Sometimes, the need arises to have a facebook app that will be reused across several pages. Those pages may or may not be related in some way, but the content or functionality of the app should carry across them. It MAY seem easier to just create a new copy of the app for each page, but that's going to be a nightmare to maintain if you're delivering anything more than a tiny chunk of content.
To get around this, you can create a single app that is called by as many pages as you want. This single app will leverage the "signed request" that facebook passes to all apps. There's a lot of useful data in the signed request, like whether or not the user has liked the page (I referenced this in an earlier post about reveal pages). For this example, I'm only interested in parsing the request and getting the page id, and then using this to determine what to display.
Here is the code that runs the core of the app:
<?php
// FIRST, A COUPLE OF FUNCTIONS BORROWED FROM ELSEWHERE ON THE INTERNETS TO PROCESS FB'S SIGNED REQUEST.
$mySecret = "<app secret id from the facebook app information page>";
function parse_signed_request($signed_request, $secret) {
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
// decode the data
$sig = base64_url_decode($encoded_sig);
$data = json_decode(base64_url_decode($payload), true);
if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
error_log('Unknown algorithm. Expected HMAC-SHA256');
return null;
}
// check sig
$expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
if ($sig !== $expected_sig) {
error_log('Bad Signed JSON signature!');
return null;
}
return $data;
}
function base64_url_decode($input) {
return base64_decode(strtr($input, '-_', '+/'));
}
?>
<?php
// THIS SECTION OF CODE IS USED TO OUTPUT THE PAGE ID OF THE REQUESTING PAGE IN AN HTML COMMENT.
// GENERALLY, I JUST ADD THE APP TO THE PAGE, VIEW THE SOURCE ON THE APP FRAME, AND GRAB THE VALUE. THIS HELPS TO ENSURE THAT THE SIGNED REQUEST IS BEING
// RECEIVED AND PROCESSED CORRECTLY.
// ALTERNATIVELY, YOU CAN JUST GRAB THE PAGE ID FROM THE EDIT LINK http://www.facebook.com/pages/edit/?id=XXXXXXXXXXXXX&sk=basic
echo "<!-- ";
$request = parse_signed_request($_REQUEST['signed_request'], $mySecret);
$requestPageId = $request['page']['id'];
echo $requestPageId;
echo " -->";
?>
<?php
switch ($requestPageId) {
case "< page-id-XXXXXXXX >" : ?>
<html>
This is the content you want to display for the given page ID.
</html>
<?php break;
default : ?>
<html>
This is the default content if the above page id isn't found.
</html>
<?php break;
}
?>
The only variable we need is the app secret from facebook. This allows you to parse out the signed request and collect the variables we need. Then we just run it through a switch and display the correct version of the app for the given page.
One could theoretically build a CMS to support this by storing page ids in a database, and querying them at the time of the request. You could also set something up like drupal and have the url for a certain content type include a reference to the requesting page (i.e. - http://www.squared-s.com/fb-app/XXXXXXXXXXXXX where XXXXX is the page-id). Then you'd just need to create a custom template that would display only the contents of the page, and you could allow authorized users to create content with varying levels of html included.
You could ALSO (and I think I've seen people do this...) have a single app to drive all of your other facebook apps... where some user on facebook can visit a primary "administrative" app, enter their page id or paste a link to their page (and the code would scrape their page id), and then in a second field, you can have them enter the code for their page. Then, when they add your app to their page, the above processing will occur, and your database can match up the stored page id with the code they entered, and display it as their own custom app. I'm almost positive I've seen apps that do this.
Anyway, thought it would be useful to store.
