This tutorial is for advanced facebook app developer. If you’re beginner than first learn about developing facebook application. Normally if you see iframe base or fbconnect base facebook application development using php sdk you’ll notice some authentication code.
In the example they will run that authentication code each time before page load. But if you look carefully you’ll notice that, the authentication code of php will take extra time to load the iframe base application. Now I’m going to describe how we solved such problem.
For example see the official documentation The authentication part of this code is:
$session = $facebook->getSession();
$me = null;
// Session based API call.
if ($session) {
try {
$uid = $facebook->getUser();
$me = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
}
}
// login or logout url will be needed depending on current user state.
if ($me) {
$logoutUrl = $facebook->getLogoutUrl();
} else {
$loginUrl = $facebook->getLoginUrl();
}
Normally you may think to include this part in all pages of your application.
- But do you really need this?
- Could we make any optimization here?
Yeap, we need this, coz we want to detect whether user is logged in facebook or not and whether user approved our application or not. But in a recent project I found each page of our application loads little slow. Because of these:
$facebook = new Facebook(array(
'appId' => '254752073152',
'secret' => '904270b68a2cc3d54485323652da4d14',
'cookie' => true,
));
$session = $facebook->getSession();
if ($session) {
try {
$uid = $facebook->getUser();
$me = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
}
}
Each time we call a facebook api via $facebook->api(‘/me’), and it takes sometimes 2~4 seconds to get the data. But we really not need this to call each time if we know user’s session is valid. But in the official document they said, if an api successfully called then it means we have a valid user’s session.
// We may or may not have this data based on a $_GET or $_COOKIE based session.
//
// If we get a session here, it means we found a correctly signed session using
// the Application Secret only Facebook and the Application know. We dont know
// if it is still valid until we make an API call using the session. A session
// can become invalid if it has already expired (should not be getting the
// session back in this case) or if the user logged out of Facebook.
$session = $facebook->getSession();
$me = null;
// Session based API call.
if ($session) {
try {
$uid = $facebook->getUser();
$me = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
}
}
But I created a technique by using that you could be sure that user has a valid session.
$facebook = new Facebook(array(
'appId' => '254752073152',
'secret' => '904270b68a2cc3d54485323652da4d14',
'cookie' => true,
));
/*-------- MY Optimization Techqnique Start -------*/
if (isset($_REQUEST['session'])) {
$session = json_decode($_REQUEST['session']);
$uid = $session->uid;
return;
}
/*-------- My Optimization Technique End ---------*/
$session = $facebook->getSession();
//if here comes that means user hasn't a valid session
$loginUrl = $facebook->getLoginUrl(
array(
'canvas' => 1,
'fbconnect' => 0,
'req_perms' => 'email,publish_stream, offline_access,sms, user_location'
)
);
if (!$session) {
echo "<script type='text/javascript'>top.location.href = '$loginUrl';</script>";
exit;
}
else {
try {
$uid = $facebook->getUser();
$fbme = $facebook->api('/me');
} catch (FacebookApiException $e) {
echo "<script type='text/javascript'>top.location.href = '$loginUrl';</script>";
exit;
}
}
So look at the if logic if (isset($_REQUEST['session'])) If you print_r($_REQUEST), you’ll see each time facebook will send a $_REQUEST['session'] if user has a valid session. And this session object is a JSON encoded string. If user’s session is not valid, or user isn’t approved your application then when first time user visits your application facebook will not send this $_REQUEST['session'] object. So the above code will continue the normal procedure, but when the above code finds a session object then it just created a facebook object, and retrieve the user uid and return so that we skipped any additional facebook api calls.
The above solution makes our project to load faster. The project I am working is a NDA project otherwise I would mention the url.
Hope this technique help you. By the way, I haven’t mentioned any caching or optimization techniques here because those are separate issue to make application loads faster. I only mentioned here how to load iframe app faster bypassing facebook api call.
