Facebook Application Flash Game Security Error

puratugezgin · June 13, 2012, 12:38am

hi everyone
I am trying to create a facebook application. Basically I have a flash game that I am using as an application, Below is the code so far. The game is working but I get a security warning saying
Protect Your Information
You’re already using https to browse Facebook more securely, but some content may still not be 100% secure. Turn on secure browsing to increase your account protection and avoid getting security warnings.

I guess this one has started after adding the accept application auth Dialog pop up. Sorry this is my first time creating a facebook application
I would appreciate any help

[php]

<?php require 'facebook.php'; $appid = ''; $app_secret = ''; $use_cookie = true; // Create our Application instance (replace this with your appId and secret). $facebook = new Facebook(array( 'appId' => $appid, 'secret' => $app_secret, 'cookie' => $use_cookie )); // Get User ID $user = $facebook->getUser(); // We may or may not have this data based on whether the user is logged in. // // If we have a $user id here, it means we know the user is logged into // Facebook, but we don't know if the access token is valid. An access // token is invalid if the user logged out of Facebook. if(!$user) { $url = $facebook->getLoginUrl(array('redirect_uri' => '')); echo ''; } /* if ($user) { try { // Proceed knowing you have a logged in user who's authenticated. $user_profile = $facebook->api('/me'); } catch (FacebookApiException $e) { error_log($e); $user = null; } } */ ?> Game Title

<div id="fb-root">
<?php 
	$signed_request = $facebook->getSignedRequest();

	// Return you the Page like status
	$liked_status = $signed_request["page"]["liked"];
	
	if(!$like_status){
	   //User do not Liked the page
	   //do nothing 		
	}else{
	 //User liked the page
?>		   
	    <div class="not-liked">
			<div class="clear"></div>
			<div class="fb-like" data-send="true" data-width="600" data-show-faces="false"></div>
		</div>
<?php 
	}
?>


	<div id="console_container">
		<div id="leaderboard">
		</div>
         <div class="fbgameBnr"></div>
		<div id="menu_bar" style="visibility: visible;">
			<a id="btn_like_us" href="Games Link" target="_blank" class="menu_button"></a>
			<a id="btn_invite_friends" href="javascript:invitePopup()" class="menu_button"></a>
			<a id="btn_share" href="javascript:sharePopup()" class="menu_button"></a>
			<a id="btn_more_games" href="Games Link" target="_blank" class="menu_button"></a>
			<div class="nliked">
			<div class="fb-like" data-send="false" data-layout="button_count" data-width="120" data-show-faces="false"></div>
		</div>
			</div>			

		<div>
		<?php if ($user) { ?>
       
			<div id="game_container">
				<object type="application/x-shockwave-flash" data="preview.swf" 
					width="100%" height="100%" id="flashContent" style="visibility: visible; ">
					<param name="salign" value="tl">
					<param name="menu" value="false">
					<param name="wmode" value="opaque">
					<param name="scale" value="showall">
					<param name="allowFullscreen" value="true">
					<param name="allowScriptAccess" value="always">
					<param name="bgcolor" value="#FFFFFF">
				</object>			
			</div>
            <div class="clear"></div>
   
		<?php } else { ?>
	<script>

var oauth_url = ‘https://www.facebook.com/dialog/oauth/’;
oauth_url += ‘?client_id=’;
oauth_url += ‘&redirect_uri=’ + encodeURIComponent(’’);
oauth_url += ‘&scope=user_status’

window.top.location = oauth_url;

		<?php } ?>     
		<div class="fbgameBnr2"></div>
		
		</div>		
	</div>
</div>

<script type="text/javascript">
	window.fbAsyncInit = function() {
        FB.init({
            appId      : '',
            status     : true, 
            cookie     : true,
            xfbml      : true
        });
    };
    (function(d){
        var js, id = 'facebook-jssdk'; if (d.getElementById(id)) {return;}
        js = d.createElement('script'); js.id = id; js.async = true;
        js.src = "//connect.facebook.net/en_US/all.js";
        d.getElementsByTagName('head')[0].appendChild(js);
    }(document));
	function checkLogin(callback) {
	
      
		FB.getLoginStatus(function (response) {
	        if (response && response.status == 'connected') {
	            // logged in and connected user, someone you know
	            if (callback)
	            	callback();
	        } else {
	            // no user session available, someone you dont know
	
	            // try to login
	            FB.login(function (response) {
	
	                if (response && response.status == 'connected') {
	                    if (response.perms) {
	                        // user is logged in and granted some permissions.
	                        // perms is a comma separated list of granted permissions
								 
	                    } else {
	                        // user is logged in, but did not grant any permissions
	                    }
	
	                    if (callback)
	            			callback();
	
	                } else {
	                    // user is not logged in
	                    alert('Sorry, you are not logged in. Please try again.');
	                }
	            });
	
	        }
	    });
	}
	function sharePopup(){
		checkLogin(show_share);
	}
	function show_share(){
		FB.ui({
          method: 'feed',
          name: 'Description Content',
          link: '',
        });
	}
	function invitePopup(){
	    checkLogin(show_invite);
	}	
	function show_invite(){
		sendRequestViaMultiFriendSelector();
	}
	function sendRequestViaMultiFriendSelector() {
		FB.ui({method: 'apprequests',
			message: 'Game Request'
		}, requestCallback);
	}
      
	function requestCallback(response) {
	// Handle callback here
	}


</script>

[/php]

EvilSupahFly · June 13, 2012, 10:31am

Normally Facebook gives you that message if you have not enabled Secure Browsing in your profile options. That’s Facebook itself, not the game.

But I could be wrong… anybody else care to verify?

puratugezgin · June 13, 2012, 11:16am

Do you think the way I coded correct ? Sorry I am a noob

RaythXC · June 13, 2012, 11:51am

I’ve never got that from facebook login system, though I’m only getting users to verify my app and get information for register/login.

puratugezgin · June 13, 2012, 12:01pm

I think the problem is this part, not sure though
[php]

[/php]

EvilSupahFly · June 13, 2012, 11:01pm

Try making the https just http.

puratugezgin · June 14, 2012, 6:56am

Doesn t make any difference, would it be the place I put the oath script ?

sajan · June 19, 2012, 5:43am

That error message appears when you have http links on your site. Just change to https wherever you see http.

xmlns:fb=“https://www.facebook.com/2008/fbml”>

puratugezgin · June 19, 2012, 5:46am

I see,
I ll try that thank you

aztech4mac · June 19, 2012, 5:56am

your not supplying an id in your query sting…

[php]oauth_url += ‘?client_id=’;[/php]

puratugezgin · June 19, 2012, 5:58am

I ve put app Id there

aztech4mac · June 20, 2012, 5:15am

and…

puratugezgin · June 20, 2012, 6:29am

I am still getting insecure content warning. Is there a facebook game application creation tutorial somewhere? Maybe I could use that as a reference

sajan · June 20, 2012, 8:54am

I got a link, without reading I’m just passing that to you. Sorry if it didn’t help:
http://www.scirra.com/tutorials/58/how-to-make-a-facebook-game/page-1

puratugezgin · June 21, 2012, 6:28pm

Now facebook like button stopped working, does anyody have an idea why it wouldn t work ?
Thanks in advance

RaythXC · June 21, 2012, 6:36pm

tbh you’re best bet is the fb developers site.

aztech4mac · June 21, 2012, 6:39pm

Brilliant! that should have been the first reply to this thread…

RaythXC · June 21, 2012, 6:41pm

Good to know you’re immature enough to use sarcasm. Since FB has its own FBML language, as well as it’s own SDK this is the best chance of support. https://developers.facebook.com/support/

aztech4mac · June 21, 2012, 8:05pm

Huh, that wasn’t sarcasm dude. You provided the best possible advice to the gentleman. I’m only sorry I did come up with it…