the Facebook SDK\nrequire_once('linked\/facebook\/facebook.php');\n\n\/\/ Setup the Config\n$config = array(\n 'appId' => 'xxxxxxxxxxxxxxxxx',\n 'secret' => 'yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy',\n 'cookie' => true\n);\n\n\/\/ Create a Facebook SDK instance\n$facebook = new Facebook($config);\n\n\/\/ Get the signed_request variable that we so desparately need\n$signed_request = $facebook->getSignedRequest();\n$like_status = $signed_request[\"page\"][\"liked\"];\n\n\/\/ Make sure that it worked\nif (!empty($signed_request))\n{\n \/\/ Get the signed_request information\n if ($like_status == 1)\n {\n \/\/ Wo0t! Show the FB fan only page stuff here\n\n }\n else\n {\n \/\/ Show the 'Please like us page'\n $page = file_get_contents('pages\/facebookLikeUs.html');\n\n \/\/ Finish the page\n echo $page;\n exit();\n\n } \/\/ End if ($like_status == 1) ELSE Clause and IF\n\n} \/\/ End if (!empty($signed_request)) IF Clause\nelse\n{\n \/\/ Damn, it didn't work. Show an error\n}\n<\/code><\/pre>\nfacebookLikeUs.html<\/code> page is simply a page asking them to click “Like” to continue. If I’m in a situation that I want them to be redirected back into a website that requires the Facebook like I simply replace the \/\/ Wo0t!<\/code> section with something like this:<\/p>\n \/\/ Wo0t! They're all set, establish some cookies, get a cookie, and redirect back to the PHD program site\n setcookie('fbls', $signed_request['page']['id'] . '-' . $signed_request['user_id'], time() + 300);\n $redirectURL = \"http:\/\/www.myurl.com\/theScriptIWantToReceiveTheUserFromFB.php\";\n\n \/\/ Since Facebook really wants to keep us in the page, we need to create a page that will automatically break out of FB\n $page = file_get_contents('pages\/facebookRedirectBack.html');\n\n \/\/ Replace some stuff\n $page = str_replace('$redirectURL', $redirectURL, $page);\n\n \/\/ Output the page\n echo $page;\n exit();\n<\/code><\/pre>\nfacebookRedirectBack.html<\/code> page being this:<\/p>\n\n\n\n\nwindow.top.location.href = '$redirectURL';\n\n\n\n<\/code><\/pre>\n