The Facebook PHP SDK makes it simple to use the Facebook API. The PHP SDK makes it possible to authenticate and login to a web application using a Facebook account. Using the Graph API, various information from the user’s Facebook account can be retrieved after authentication. The Facebook Graph API can be used to access profile information and feeds from a user’s timeline.
The Graph API is the best solution if you want to extend the Facebook OAuth capabilities and get more information from the FB account. You can access the profile and posts data from the user’s account after logging in with Facebook. In this tutorial, we’ll teach you how to use PHP to retrieve a user’s post from their Facebook timeline using the Graph API.
The following PHP functionality will be provided in this Facebook post parser script.
PHP SDK v5 allows you to log in using Facebook.
Graph API is used to retrieve profile information from Facebook.
Using the Graph API, get the user’s posts from their Facebook Timeline.
Take a look at the file structure before you start reading Facebook posts from the user timeline with PHP.
facebook_user_post_feed_php/ ├── config.php ├── index.php ├── logout.php ├── User.class.php ├── facebook-php-graph-sdk/ ├── images/ │ ├── fb-login-btn.png └── css/ └── style.css
Make a Facebook application
To use the Facebook API, you’ll need the App ID and App Secret. Create a Facebook APP in the Developers Panel to get the App ID and Secret.
Log in with your Facebook account on the Facebook for Developers page.
Click My Apps in the top navigation menu and then Add New App.
Fill in the Display Name and Email Address fields.
To create an app ID, click the Create App ID button.
The App Dashboard will be redirected to you.
Go to the Basic page of the Settings menu.
Specify the App Domains and choose your App’s Category.
Save your changes by clicking the Save button.
Click PRODUCTS(+) in the left navigation menu panel to go to the Add a Product page.
To get started, go to Facebook Login.
Choose Web as your app platform.
Save after entering the site’s URL.
To access the Facebook Login » Settings page, go to the Facebook Login » Settings page.
Enter the Redirect URL in the Valid OAuth Redirect URIs field.
Save your changes by clicking the Save button.
The App ID and App Secret will be visible on the Settings » Basic page. You can use Facebook APIs with this App ID and App secret.
Obtain Permission to View the Posts Feed
A request for user posts permission is required to provide app permission and get the user’s Facebook timeline posts.
Go to the Permissions and Features tab of the App Review.
User posts permission must be requested and the relevant details must be submitted.
Tables in a Database
In order to store the user’s profile information and feed posts data in the database, two tables are necessary.
1. Please read the following: To store the account information from Facebook, SQL generates a users table in the MySQL database with some basic fields.
CREATE TABLE `users` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`oauth_provider` enum('','facebook','google','twitter') COLLATE utf8_unicode_ci NOT NULL,
`oauth_uid` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
`first_name` varchar(25) COLLATE utf8_unicode_ci NOT NULL,
`last_name` varchar(25) COLLATE utf8_unicode_ci NOT NULL,
`email` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
`gender` varchar(10) COLLATE utf8_unicode_ci DEFAULT NULL,
`picture` varchar(200) COLLATE utf8_unicode_ci NOT NULL,
`link` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
`created` datetime NOT NULL,
`modified` datetime NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;2. Please read the following: To store the user’s Facebook posts information, SQL generates a user posts table in the MySQL database.
CREATE TABLE `user_posts` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`user_id` int(11) NOT NULL,
`post_id` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
`message` text COLLATE utf8_unicode_ci NOT NULL,
`created_time` datetime NOT NULL,
`published_by` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
`attach_type` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
`attach_title` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
`attach_image` text COLLATE utf8_unicode_ci NOT NULL,
`attach_link` text COLLATE utf8_unicode_ci NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;PHP SDK for Facebook
To authenticate using the Facebook API, the Facebook PHP SDK is used. The facebook-php-graph-sdk/ directory contains the files for the Facebook PHP SDK (v5). The Facebook PHP SDK library is included in our source code, so you don’t need to download it individually.
Configuration of the database and API (config.php)
The config.php file contains the database settings and Facebook API configuration constant variables.
Constants in the Database:
DB HOST — This parameter specifies the database host.
DB USERNAME – This is the username for the database.
DB PASSWORD – This field is used to specify the database password.
DB NAME – Name of the database.
DB USER TBL – Name of the table that will hold the user’s account information.
DB POST TBL – Name of the table that will hold the user’s feed data.
<?php
/*
* Database and API Configuration
*/
// Database configuration
define('DB_HOST', 'MySQL_Database_Host');
define('DB_USERNAME', 'MySQL_Database_Username');
define('DB_PASSWORD', 'MySQL_Database_Password');
define('DB_NAME', 'MySQL_Database_Name');
define('DB_USER_TBL', 'users');
define('DB_POST_TBL', 'user_posts');
// Facebook API configuration
define('FB_APP_ID', 'Insert_Facebook_App_ID'); // Replace {app-id} with your app id
define('FB_APP_SECRET', 'Insert_Facebook_App_Secret'); // Replace {app-secret} with your app secret
define('FB_REDIRECT_URL', 'Callback_URL');
define('FB_POST_LIMIT', 10);
// Start session
if(!session_id()){
session_start();
}
// Include the autoloader provided in the SDK
require_once __DIR__ . '/facebook-php-graph-sdk/autoload.php';
// Include required libraries
use Facebook\Facebook;
use Facebook\Exceptions\FacebookResponseException;
use Facebook\Exceptions\FacebookSDKException;
// Call Facebook API
$fb = new Facebook(array(
'app_id' => FB_APP_ID,
'app_secret' => FB_APP_SECRET,
'default_graph_version' => 'v3.2',
));
// Get redirect login helper
$helper = $fb->getRedirectLoginHelper();
// Try to get access token
try {
if(isset($_SESSION['facebook_access_token'])){
$accessToken = $_SESSION['facebook_access_token'];
}else{
$accessToken = $helper->getAccessToken();
}
} catch(FacebookResponseException $e) {
echo 'Graph returned an error: ' . $e->getMessage();
exit;
} catch(FacebookSDKException $e) {
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
User Type (User.class.php)
The User class uses PHP and MySQL to perform database operations (connect, insert, update, and delete).
__construct() – Use the credentials supplied in the config.php file to connect to the database.
checkUser() – Based on the OAuth provider and ID, insert or update the user profile data.
Returns an array of the user’s account info.
getPosts() – Gets information about postings from the user posts table.
Insert post data into the user posts table with insertPost().
Delete post data based on the user ID with deletePosts().
<?php
/*
* User Class
* This class is used for database related (connect, insert, update, and delete) operations
* @author CodexWorld.com
* @url http://www.codexworld.com
* @license http://www.codexworld.com/license
*/
class User {
private $dbHost = DB_HOST;
private $dbUsername = DB_USERNAME;
private $dbPassword = DB_PASSWORD;
private $dbName = DB_NAME;
private $userTbl = DB_USER_TBL;
private $postTbl = DB_POST_TBL;
function __construct(){
if(!isset($this->db)){
// Connect to the database
$conn = new mysqli($this->dbHost, $this->dbUsername, $this->dbPassword, $this->dbName);
if($conn->connect_error){
die("Failed to connect with MySQL: " . $conn->connect_error);
}else{
$this->db = $conn;
}
}
}
function checkUser($userData = array()){
if(!empty($userData)){
// Check whether user data already exists in database
$prevQuery = "SELECT * FROM ".$this->userTbl." WHERE oauth_provider = '".$userData['oauth_provider']."' AND oauth_uid = '".$userData['oauth_uid']."'";
$prevResult = $this->db->query($prevQuery);
if($prevResult->num_rows > 0){
// Update user data if already exists
$query = "UPDATE ".$this->userTbl." SET first_name = '".$userData['first_name']."', last_name = '".$userData['last_name']."', email = '".$userData['email']."', gender = '".$userData['gender']."', picture = '".$userData['picture']."', link = '".$userData['link']."', modified = NOW() WHERE oauth_provider = '".$userData['oauth_provider']."' AND oauth_uid = '".$userData['oauth_uid']."'";
$update = $this->db->query($query);
}else{
// Insert user data
$query = "INSERT INTO ".$this->userTbl." SET oauth_provider = '".$userData['oauth_provider']."', oauth_uid = '".$userData['oauth_uid']."', first_name = '".$userData['first_name']."', last_name = '".$userData['last_name']."', email = '".$userData['email']."', gender = '".$userData['gender']."', picture = '".$userData['picture']."', link = '".$userData['link']."', created = NOW(), modified = NOW()";
$insert = $this->db->query($query);
}
// Get user data from the database
$result = $this->db->query($prevQuery);
$userData = $result->fetch_assoc();
}
// Return user data
return $userData;
}
public function getPosts($conditions = array()){
$sql = 'SELECT *';
$sql .= ' FROM '.$this->postTbl;
if(array_key_exists("where",$conditions)){
$sql .= ' WHERE ';
$i = 0;
foreach($conditions['where'] as $key => $value){
$pre = ($i > 0)?' AND ':'';
$sql .= $pre.$key." = '".$value."'";
$i++;
}
}
if(array_key_exists("order_by",$conditions)){
$sql .= ' ORDER BY '.$conditions['order_by'];
}else{
$sql .= ' ORDER BY created_time DESC ';
}
if(array_key_exists("start",$conditions) && array_key_exists("limit",$conditions)){
$sql .= ' LIMIT '.$conditions['start'].','.$conditions['limit'];
}elseif(!array_key_exists("start",$conditions) && array_key_exists("limit",$conditions)){
$sql .= ' LIMIT '.$conditions['limit'];
}
$result = $this->db->query($sql);
if(array_key_exists("return_type",$conditions) && $conditions['return_type'] != 'all'){
switch($conditions['return_type']){
case 'count':
$data = $result->num_rows;
break;
case 'single':
$data = $result->fetch_assoc();
break;
default:
$data = '';
}
}else{
if($result->num_rows > 0){
while($row = $result->fetch_assoc()){
$data[] = $row;
}
}
}
return !empty($data)?$data:false;
}
function insertPost($data){
if(!empty($data) && is_array($data)){
$columns = '';
$values = '';
$i = 0;
foreach($data as $key=>$val){
$pre = ($i > 0)?', ':'';
$columns .= $pre.$key;
$values .= $pre."'".$this->db->real_escape_string($val)."'";
$i++;
}
$query = "INSERT INTO ".$this->postTbl." (".$columns.") VALUES (".$values.")";
$insert = $this->db->query($query);
return $insert?$this->db->insert_id:false;
}else{
return false;
}
}
public function deletePosts($userID){
$query = "DELETE FROM ".$this->postTbl." WHERE user_id = $userID";
$delete = $this->db->query($query);
return $delete?true:false;
}
}Fetch User Feed from Facebook Timeline by logging in and selecting “Fetch User Feed from Facebook Timeline” (index.php)
The authentication procedure is handled with Facebook API using PHP in this file.
The OAuth URL is generated using the Login Helper class’s getLoginUrl() method, and the Facebook Sign-in button is presented on the web page.
Following the Facebook account authentication, the following occurs:
Using the Facebook Graph API, the profile information is received from the Facebook account.
The checkUser() function of the User class is used to insert account data into the database.
The SESSION stores the user’s account information.
Using the Facebook Graph API (/user-id/feed), the post feed is collected from the user’s timeline.
Using the Facebook Graph API (/post-id), get the details of a particular post.
Using the Facebook Graph API (/post-id/attachments), get the post attachment information.
Delete outdated post data from the database and replace it with the most recent post data.
The webpage displays the Facebook profile details (Name, First name, Last name, Email, Gender, Picture, and Profile link).
The web page lists the posts and links that the authenticated user has published.
The login helper class’s getLogoutUrl() method is used to create the Logout link.
<?php
// Include configuration file
require_once 'config.php';
// Include User class
require_once 'User.class.php';
if(isset($accessToken)){
if(isset($_SESSION['facebook_access_token'])){
$fb->setDefaultAccessToken($_SESSION['facebook_access_token']);
}else{
// Put short-lived access token in session
$_SESSION['facebook_access_token'] = (string) $accessToken;
// OAuth 2.0 client handler helps to manage access tokens
$oAuth2Client = $fb->getOAuth2Client();
// Exchanges a short-lived access token for a long-lived one
$longLivedAccessToken = $oAuth2Client->getLongLivedAccessToken($_SESSION['facebook_access_token']);
$_SESSION['facebook_access_token'] = (string) $longLivedAccessToken;
// Set default access token to be used in script
$fb->setDefaultAccessToken($_SESSION['facebook_access_token']);
}
// Redirect the user back to the same page if url has "code" parameter in query string
if(isset($_GET['code'])){
header('Location: ./');
}
// Getting user's profile info from Facebook
try {
$graphResponse = $fb->get('/me?fields=name,first_name,last_name,email,link,gender,picture');
$fbUser = $graphResponse->getGraphUser();
} catch(FacebookResponseException $e) {
echo 'Graph returned an error: ' . $e->getMessage();
session_destroy();
// Redirect user back to app login page
header("Location: ./");
exit;
} catch(FacebookSDKException $e) {
echo 'Facebook SDK returned an error: ' . $e->getMessage();
exit;
}
// Initialize User class
$user = new User();
// Getting user's profile data
$fbUserData = array();
$fbUserData['oauth_uid'] = !empty($fbUser['id'])?$fbUser['id']:'';
$fbUserData['first_name'] = !empty($fbUser['first_name'])?$fbUser['first_name']:'';
$fbUserData['last_name'] = !empty($fbUser['last_name'])?$fbUser['last_name']:'';
$fbUserData['email'] = !empty($fbUser['email'])?$fbUser['email']:'';
$fbUserData['gender'] = !empty($fbUser['gender'])?$fbUser['gender']:'';
$fbUserData['picture'] = !empty($fbUser['picture']['url'])?$fbUser['picture']['url']:'';
$fbUserData['link'] = !empty($fbUser['link'])?$fbUser['link']:'';
// Insert or update user data to the database
$fbUserData['oauth_provider'] = 'facebook';
$userData = $user->checkUser($fbUserData);
$userID = $userData['id'];
// Storing user data in the session
$_SESSION['userData'] = $userData;
if($userData){
// Fetch the user's feed
$userFeeds = $fb->get("/".$fbUser['id']."/feed?limit=".FB_POST_LIMIT, $accessToken);
$feedBody = $userFeeds->getDecodedBody();
$feedData = $feedBody["data"];
if(!empty($feedData)){
// Delete old posts from the database
$user->deletePosts($userID);
$postData = array();
foreach($feedData as $row){
if(!empty($row['id'])){
$postID = $row['id'];
// Fetch the post info
$response = $fb->get('/'.$postID, $accessToken);
$data = $response->getDecodedBody();
// Fetch post attachment info
$response = $fb->get('/'.$postID.'/attachments', $accessToken);
$attchData = $response->getDecodedBody();
$postData['user_id'] = $userID;
$postData['post_id'] = $data['id'];
$postData['message'] = $data['message'];
$postData['created_time'] = $data['created_time'];
$postData['published_by'] = $fbUser['id'];
$postData['attach_type'] = !empty($attchData['data'][0]['type'])?$attchData['data'][0]['type']:'';
$postData['attach_title'] = !empty($attchData['data'][0]['title'])?$attchData['data'][0]['title']:'';
$postData['attach_image'] = !empty($attchData['data'][0]['media']['image']['src'])?$attchData['data'][0]['media']['image']['src']:'';
$postData['attach_link'] = !empty($attchData['data'][0]['url'])?$attchData['data'][0]['url']:'';
// Insert post data in the database
$insertPost = $user->insertPost($postData);
}
}
}
}
// Get logout url
$logoutURL = $helper->getLogoutUrl($accessToken, FB_REDIRECT_URL.'logout.php');
// Render Facebook profile data
if(!empty($userData)){
$output = '<h2>Facebook Profile Details</h2>';
$output .= '<div class="ac-data">';
$output .= '<img src="'.$userData['picture'].'"/>';
$output .= '<p><b>Facebook ID:</b> '.$userData['oauth_uid'].'</p>';
$output .= '<p><b>Name:</b> '.$userData['first_name'].' '.$userData['last_name'].'</p>';
$output .= '<p><b>Email:</b> '.$userData['email'].'</p>';
$output .= '<p><b>Gender:</b> '.$userData['gender'].'</p>';
$output .= '<p><b>Logged in with:</b> Facebook'.'</p>';
$output .= '<p><b>Profile Link:</b> <a href="'.$userData['link'].'" target="_blank">Click to visit Facebook page</a></p>';
$output .= '<p><b>Logout from <a href="'.$logoutURL.'">Facebook</a></p>';
$output .= '</div>';
}else{
$output = '<h3 style="color:red">Some problem occurred, please try again.</h3>';
}
}else{
// Get login url
$permissions = ['email']; // Optional permissions
$loginURL = $helper->getLoginUrl(FB_REDIRECT_URL, $permissions);
// Render Facebook login button
$output = '<a href="'.htmlspecialchars($loginURL).'"><img src="images/fb-login-btn.png"></a>';
}
?>
<!DOCTYPE html>
<html lang="en-US">
<head>
<title>Login with Facebook using PHP by CodexWorld</title>
<meta charset="utf-8">
<!-- stylesheet file -->
<link rel="stylesheet" href="css/style.css">
</head>
<body>
<div class="container">
<div class="fb-box">
<!-- Display login button / Facebook profile information -->
<?php echo $output; ?>
</div>
<!-- List user posts -->
<?php
<?php
if(!empty($userID)){
// Fetch posts from the database
$con = array(
'where' => array('user_id' => $userID),
'limit' => FB_POST_LIMIT
);
$posts = $user->getPosts($con);
if(!empty($posts)){
?>
<div class="post-list">
<h2>Facebook Feeds</h2>
<?php foreach($posts as $row){
$image = !empty($row['attach_image'])?'<img src="'.$row['attach_image'].'"/>':'';
$title = (strlen($row['attach_title'])>55)?substr($row['attach_title'],0,55):$row['attach_title'];
$message = (strlen($row['message'])>120)?substr($row['message'],0,110).'...':$row['message'];
?>
<a href="<?php echo $row['attach_link']; ?>" target="_blank">
<div class="pbox">
<div class="img"><?php echo $image; ?></div>
<div class="cont">
<h4><?php echo $title; ?></h4>
<p><?php echo $message; ?></p>
</div>
</div>
</a>
<?php } ?>
</div>
<?php }
} ?>
</div>
</body>
</html>Logoff (logout.php)
The logout.php file is loaded when a user decides to log out of their Facebook account.
Remove the SESSION’s access token and user data.The user will be redirected to the login page.
<?php
// Include configuration file
require_once 'config.php';
// Remove access token from session
unset($_SESSION['facebook_access_token']);
// Remove user data from session
unset($_SESSION['userData']);
// Redirect to the homepage
header("Location:index.php");
?>Note :
If you wish to include a social login option on your website, Facebook authentication is the most secure method of allowing users to log in using their social accounts. This script allows you to improve the Facebook login process. Using PHP SDK and Graph API, a logged-in user can access their timeline posts on the website without having to visit Facebook. In the web application, you may leverage the Facebook posts parser capability for a variety of applications.