Issue
When i call my fb-app with a GET request, like "?app_data=1", the variable is in the signed request. Ok, so far. But, when i click to another link in my fb-app, the app_data is still in the signed request. My application reactes on it, but i don't need it again.
How can i remove the app_data in the signed request? Has anyone a suggestion for this problem?
I use the PHP and JS SDK.
$aSignedRequest = $_REQUEST['signed_request'];
if(isset($aSignedRequest))
{
$sSignedRequest = $aSignedRequest['signed_request'];
list($sEncodedSig, $sPayload) = explode('.', $sSignedRequest, 2);
// decode the data
$aData = json_decode(base64_decode(strtr($sPayload, '-_', '+/')), true);
$iContestId = $aData['app_data'];
}
Solution
Here is the solution:
unset($aData['app_data']);
$sData = json_encode($aData);
$sPayload = base64_encode($sData);
$sEncodedSig = hash_hmac('sha256', $sPayload, '<<fb app-secret>>', $raw = true);
$sSignedRequest = base64_encode($sEncodedSig).'.'.$sPayload;
$_REQUEST['signed_request'] = $sSignedRequest;
Answered By - Andreas Lindner
Posts
0 Comments:
Post a Comment
Note: Only a member of this blog may post a comment.